urlscan.io logo urlscan.io
SecurityTrails logo

threatpost.com Open in urlscan Pro
35.173.160.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119///
Effective URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Submission: On December 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 13 countries across 102 domains to perform 643 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.
This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 35.173.160.135 14618 (AMAZON-AES)
11 18.66.139.110 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:7::... 13335 (CLOUDFLAR...)
20 2600:9000:225... 16509 (AMAZON-02)
11 2600:9000:236... 16509 (AMAZON-02)
3 11 2a00:1450:400... 15169 (GOOGLE)
6 18.66.109.174 16509 (AMAZON-02)
1 6 151.101.66.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
15 18.220.25.210 16509 (AMAZON-02)
30 172.217.16.130 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 64.140.160.2 18450 (WEBNX)
12 151.101.2.137 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
4 6 2620:116:800d... 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 51.89.20.86 16276 (OVH)
3 52.29.20.215 16509 (AMAZON-02)
1 3 216.52.2.19 29791 (VOXEL-DOT...)
9 52.211.199.54 16509 (AMAZON-02)
3 8 134.209.131.220 14061 (DIGITALOC...)
1 4 147.75.61.140 54825 (PACKET)
3 18.156.195.47 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 213.19.147.42 26120 (RHYTHMONE)
3 19 37.252.172.45 29990 (ASN-APPNEX)
1 18 34.98.64.218 15169 (GOOGLE)
5 185.64.189.112 62713 (AS-PUBMATIC)
5 23.37.38.181 16625 (AKAMAI-AS)
4 2602:803:c004... 26667 (RUBICONPR...)
1 52.59.85.35 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 3.69.225.48 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 37.252.161.190 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
2 6 37.252.172.38 29990 (ASN-APPNEX)
14 2.18.233.180 16625 (AKAMAI-AS)
5 22 15.197.193.217 16509 (AMAZON-02)
49 18.66.112.80 16509 (AMAZON-02)
1 5 198.47.127.19 62713 (AS-PUBMATIC)
4 142.250.185.198 15169 (GOOGLE)
6 34.254.31.103 16509 (AMAZON-02)
3 34.102.128.115 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 6 37.157.6.253 198622 (ADFORM)
2 2 213.155.156.168 1299 (TWELVE99 ...)
13 185.64.190.80 62713 (AS-PUBMATIC)
2 3 178.250.0.163 44788 (ASN-CRITE...)
13 25 142.250.186.130 15169 (GOOGLE)
6 6 185.29.132.245 30419 (MEDIAMATH...)
3 185.64.190.81 62713 (AS-PUBMATIC)
1 159.122.14.34 36351 (SOFTLAYER)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2.18.232.130 16625 (AKAMAI-AS)
15 2a00:1450:400... 15169 (GOOGLE)
1 52.42.52.156 16509 (AMAZON-02)
5 27 2.18.234.21 16625 (AKAMAI-AS)
6 8 151.101.2.49 54113 (FASTLY)
5 5 52.59.53.221 16509 (AMAZON-02)
5 9 3.126.56.137 16509 (AMAZON-02)
6 37.252.167.214 29990 (ASN-APPNEX)
6 2600:9000:223... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 54.236.81.149 14618 (AMAZON-AES)
3 6 209.54.177.54 16509 (AMAZON-02)
2 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 199.38.167.129 54312 (ROCKETFUEL)
1 54.81.254.118 14618 (AMAZON-AES)
1 72.251.241.196 29791 (VOXEL-DOT...)
2 8 99.80.242.238 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.98 15169 (GOOGLE)
8 3.230.205.140 14618 (AMAZON-AES)
2 8 23.37.42.132 16625 (AKAMAI-AS)
2 7 76.223.111.18 16509 (AMAZON-02)
1 2620:1ec:bdf::60 8068 (MICROSOFT...)
1 205.185.216.42 20446 (HIGHWINDS3)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
9 10 18.185.142.87 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 64.74.236.159 22075 (AS-OUTBRAIN)
1 2 37.252.173.27 29990 (ASN-APPNEX)
1 34.248.11.216 16509 (AMAZON-02)
2 51.178.20.140 16276 (OVH)
1 17 54.194.104.251 16509 (AMAZON-02)
2 67.202.105.22 32748 (STEADFAST)
1 51.89.9.253 16276 (OVH)
2 185.86.137.107 201081 (SMARTADSE...)
1 2 216.52.2.39 29791 (VOXEL-DOT...)
6 6 213.19.147.45 26120 (RHYTHMONE)
1 54.146.124.230 14618 (AMAZON-AES)
3 178.162.133.149 60781 (LEASEWEB-...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 213.32.46.11 16276 (OVH)
3 185.86.138.114 201081 (SMARTADSE...)
2 2 35.210.178.101 19527 (GOOGLE-2)
1 35.244.174.68 15169 (GOOGLE)
2 18.195.155.181 16509 (AMAZON-02)
1 178.162.133.148 60781 (LEASEWEB-...)
2 2 34.194.166.233 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
4 4 69.173.144.138 26667 (RUBICONPR...)
4 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 8.43.72.98 26667 (RUBICONPR...)
1 1 188.34.190.35 24940 (HETZNER-AS)
3 4 70.42.32.63 13789 (INTERNAP-...)
1 1 54.87.192.123 14618 (AMAZON-AES)
1 1 54.210.154.62 14618 (AMAZON-AES)
1 193.122.174.27 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 104.111.215.191 16625 (AKAMAI-AS)
2 2 54.246.208.198 16509 (AMAZON-02)
1 1 146.0.227.110 20773 (GODADDY)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 202.241.208.53 4694 (IDCF IDC ...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 35.227.208.19 ()
1 35.201.81.244 ()
1 1 52.57.134.242 ()
2 2a00:1450:400... ()
643 125
18    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
threatpost.com
kasperskycontenthub.com
11    18.66.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-110.fra60.r.cloudfront.net
tagan.adlightning.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2606:4700:7::a29f:8a55 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
20    2600:9000:2250:200:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.threatpost.com
11    2600:9000:236e:8200:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.threatpost.com
11    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net
c.amazon-adsystem.com
6    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    18.220.25.210 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-25-210.us-east-2.compute.amazonaws.com
capi.connatix.com
30    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
www.googletagservices.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
12    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
lit.connatix.com
vid.connatix.com
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2606:4700:3039::6815:c096 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p18.id5-sync.com
id5-sync.com
3    52.29.20.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
9    52.211.199.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
ads.servenobid.com
8    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
sync.serverbid.com
4    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
19    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
18    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
teachingaids-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
gift-connect-d.openx.net
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.59.85.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-85-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2600:9000:223c:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    3.69.225.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-225-48.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
8    37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
24    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
14    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
22    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
49    18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net
math-aids-threatpost-tagan.adlightning.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
6    34.254.31.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
3    34.102.128.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.128.102.34.bc.googleusercontent.com
g.algbid.app
10    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
25    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
ade.googlesyndication.com
6    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2606:4700:20::ac43:4abf (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.rtbrain.app
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs-simple.com
acdn.adnxs.com
15    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    52.42.52.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-52-156.us-west-2.compute.amazonaws.com
id.sharedid.org
27    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.59.53.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-53-221.eu-central-1.compute.amazonaws.com
pixel.advertising.com
9    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    37.252.167.214 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: 57.ratbait.prod.ams1.adnexus.net
rb.adnxs-simple.com
6    2600:9000:223f:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    54.236.81.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-81-149.compute-1.amazonaws.com
a.audrte.com
6    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    54.81.254.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-254-118.compute-1.amazonaws.com
rtb.adentifi.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
8    99.80.242.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:19::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednds.c.2mdn.net
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads4.g.doubleclick.net
8    3.230.205.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-205-140.compute-1.amazonaws.com
dt.adsafeprotected.com
8    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2620:1ec:bdf::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
10    18.185.142.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    64.74.236.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    34.248.11.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-11-216.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
17    54.194.104.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
6    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    54.146.124.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-124-230.compute-1.amazonaws.com
jadserve.postrelease.com
3    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2606:4700:3039::6815:c084 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    213.32.46.11 (France)

ASN16276 (OVH, FR)
PTR: ip11.ip-213-32-46.eu
cookie-matching.mediarithmics.com
3    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    178.162.133.148 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com
go.sonobi.com
2    34.194.166.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-166-233.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4602:2c20:3113:5c28:1366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    188.34.190.35 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.35.190.34.188.clients.your-server.de
bidswitch-eu.splicky.com
4    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.210.154.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-154-62.compute-1.amazonaws.com
sync.ipredictive.com
1    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    54.246.208.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-198.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    202.241.208.53 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    35.227.208.19 (None, )

ASN- ()
cr.frontend.weborama.fr
1    35.201.81.244 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    52.57.134.242 (None, )

ASN- ()
sonata-notifications.taptapnetworks.com
2    2a00:1450:4001:3c::7 (None, )

ASN- ()
r2---sn-4g5e6nzl.c.2mdn.net
Apex Domain
Subdomains		 Transfer
60 adlightning.com
tagan.adlightning.com
math-aids-threatpost-tagan.adlightning.com
285 KB
56 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
249 KB
47 threatpost.com
threatpost.com
assets.threatpost.com
media.threatpost.com
917 KB
44 googlesyndication.com
pagead2.googlesyndication.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
266 KB
41 pubmatic.com
hbopenbid.pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
simage4.pubmatic.com
174 KB
40 adnxs.com
ib.adnxs.com
prebid.adnxs.com
fra1-ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
153 KB
33 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
lit.connatix.com
vid.connatix.com
img.connatix.com
2 MB
28 adsafeprotected.com
unified.adsafeprotected.com
static.adsafeprotected.com
pixel.adsafeprotected.com
dt.adsafeprotected.com
293 KB
26 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
26 KB
24 google.com
www.google.com
adservice.google.com
4 KB
22 adsrvr.org
insight.adsrvr.org
match.adsrvr.org
79 KB
21 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
41 KB
18 openx.net
teachingaids-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
gift-connect-d.openx.net
3 KB
18 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
8 KB
17 gumgum.com
g2.gumgum.com
rtb.gumgum.com
6 KB
15 ampproject.org
cdn.ampproject.org
306 KB
14 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
713 KB
13 1rx.io
tag.1rx.io
sync.1rx.io
4 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
609 KB
12 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
45 KB
10 bidswitch.net
x.bidswitch.net
5 KB
10 servenobid.com
ads.servenobid.com
public.servenobid.com
7 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
8 adnxs-simple.com
acdn.adnxs-simple.com
rb.adnxs-simple.com
88 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 serverbid.com
e.serverbid.com
sync.serverbid.com
1 KB
7 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
7 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
3 KB
7 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r2---sn-4g5ednds.c.2mdn.net
r2---sn-4g5e6nzl.c.2mdn.net
18 KB
7 admetricspro.com
qd.admetricspro.com
324 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 adform.net
c1.adform.net
3 KB
6 quantserve.com
secure.quantserve.com
pixel.quantserve.com
12 KB
5 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2 KB
5 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
5 googletagservices.com
www.googletagservices.com
173 KB
4 outbrain.com
sync.outbrain.com
2 KB
4 sonobi.com
sync.go.sonobi.com
go.sonobi.com
2 KB
4 google.de
adservice.google.de
www.google.de
2 KB
4 a-mo.net
prebid.a-mo.net
505 B
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
722 B
3 liadm.com
i.liadm.com
i6.liadm.com
2 KB
3 owneriq.net
px.owneriq.net
1 KB
3 zemanta.com
b1sync.zemanta.com
2 KB
3 dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
476 B
3 algbid.app
g.algbid.app
3 sharethrough.com
btlr.sharethrough.com
337 B
3 4dex.io
script.4dex.io
mp.4dex.io
24 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 id5-sync.com
cdn.id5-sync.com
id5-sync.com
11 KB
2 creativecdn.com
creativecdn.com
695 B
2 360yield.com
ad.360yield.com
618 B
2 emxdgt.com
cs.emxdgt.com
2 volvelle.tech
a.volvelle.tech
1 KB
2 turn.com
ad.turn.com
943 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
942 B
2 33across.com
pixel.33across.com
ssc-cms.33across.com
2 dyntrk.com
gu.dyntrk.com
430 B
2 rfihub.com
p.rfihub.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
636 B
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 kasperskycontenthub.com
kasperskycontenthub.com
1 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
322 B
1 socdm.com
tg.socdm.com
691 B
1 contextweb.com
bh.contextweb.com
383 B
1 admixer.net
inv-nets.admixer.net
586 B
1 bluekai.com
stags.bluekai.com
1 KB
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
614 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 rlcdn.com
id.rlcdn.com
1 mediarithmics.com
cookie-matching.mediarithmics.com
85 B
1 ad4m.at
ad4m.at
1 postrelease.com
jadserve.postrelease.com
427 B
1 onetag-sys.com
onetag-sys.com
814 B
1 bidr.io
match.prod.bidr.io
430 B
1 bing.com
c.bing.com
592 B
1 linkedin.com
px.ads.linkedin.com
705 B
1 mrtnsvr.com
ad.mrtnsvr.com
217 B
1 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 KB
1 adgrx.com
cm.adgrx.com
408 B
1 adentifi.com
rtb.adentifi.com
88 B
1 bttrack.com
bttrack.com
380 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 sharedid.org
id.sharedid.org
213 B
1 rtbrain.app
cdn.rtbrain.app
2 KB
1 simpli.fi
um.simpli.fi
618 B
1 t.co
t.co
470 B
1 twitter.com
analytics.twitter.com
675 B
1 quantcount.com
rules.quantcount.com
345 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 ipify.org
geo.ipify.org
676 B
1 googletagmanager.com
www.googletagmanager.com
59 KB
0 onaudience.com Failed
pixel.onaudience.com Failed
643 102
Domain Requested by
49 math-aids-threatpost-tagan.adlightning.com tagan.adlightning.com
24 tpc.googlesyndication.com tagan.adlightning.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
threatpost.com
20 assets.threatpost.com threatpost.com
assets.threatpost.com
19 cm.g.doubleclick.net 13 redirects u.openx.net
eb2.3lift.com
g2.gumgum.com
19 ib.adnxs.com 3 redirects qd.admetricspro.com
cds.connatix.com
acdn.adnxs.com
ssum-sec.casalemedia.com
16 rtb.gumgum.com 1 redirects g2.gumgum.com
16 securepubads.g.doubleclick.net www.googletagservices.com
tagan.adlightning.com
securepubads.g.doubleclick.net
threatpost.com
16 threatpost.com 1 redirects threatpost.com
15 cdn.ampproject.org threatpost.com
15 capi.connatix.com cd.connatix.com
13 adservice.google.com imasdk.googleapis.com
tagan.adlightning.com
12 match.adsrvr.org 5 redirects u.openx.net
ssum-sec.casalemedia.com
eb2.3lift.com
11 vid.connatix.com cd.connatix.com
11 www.google.com 3 redirects threatpost.com
tagan.adlightning.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
11 media.threatpost.com threatpost.com
11 tagan.adlightning.com threatpost.com
tagan.adlightning.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
10 x.bidswitch.net 9 redirects eb2.3lift.com
10 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
10 fonts.googleapis.com ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
threatpost.com
10 insight.adsrvr.org vpaid.pubmatic.com
acdn.adnxs-simple.com
10 pubads.g.doubleclick.net imasdk.googleapis.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
9 ups.analytics.yahoo.com 5 redirects ssum-sec.casalemedia.com
9 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 tag.1rx.io qd.admetricspro.com
cds.connatix.com
9 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
8 dt.adsafeprotected.com
8 pixel.adsafeprotected.com 2 redirects static.adsafeprotected.com
pixel.adsafeprotected.com
8 sync-tm.everesttech.net 6 redirects ssum-sec.casalemedia.com
8 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
cds.connatix.com
qd.admetricspro.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
g2.gumgum.com
8 prebid.adnxs.com cds.connatix.com
cd.connatix.com
7 eb2.3lift.com 2 redirects qd.admetricspro.com
eb2.3lift.com
7 fonts.gstatic.com fonts.googleapis.com
7 simage2.pubmatic.com ads.pubmatic.com
7 e.serverbid.com 2 redirects qd.admetricspro.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
7 qd.admetricspro.com threatpost.com
qd.admetricspro.com
6 eus.rubiconproject.com qd.admetricspro.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
g2.gumgum.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eb2.3lift.com
6 static.adsafeprotected.com acdn.adnxs-simple.com
threatpost.com
6 rb.adnxs-simple.com acdn.adnxs-simple.com
6 js-sec.indexww.com cds.connatix.com
ssum-sec.casalemedia.com
qd.admetricspro.com
6 ade.googlesyndication.com
6 sync.mathtag.com 6 redirects
6 image2.pubmatic.com ads.pubmatic.com
6 c1.adform.net 4 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
6 unified.adsafeprotected.com vpaid.pubmatic.com
acdn.adnxs-simple.com
6 fra1-ib.adnxs.com 2 redirects
6 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 us-u.openx.net 1 redirects u.openx.net
5 pixel.advertising.com 5 redirects
5 acdn.adnxs.com cds.connatix.com
acdn.adnxs-simple.com
qd.admetricspro.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 pixel.quantserve.com 4 redirects threatpost.com
5 ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
5 htlb.casalemedia.com qd.admetricspro.com
cds.connatix.com
5 hbopenbid.pubmatic.com qd.admetricspro.com
cds.connatix.com
5 teachingaids-d.openx.net qd.admetricspro.com
cds.connatix.com
5 www.gstatic.com www.google.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
5 www.googletagservices.com threatpost.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 pixel.rubiconproject.com g2.gumgum.com
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects
4 eu-u.openx.net u.openx.net
4 googleads.g.doubleclick.net ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
threatpost.com
4 aktrack.pubmatic.com
4 ad.doubleclick.net vpaid.pubmatic.com
acdn.adnxs-simple.com
4 fastlane.rubiconproject.com qd.admetricspro.com
4 prebid.a-mo.net 1 redirects qd.admetricspro.com
cds.connatix.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 sync.go.sonobi.com public.servenobid.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3 b1sync.zemanta.com 3 redirects
3 u.openx.net cds.connatix.com
qd.admetricspro.com
3 dis.criteo.com 2 redirects ads.pubmatic.com
3 g.algbid.app threatpost.com
3 adservice.google.de tagan.adlightning.com
3 c2shb.ssp.yahoo.com qd.admetricspro.com
3 ap.lijit.com 1 redirects qd.admetricspro.com
3 btlr.sharethrough.com qd.admetricspro.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
threatpost.com
3 cds.connatix.com threatpost.com
cd.connatix.com
2 r2---sn-4g5e6nzl.c.2mdn.net
2 cr.frontend.weborama.fr 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 i.liadm.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 cs.emxdgt.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
g2.gumgum.com
2 a.volvelle.tech 2 redirects
2 ad.turn.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ce.lijit.com 1 redirects public.servenobid.com
2 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
2 gu.dyntrk.com ssum-sec.casalemedia.com
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 googleads4.g.doubleclick.net
2 r2---sn-4g5ednds.c.2mdn.net
2 gcdn.2mdn.net 2 redirects
2 p.rfihub.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 acdn.adnxs-simple.com cd.connatix.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 vpaid.pubmatic.com cd.connatix.com
2 ads.adaptv.advertising.com cds.connatix.com
2 mug.criteo.com threatpost.com
2 gum.criteo.com 1 redirects
2 id5-sync.com qd.admetricspro.com
cdn.id5-sync.com
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 img.connatix.com threatpost.com
2 kasperskycontenthub.com threatpost.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 ssc-cms.33across.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 pixel-us-east.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 ads.yahoo.com
1 i6.liadm.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 gift-connect-d.openx.net serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 id.rlcdn.com
1 cookie-matching.mediarithmics.com ssbsync.smartadserver.com
1 ad4m.at ssum-sec.casalemedia.com
1 jadserve.postrelease.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 serverbid-sync.nyc3.cdn.digitaloceanspaces.com qd.admetricspro.com
1 sync.serverbid.com 1 redirects
1 public.servenobid.com qd.admetricspro.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 id.sharedid.org cds.connatix.com
1 cdn.rtbrain.app ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
1 um.simpli.fi ads.pubmatic.com
1 www.google.de threatpost.com
1 stats.g.doubleclick.net www.google-analytics.com
1 t.co threatpost.com
1 analytics.twitter.com tagan.adlightning.com
1 s0.2mdn.net imasdk.googleapis.com
1 rules.quantcount.com secure.quantserve.com
1 tlx.3lift.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 lit.connatix.com cd.connatix.com
1 geo.ipify.org qd.admetricspro.com
1 www.googletagmanager.com threatpost.com
1 cd.connatix.com 1 redirects
0 pixel.onaudience.com Failed ads.pubmatic.com
643 178
Subject Issuer Validity Valid
threatpost.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
assets.threatpost.com
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
media.threatpost.com
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
kasperskycontenthub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
e.serverbid.com
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.a-mo.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
g.algbid.app
GTS CA 1D4		 2021-10-24 -
2022-01-22		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
rtbrain.app
Cloudflare Inc ECC CA-3		 2021-01-18 -
2022-01-17		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.adnxs-simple.com
GeoTrust RSA CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-11-09 -
2022-01-18		 2 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.mediarithmics.com
Gandi Standard SSL CA 2		 2021-02-17 -
2022-03-01		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 78 frames:

Primary Page: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Frame ID: 9B72B803353EB272E4C8A6051E5DB3DF
Requests: 200 HTTP requests in this frame

Frame: https://cds.connatix.com/p/143023/connatix.player.dc.js
Frame ID: EC904FCABC7963A9F7580436F3F3185F
Requests: 46 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Frame ID: E6C4C4CEF5A998579C8EB82CB5134006
Requests: 38 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 71BC21E2CBE96730296E1B8132E045C3
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 50C15AF83F0F5AB816DBC089C02A8583
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: E2AE9A0EAA4FE8F3D2FB10078A113193
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D490D626EA8AABBE198009D0C79878AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 919C82F1151AEFEEE4F54942EC4293C5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9B157AC06A65E64589C45BFD4BFC3D52
Requests: 1 HTTP requests in this frame

Frame: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E94EA790EAD05CD8ADAFBB99E7A2334
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=6D2041BA-21B7-4482-901B-BBA9DFBE9031&adServerId=243&campaignId=22918&crID=kiaorikp&ucrid=6183026436333780262
Frame ID: 3F81692F3B61324EC4D131C09733BB3D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C00CF6A44A37B7C708970CE70D2AE205
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACE36B4C4286F768B07DF0412A45B2CE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 94A8C4C9833652307F2EA069CC4F1A24
Requests: 9 HTTP requests in this frame

Frame: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 74EADA380D136E51CDDD4C29F5080FCF
Requests: 17 HTTP requests in this frame

Frame: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 883F807AD4DA37A5F1E1D3BC6E65A139
Requests: 9 HTTP requests in this frame

Frame: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 093F5F68C632DD19832AE69D698B790A
Requests: 9 HTTP requests in this frame

Frame: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCB5A3DE796C1F16D9C6BE0FE622FE4B
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
Frame ID: 47982F78FFA54AB273E325D915B5AD5A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8335500312919157432
Frame ID: 35D46E9E98494374FB6DBB1CDDE6047C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: ADD7C5985F471290ADFDCDAF4F4811D1
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Frame ID: 09D354574C82FF340422808F3FBF8E42
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Frame ID: AB5EA3C9C015DFEFF5741A9B178B901F
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Frame ID: 9A56F19EEC1DA5C676A9F41605187E6F
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 261DC7C367762310178FF1DE9C188E71
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Frame ID: 956CE213DDDB7DCC08D66B1FC47E9CDB
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 26B3518AF5E9B6F707BF54A41E32CDFE
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E9C202D117E888E03E39A8F1E26194CB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D01AD64EF1FFC8DA96F5868B96377F8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F5A9455B4C61E3DB524644B3C8896B73
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: C79FEC1578E6AC21D6BFC6E27E95617F
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9F210B70CBA1899556671673549EAF45
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 3BF95C4B880FA573F4A76A09B751F7B2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 1062BEDF98BC6EE9417B3680B13FE335
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 60E50D450771A8D16656CD2A23528614
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 30CC1448CBD8583CEF2F11FD309BDC12
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8D1D77787F46E016D4FF37C6B4B3EFB4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B5046CEE0431E05863AA2AE03A8FD240
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Frame ID: E8C8A70E1BB9316438448F186B768437
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042676020962916494
Frame ID: EE3C3D123AC337F48FBD4C5D081297E1
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B7626D47C93B392863DF161DC3680B6E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2FF43D79A9C874DA48ECD5583955A4A0
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D65278A135A3E25B0DB0E251FB72B2F5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8121777CA9E9495F8777B25B10A009C9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: 59759DDC1226B7085032259983471580
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D77B3FC0B5FF09BDFA74AAB33A9D628B
Requests: 11 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: DB9B65210BF2986701C09028C983B8DB
Requests: 9 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: 3DF2A889B11823AC72561C938E968411
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Frame ID: 47C8859992B418D22FBB47449A76B540
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 41FA6CAE4CEE4C17D76C0C37D5484EB3
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FDB80C9DB93AA9F05B67757F96057C46
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: DD73A55DECCB2B08D797F832266AA9BD
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: D6FB2A598156ECB8D56AF7982D521EF7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 6792E937A0FE0B2E1F5FF8AA6810035B
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: B2AA2872D9716ADABE3C5281E4138E4D
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: D3C356C4C9623043093BB7F60D801D4F
Requests: 10 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 44A27F7E5ED397F262B86410A0827AE6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 14F0FEB0FA93C311732CFFDCFE8FE43C
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: 2F9633D0CFEC658BE0A7E620443F96FA
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: CF41F808E15E9962782D48FA2451EFBF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 26F967678CA4700E3F80796766638262
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Frame ID: 3CB80D666D6A05AE126F5088BBF48A23
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Frame ID: 8059F920752A49F7580C7CCE8743B4A3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83ZDdkOGIzMC0yODc5LTQxMTYtOGNhNS0zZTAxNzFjYWUxYTk=&gdpr=0&gdpr_consent=
Frame ID: 84427C2099F54C78105872B5BD3818BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: BDF89969CF74B3DAB86238D44AE8349A
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 46BDD8817145FE7695E46185E4D6C83D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=962356cb-c8b9-4f32-b6ee-f3ace453922c&t=1642342793
Frame ID: A4CB43DE7CAF715727E51A57C64BD53C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3EC130E6AFF152987A7399CCC003C31D
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: A5FC2228E2DA39C7550AAC8337FC9188
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YbycisCo5sEAAKhqR4QAAAAA
Frame ID: A4462A1BE3186219C51084C9AA9AB124
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=jzFFrtrdmFldaoJODWpV&pi=gumgum&tc=1
Frame ID: C93C6FC916A4A43C1F1E892A53107EE6
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=5254F485-7446-412D-A850-03FC30763827&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Frame ID: 5FAB0773A76545E9B44B55A1C39FCDEB
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C84C6C8370BA68D0CD693895D380C37D
Requests: 8 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Frame ID: 10992B3D465443957C6ACC42604842D0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Frame ID: BA3974A74659A899C040D26BB7543E97
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4C9C2234D6F7906C00ADC65B41A47F87
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Frame ID: 7D7F441DA520BD55A76432075E94B9F2
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 40D504E95B6BE2A0D61A3378D47F682E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Conti Gang Suspected of Ransomware Attack on McMenamins | Threatpost

Page URL History Show full URLs

  1. https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/// HTTP 301
    https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

643
Requests

85 %
HTTPS

27 %
IPv6

102
Domains

178
Subdomains

125
IPs

13
Countries

7170 kB
Transfer

16284 kB
Size

126
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/// HTTP 301
    https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/143023/connatix.player.dc.js
Request Chain 125
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=XfO30Hxkc0poNmRhUEtraHYzV0U3MXE3ckZvOGJGa0tXQTNXSVJtckptYXlrOVZuMjQzckdZcVp5RFNrQVZ6QnZkd2RCeVNZWm5ZUXJ3ODN6aU15OXhnaHZ3eWJJOE9KYThqS0hVQ25iSzlMamw2anVzRGJLL29lWGxOMHdQOFlvNDA4VXBLZE1FTVhzcGc0NktNbk4xVUdaYkJ0bEVtOFJ5TXdWKzFISHUxa1BaZ0hOL3VXK1Q4L1hKVmswcFpEQmU0MTE3aWRsalRVeWtFdzlEdTA2cXdkaTFDck1jdnNPRStrOGlQZUF3OW4zdWE4PXw&cppv=2
Request Chain 167
  • https://fra1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQmDnLxhAAAAABGOWKr6f0OYIhmDnLxhAAAAACC35I6dASgAMMAIOOc3QMyyYUjD6pcCUJ-ZpQhY4dYBYgJERWgBcAF4AIABAogBAZABkAOYAeEBoAEAqAG35I6dAbABAQ..&s=68b4b1466a537cdb11b9dc230f29deccd0e801be&event_type=1&redir=https%3A%2F%2Ffra1-ib.adnxs.com%2Fab%3Fro%3D1%26an_audit%3D0%26referrer%3Dhttps%253A%252F%252Fthreatpost.com%252Fconti-gang-ransomware-attack-mcmenamins%252F177119%252F%26e%3DwqT_3QLoD_BM6AcAAAMA1gAFAQiDufKNBhCOsanV_--QzCIY7PLRkfzUwu9_KjYJOmUkMfd_2j8R-1BQJywz1T8ZAAAAQDMzA0Ah-1BQJywz1T8pOmUJJNAxAAAAYLge5T8wn5mlCDjnN0DACEhSULfkjp0BWMuPemAAaOelqQF43tUFgAEBigEDVVNEkgUG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKZCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKBCSZ0PTEmYWlkPTI0OTI4MTY2MTA2OTQ5NDQ5MTAmd3BjPVVTRCZzZmU9MTNmNDFjODMmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xLU5ieGJCQy1wSGI2YlJfLXM2ek5pOS1qUEl5V3B3WEJ2aTFKM0FpN2w5WS4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9UHJlUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUUtBQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjY1JnN2aT03AS8oPTF3aDlvM3QmdnIhlCw0JTJjMTUmcnVybD1lSiglM2ElMmYlMmZ0aC4QAgglMmaaUgMQJTJmMTdhVPRTASUyZiZ0c2lnPURnXzhEQlpwMGR3LTdlS1loT2ZBczFmanpNRGh5ay1WRGdLY2w1bGVoa28uJmM9Q2dkSFpYSnRZVzU1R2dBd0FqZ0NTQUJRQVlBQkFJZ0JBcEFCQUEuLiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTS4mZHVycz1VdkFYdnMmY3JyZWxyPSZhZHB0PWFub3ImaXBsPTE3Mzg2NjU1JmZwYT02ODAmcGNtPTMmZ3JkYz1DQUUuJnZjPTMmc2FpZD04OTg4MjU3OTE3NjY0ODM0OTYwJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1aBnPBJSU1QUkVTU0lPTklEEiQ3OWMwYTY1YS03MWQzLTQyNjgtYWJjZC1hNmU0OGY5NDBjNDiAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHSpObhpbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkFTVDKAAPA8fSZjcmlkPWtpYW9yaWtwJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfR1UEFBBUkFNpXAUfRoTMjQ5PmcFBCoEQfsYOg1vcnRiLRFu8GXAA-CoAcgDANgDttW3AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw3OC40Ny4yMDguMjaoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBLfBr1iIBQGYBQCgBZDrhODEnq3efMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF4dYB-gUECAAQAJAGAZgGALgGAMEGASE0AADwP9AGjdgB2gYWChAJEhkBYBAAGADgBgTyBgIIAIAHAYgHAKAHQKoHBzFptQi6Bw8BU0gYACAAMAA4vQZAAMgH3tUF0gcNFYEBQgjaBwYJJ0TgBwDqBwIIAPAH1P0CiggCEAA.%26s%3D01183f85e7f24357af7b308cd88f709e8e5d1542 HTTP 302
  • https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLoD_BM6AcAAAMA1gAFAQiDufKNBhCOsanV_--QzCIY7PLRkfzUwu9_KjYJOmUkMfd_2j8R-1BQJywz1T8ZAAAAQDMzA0Ah-1BQJywz1T8pOmUJJNAxAAAAYLge5T8wn5mlCDjnN0DACEhSULfkjp0BWMuPemAAaOelqQF43tUFgAEBigEDVVNEkgUG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKZCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKBCSZ0PTEmYWlkPTI0OTI4MTY2MTA2OTQ5NDQ5MTAmd3BjPVVTRCZzZmU9MTNmNDFjODMmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xLU5ieGJCQy1wSGI2YlJfLXM2ek5pOS1qUEl5V3B3WEJ2aTFKM0FpN2w5WS4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9UHJlUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUUtBQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjY1JnN2aT03AS8oPTF3aDlvM3QmdnIhlCw0JTJjMTUmcnVybD1lSiglM2ElMmYlMmZ0aC4QAgglMmaaUgMQJTJmMTdhVPRTASUyZiZ0c2lnPURnXzhEQlpwMGR3LTdlS1loT2ZBczFmanpNRGh5ay1WRGdLY2w1bGVoa28uJmM9Q2dkSFpYSnRZVzU1R2dBd0FqZ0NTQUJRQVlBQkFJZ0JBcEFCQUEuLiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTS4mZHVycz1VdkFYdnMmY3JyZWxyPSZhZHB0PWFub3ImaXBsPTE3Mzg2NjU1JmZwYT02ODAmcGNtPTMmZ3JkYz1DQUUuJnZjPTMmc2FpZD04OTg4MjU3OTE3NjY0ODM0OTYwJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1aBnPBJSU1QUkVTU0lPTklEEiQ3OWMwYTY1YS03MWQzLTQyNjgtYWJjZC1hNmU0OGY5NDBjNDiAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHSpObhpbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkFTVDKAAPA8fSZjcmlkPWtpYW9yaWtwJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfR1UEFBBUkFNpXAUfRoTMjQ5PmcFBCoEQfsYOg1vcnRiLRFu8GXAA-CoAcgDANgDttW3AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw3OC40Ny4yMDguMjaoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBLfBr1iIBQGYBQCgBZDrhODEnq3efMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF4dYB-gUECAAQAJAGAZgGALgGAMEGASE0AADwP9AGjdgB2gYWChAJEhkBYBAAGADgBgTyBgIIAIAHAYgHAKAHQKoHBzFptQi6Bw8BU0gYACAAMAA4vQZAAMgH3tUF0gcNFYEBQgjaBwYJJ0TgBwDqBwIIAPAH1P0CiggCEAA.&s=01183f85e7f24357af7b308cd88f709e8e5d1542
Request Chain 251
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
Request Chain 252
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8335500312919157432
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9_L6D7zeQuKE_3c34hYmZA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=175261bc-9c84-4400-aeac-79bc5a1977c6
Request Chain 256
  • https://pixel.onaudience.com/?partner=214&mapped=F7F2FA0F-BCDE-42E2-84FF-7737E2162664 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3c2b72cea1002c5a3ed02c88b1730d7b
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjdGMkZBMEYtQkNERS00MkUyLTg0RkYtNzczN0UyMTYyNjY0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHU1Cziwz_2coHAcaO-BZ8&google_cver=1
Request Chain 260
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Request Chain 333
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YbychwAMpscx0wBR&_origin=0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbychwAMpscx0wBR&_origin=0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=962356cb-c8b9-4f32-b6ee-f3ace453922c&_origin=1&gdpr=1&gdpr_consent=
Request Chain 335
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2NTlkZDU3ZC01ZjQ0LTExZWMtOTllNC0wMjc5Yjk2NDgzN2M%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEP8cPIqNrcA7AQkq9SjozyU&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEP8cPIqNrcA7AQkq9SjozyU&google_cver=1&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
Request Chain 367
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 372
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
Request Chain 373
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
Request Chain 374
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
Request Chain 378
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
Request Chain 379
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
Request Chain 380
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
Request Chain 386
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 389
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 392
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 395
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042676020962916494
Request Chain 396
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&addseg=19,36,42
Request Chain 397
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 399
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664 HTTP 302
  • https://a.audrte.com/p
Request Chain 400
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=962356cb-c8b9-4f32-b6ee-f3ace453922c
Request Chain 401
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6173820910399809685
Request Chain 402
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9214095078257359212&gdpr=0&gdpr_consent=
Request Chain 403
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PzYHU0ZE2uUgk3SZs4H3Fimbc2PuweQ-~A&gdpr=0&gdpr_consent=
Request Chain 405
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ybych0bBg2VgARZg0q0o9AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
Request Chain 407
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB&dcc=t
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
Request Chain 409
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
Request Chain 410
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642342792
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
Request Chain 416
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&dcc=t
Request Chain 417
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ybych0bBg2VgARZg0q0o9AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
Request Chain 418
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758875873757384
Request Chain 425
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 426
  • https://gcdn.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/53F043CAC123BE624BE1EDF21C069333FD8AF423.70D060106D64AD40DCFB6E6FB9EFE7338B1797CC/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3596A5A10BF82420D2618BB3CC3BB6461B6DF714.02F7D1C7C8C933D894B6923C473C953F57563A16/key/cms1/cms_redirect/yes/mh/Vz/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
Request Chain 433
  • https://pixel.adsafeprotected.com/rfw/st/906389/59213326/skeleton.js?videoId=8c275dd280996800663676218d61dacf&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst58aDvFfXIONfXhRxiw2FKOM_hjaijNrZLG27K5wcoe566DuvTf-_8BvQhSisyfcavUU4KNPid7J5UA_BDM1RWtSpORi0Ek5kPa7K8pCtVYMtqzjCuN5a5FbO9XmR87DHwjA8yiPP78DWS4EFR0Wb62g&sig=Cg0ArKJSzGCJWNl2-ONBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213336&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=60de15e7-b2f5-435c-a988-82b1fdfd2cd9&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:6ff079d2-76c4-044e-8428-a9b77a4504ff,c:x40qJ5,sl:inView,em:true,fr:true,thd:1,mn:app25ie,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:4,fm:sRRpdhu+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e*.906389-59213326%7C1e1%7C1e2%7C1f%7C1g%7C1h,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:28,oid:664b056a-5f44-11ec-a96f-064defe2639d,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:1,abct:100,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 443
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 445
  • https://sync.serverbid.com/ss/2000891.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Request Chain 454
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=nOthDzhfp&dongle=u6nf
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHYA-nrslkmhOsEGMoAXhjc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 456
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI1MzI1NDI3OTY4ODMwNDAxNw%3D%3D
Request Chain 458
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/9253254279688304017?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CKNcn.FE2oRbW6gFIjNUtlBmyDoTySrtPEXXYV34tw--~A&dongle=0883
Request Chain 461
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9253254279688304017 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9253254279688304017&dcc=t
Request Chain 462
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 467
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=1&gdpr_consent=
Request Chain 469
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
Request Chain 479
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=9214095078257359212
Request Chain 480
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 481
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2640057995 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/962356cb-c8b9-4f32-b6ee-f3ace453922c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
Request Chain 483
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=978758875873757384
Request Chain 485
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=e2c25946-2f80-4e76-ba6f-09d9472a68df&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 486
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-zGYGNCBE2uGJAG7cA47C5oZX0h0hY8wzYlcHxJc-~A
Request Chain 490
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9192358177570622074
Request Chain 491
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
Request Chain 492
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1edwR9q1KhfO73AQ0Oc_HNuwJ0bO5XMW0Lc7NCa1
Request Chain 496
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6930371921316669386&uid=Q6930371921316669386&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 500
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Request Chain 501
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_uid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_uid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=25005a97-90f0-4722-b7ee-6b0addc30661&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=
Request Chain 502
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c555caa7-1b45-4bfa-8863-b1ef49638d91&gdpr=0&gdpr_consent=
Request Chain 506
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 510
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9214095078257359212
Request Chain 511
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ybych0bBg2VgARZg0q0o9AAA%261111
Request Chain 512
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c76cb7cbd35baf8ec242c663
Request Chain 514
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP659dd57d-5f44-11ec-99e4-0279b964837c HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP659dd57d-5f44-11ec-99e4-0279b964837c
Request Chain 515
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
Request Chain 516
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D HTTP 302
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242 HTTP 303
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242&_li_chk=true&previous_uuid=9bf7274da6d04a66aa02062de05daa36 HTTP 303
  • https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
Request Chain 518
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hBSEE0VVgtMS1GMkQ2
Request Chain 519
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbychwAMpscx0wBR
Request Chain 520
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk0YTU1ZmQ1MTdkMTlhMzc0MmI4Zjg0YzJjNzE4NTliYzVkMWJlNQ
Request Chain 521
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ULBJKds8lpcoMA1NmWOatA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6710060050963310893
Request Chain 522
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN0NBF9N9p12cFuAPBbU2Ns&google_cver=1
Request Chain 523
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXAHA4UX-1-F2D6&sigv=1&esig=2~b07b39691d7a7b6454d431d5a8735ca87ed4bd13
Request Chain 534
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=9214095078257359212
Request Chain 535
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=fa39ba2a-54f1-4f5d-b922-494164a3cb9c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=fa39ba2a-54f1-4f5d-b922-494164a3cb9c HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
Request Chain 536
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%289m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%289m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9&obuid=ENC(9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%0A HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=c555caa7-1b45-4bfa-8863-b1ef49638d91&obUid=9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-&platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 537
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=85dca89e-1cf0-478a-a265-0c4df0ddb1b7
Request Chain 538
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-82c63a78-c667-48b1-56d3-da8abee694be$ip$78.47.208.26
Request Chain 539
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-udo4EihE2pdFRvBkvxJkRIj3SCfPNyKPYrOK~A
Request Chain 540
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=679c15a4-5f44-11ec-a568-0feef643c50a
Request Chain 543
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=9kbxoNjiKYGQhNZUWLQ7&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OLLMJ4G6TTKNFFVSR2RNBHFUVKXJRITOJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OLLMJ4G6TTKNFFVSR2RNBHFUVKXJRITOJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9kbxoNjiKYGQhNZUWLQ7&us_privacy=1---
Request Chain 544
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=6b215664-179e-45f1-ae3b-d977f397aa33
Request Chain 545
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003&rndcb=5402700076 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3Dfa39ba2a-54f1-4f5d-b922-494164a3cb9c%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=5289f59392dd464e90469e0cf2586c85&ssp=adconductor&bsw_param=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/fa39ba2a-54f1-4f5d-b922-494164a3cb9c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
Request Chain 546
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=jDHl6imc5qvq&ev=1&pid=558355
Request Chain 549
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Request Chain 550
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Request Chain 554
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=962356cb-c8b9-4f32-b6ee-f3ace453922c&t=1642342793
Request Chain 555
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 557
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YbycisCo5sEAAKhqR4QAAAAA
Request Chain 558
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=jzFFrtrdmFldaoJODWpV&pi=gumgum&tc=1
Request Chain 591
  • https://fra1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQmOnLxhAAAAABGFv0oC5VPEFxmNnLxhAAAAACCa5I6dASgAMMAIOOc3QMyyYUjD6pcCUKOZpQhY4dYBYgJERWgBcAF4AIABAogBApABkAOYAeEBoAEAqAGa5I6dAbABAQ..&s=1cebb3c289418d27a8d2386af42af25a882c67f1&event_type=1&redir=https%3A%2F%2Ffra1-ib.adnxs.com%2Fab%3Fro%3D1%26an_audit%3D0%26referrer%3Dhttps%253A%252F%252Fthreatpost.com%252Fconti-gang-ransomware-attack-mcmenamins%252F177119%252F%26e%3DwqT_3QLnD_BM5wcAAAMA1gAFAQiNufKNBhCF_6qS0PyU4hcY7PLRkfzUwu9_KjYJVWo4Xf112j8REVVgFzEr1T8ZAAAAIFyPH0AhEVVgFzEr1T8pVWoJJAAxARvArkfpPzCjmaUIOOc3QMAISFJQmuSOnQFYy496YABo6KWpAXia2QWAAQGKAQNVU0SSAQEG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKYCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKACSZ0PTEmYWlkPTE3MTI1ODYwMDEzNTg3MDA0MjEmd3BjPVVTRCZzZmU9MTNmNDFjOGUmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNHhlQkJsZ0ZmYlFQeEdMQWNZbnpseW9LUS11UjhiYXZOZnAyOFp5T0tFYy4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9TWlkUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUU9BQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjU4JnN2aT03AS9oPTF3aDlvM3QmdnJ0ZD0xNCUyYzE1JnJ1cmw9ZUooJTNhJTJmJTJmdGguEAIIJTJmmlIDECUyZjE3YVT00wElMmYmdHNpZz04Wng5cXRrdFZKZFBGRkVtNHNhUVN4WTdJdmJ4eHJrR2NETjJkREFQSndnLiZjPUNnZEhaWEp0WVc1NUdnQXdBamdDU0FCUUFZQUJBSWdCQXBBQkFBLi4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk0uJmR1cnM9VXZBWHZzJmNycmVscj0mYWRwdD1hbm9yJmlwbD0xNzM4NjY1OSZmcGE9Njc5JnBjbT0zJmdyZGM9Q0FFLiZ2Yz0zJnNhaWQ9NjQ3NzMxNzI3MzM4MDQ5NzgyJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1ZBU1RfSU1QUkVTU0lPTklEEiQyNWE0YmYzOC1lMTY1LTQ4ZGYtODI0Zi0wMjkyOWJmNTYzNDSAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHR0cHM6Ly9pbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkE6gAAEfSZBZ_BGPTIxaHQ5MjQyJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfSR7VFREX1ZBU1RfUEFSQU2lbxB9GhMxN0GyBDYwvWYEKgRB-hg6DW9ydGItEW7wZcAD4KgByAMA2AO21bcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDc4LjQ3LjIwOC4yNqgEALIEEAgCEAQYkAMg4QEoAjAAOAO4BADABADIBADaBAIIAeAEAPAEmsGuWIgFAZgFAKAF9qHw7a-Szf4IwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AaN2AHaBhYKEAkSGQFgEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMWm0CLoHDwFTSBgAIAAwADi9BkAAyAea2QXSBw0VgQFCCNoHBgknROAHAOoHAggA8AfU_QKKCAIQAA..%26s%3Dd6cff330748ba2aea91bbc6c34db40a166d0a45e HTTP 302
  • https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLnD_BM5wcAAAMA1gAFAQiNufKNBhCF_6qS0PyU4hcY7PLRkfzUwu9_KjYJVWo4Xf112j8REVVgFzEr1T8ZAAAAIFyPH0AhEVVgFzEr1T8pVWoJJAAxARvArkfpPzCjmaUIOOc3QMAISFJQmuSOnQFYy496YABo6KWpAXia2QWAAQGKAQNVU0SSAQEG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKYCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKACSZ0PTEmYWlkPTE3MTI1ODYwMDEzNTg3MDA0MjEmd3BjPVVTRCZzZmU9MTNmNDFjOGUmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNHhlQkJsZ0ZmYlFQeEdMQWNZbnpseW9LUS11UjhiYXZOZnAyOFp5T0tFYy4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9TWlkUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUU9BQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjU4JnN2aT03AS9oPTF3aDlvM3QmdnJ0ZD0xNCUyYzE1JnJ1cmw9ZUooJTNhJTJmJTJmdGguEAIIJTJmmlIDECUyZjE3YVT00wElMmYmdHNpZz04Wng5cXRrdFZKZFBGRkVtNHNhUVN4WTdJdmJ4eHJrR2NETjJkREFQSndnLiZjPUNnZEhaWEp0WVc1NUdnQXdBamdDU0FCUUFZQUJBSWdCQXBBQkFBLi4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk0uJmR1cnM9VXZBWHZzJmNycmVscj0mYWRwdD1hbm9yJmlwbD0xNzM4NjY1OSZmcGE9Njc5JnBjbT0zJmdyZGM9Q0FFLiZ2Yz0zJnNhaWQ9NjQ3NzMxNzI3MzM4MDQ5NzgyJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1ZBU1RfSU1QUkVTU0lPTklEEiQyNWE0YmYzOC1lMTY1LTQ4ZGYtODI0Zi0wMjkyOWJmNTYzNDSAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHR0cHM6Ly9pbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkE6gAAEfSZBZ_BGPTIxaHQ5MjQyJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfSR7VFREX1ZBU1RfUEFSQU2lbxB9GhMxN0GyBDYwvWYEKgRB-hg6DW9ydGItEW7wZcAD4KgByAMA2AO21bcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDc4LjQ3LjIwOC4yNqgEALIEEAgCEAQYkAMg4QEoAjAAOAO4BADABADIBADaBAIIAeAEAPAEmsGuWIgFAZgFAKAF9qHw7a-Szf4IwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AaN2AHaBhYKEAkSGQFgEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMWm0CLoHDwFTSBgAIAAwADi9BkAAyAea2QXSBw0VgQFCCNoHBgknROAHAOoHAggA8AfU_QKKCAIQAA..&s=d6cff330748ba2aea91bbc6c34db40a166d0a45e
Request Chain 598
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Request Chain 599
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2930308176 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
Request Chain 601
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_1f77de5c-8138-4ee3-86ab-9997aa875de3&bsw_param=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 602
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9192358177570622074&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 604
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 620
  • https://gcdn.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/3B2972E6DEFF6A7F58772BB9F29F379A939BA58C.1B3E2923FED3F4B54C5FDB6301F4124D9B78A0AF/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/817A2BE16D80366AF019EDB64F7CE352A5A8F65C.817A515C9134B2BB1F54F8565B9F50BDDD96EFBE/key/cms1/cms_redirect/yes/mh/xK/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
Request Chain 627
  • https://pixel.adsafeprotected.com/rfw/st/906389/59213329/skeleton.js?videoId=c0be374f0494dce9a1ff1967de537deb&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss73U9qJ5qDWTOodcKwwIsNsDV5QBTnzamymYa9fBPyL49Kkn_Bs4mlbYE03espcNE_mHFDkuVKMRH9r07rORhkd2WnRN7IGSHnZQusorqzj6UZ5AU88teU1fHrMMmn-li00Qfcoqm6qr8xM1L9LFv-Vw&sig=Cg0ArKJSzIOfL7dOtY-dEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213341&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=68942c01-d8d9-4535-9279-b76aeaceaf36&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:9f496b6d-3c2a-6acb-9e72-0cb6669cf1cd,c:x40svq,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-6d588df4d9-qnc7m,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:3,fm:sRRpf3L+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m11%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m2%7C1m3%7C1m4%7C1m5%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o%7C1p%7C1q11%7C1r*.906389-59213329%7C1r1%7C1r2,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:32,oid:6a65e426-5f44-11ec-8be4-a686adad75fb,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:1,abct:42,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

643 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Redirect Chain
  • https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119///
  • https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
81 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
12c25c8364a81b6f848a68cbd9aec0256999bb67d238c95c1d6c7e32f21e2f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 17 Dec 2021 14:19:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Link
<https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/177119>; rel="alternate"; type="application/json" <https://threatpost.com/?p=177119>; rel=shortlink
X-Frame-Options
SAMEORIGIN
X-Debug-Auth
off
X-Request-Host
threatpost.com
x-cache-hit
HIT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 17 Dec 2021 14:19:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Redirect-By
WordPress
Location
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
X-Frame-Options
SAMEORIGIN
X-Debug-Auth
off
X-Request-Host
threatpost.com
x-cache-hit
MISS
museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-3ca8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15528
museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-5124"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20772
museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-3dcc"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15820
museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-51a4"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20900
museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-5c74"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23668
museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-5194"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20884
museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-5bac"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23468
museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-51b8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20920
museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-5b34"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23348
museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:45 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-50c8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20680
op.js
tagan.adlightning.com/math-aids-threatpost/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f0df7301c34c2eca16acb0f36fc6f32315c3e2ff7a643f55f2e2fabed68ea0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
L8EQ0MsZ1zCd1.WHVMfRuampPeSkkZUf
content-encoding
gzip
etag
"e463cfbfbf0bf38458171e2f2f209d46"
age
1978
x-cache
Hit from cloudfront
content-length
18656
x-amz-meta-git_commit
7b120a5
last-modified
Thu, 16 Dec 2021 21:41:52 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 13:51:35 GMT
content-type
application/javascript
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
9c3yualg2Lg9LcFZ1ZpyliksjXj2j8dLH1ogTEri34C4tFDh2uw4Zw==
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1073 / 435 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Dec 2021 14:19:45 GMT
ros-layout.js
qd.admetricspro.com/js/threatpost/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173
content-length
3093
last-modified
Wed, 03 Nov 2021 12:58:13 GMT
server
cloudflare
etag
W/"67a6-5cfe1f68177b1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVGuA1GZLPGROxNAl9iHHqrM2aIw%2BLRfXhMr9p9F%2FabrTSQdwvp2pGNnZdpKZtE728DGGAPCx%2BKXNX0WgygeziYXt%2FiNlBSuNmtBDDNTLXo6lGSqHTKOhEkwAZq8IvgSoN8RYcTEJgW9u5dkRo6yseeL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6bf0c9c5b2a86939-FRA
expires
Fri, 17 Dec 2021 14:18:43 GMT
cmp.js
qd.admetricspro.com/js/threatpost/ 		310 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGgq6vGWEb7awy8KGARE41ECYOvUlETPqt9gti4asHyJjJvubMMXezJEyB8ZaCJ2BEd3GL%2Fq1h8VtSHzA5QjjhdL81dshncjAjJyYYetAnBiUeHc2FzAAw8evXcQI%2BQZUJsWlDR7O0BlaJpp4XuyYSTI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6bf0c9cb15de6939-FRA
expires
Fri, 17 Dec 2021 14:18:43 GMT
uspcmp.js
qd.admetricspro.com/js/threatpost/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8uJBPUm0VGW27PWc5H92RhdJBcGxcUOv%2FFQHmfTcYvjkDEADTjWICpG6%2FcrNrH8wSkqLkW3qR0oT4lbcyZoiCcK6bbp9YZ8EOwe6AEJZU%2BgTNzdayuHWzXtsKgy6ZJ8vXouqKku%2B25aPydGjYM1fNxW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6bf0c9cb15da6939-FRA
expires
Fri, 17 Dec 2021 14:18:43 GMT
targeting.js
qd.admetricspro.com/js/threatpost/ 		393 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
content-length
172
last-modified
Wed, 04 Aug 2021 21:50:12 GMT
server
cloudflare
etag
W/"189-5c8c2c96f96c7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WBbuVzRCT7d1lNX4Ewxpm%2FHW%2FWGoWbQHVN2rUAZFrJE4%2BTDP5eHWMITBzfyciawjXPVfZANBs5GQ5fvTzgNiqNieb8mbeiNm79nk%2FoWj8vVb16vPgzHoS2YaMqkYcqZnRaCb%2BvyzRe0%2B1uxNNRUW%2Fds"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6bf0c9cb15e06939-FRA
expires
Fri, 17 Dec 2021 14:18:43 GMT
prebid.js
qd.admetricspro.com/js/threatpost/ 		430 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174
last-modified
Thu, 14 Oct 2021 15:35:01 GMT
server
cloudflare
etag
W/"6b738-5ce51d26ef74c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm9RPJ0UOOwhVEtjR4hkweSHk8Pw6QLhMBLXFCAeYMaoO1C0dOB%2FyGWuY4sv9mUAPR8iZxRfQcg0QqAMU%2FxN5C%2Fnw7LJUnzWPEbfKN1fvx%2Fda8pI2R9LmhxKJc5t1tOV6rL2HyG7h54f6SBvx%2BRdYlPq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6bf0c9cb35f96939-FRA
expires
Fri, 17 Dec 2021 14:18:43 GMT
engine.js
qd.admetricspro.com/js/threatpost/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/engine.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173
last-modified
Fri, 15 Oct 2021 02:14:43 GMT
server
cloudflare
etag
W/"8b7c-5ce5ac22db48b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiUhwsAPnaZSxNEWOFUwDVhtubhmc%2BwbySgBo6PwR40itz46nNeoM%2BTBCmX1atMzmRO5dw8oXv2DKtKT3Cd2H5vSt3%2FCGFvshB2LUfIHFt6hPJkUQoOer5%2F3y4KEbfdq985Uv9bSAu6CzpNF2vtxKnyX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6bf0c9c5b2a56939-FRA
expires
Fri, 17 Dec 2021 14:18:32 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		294 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
42696
x-cache-hit
HIT
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
aOek1JA7mYj2kjRy6-cNPAT-Xx2HXDqKsPXsbv2FA3b4s5jblpyRkQ==
expires
Sat, 18 Dec 2021 14:11:43 GMT
jquery-1.12.4-wp.js
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
public
Date
Fri, 17 Dec 2021 14:19:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Dec 2021 08:40:04 GMT
Server
nginx
ETag
W/"61bc4ce4-17a56"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Fri, 24 Dec 2021 14:19:45 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=84c92d97
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
6410
x-cache-hit
HIT
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
4UyEc1cbG6IJeJHySTfOkIhnsRxhGKlssfSjB-AdBhLw9dXGDWGF7Q==
expires
Sat, 18 Dec 2021 14:11:50 GMT
beer-21.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/07/30171039/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/30171039/beer-21.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83eee6b0aa9cd3470265fa05ddf22944c57d76dc5b028ab83a5529db91b32c9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 10:46:48 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Fri, 30 Jul 2021 21:10:41 GMT
server
AmazonS3
age
444778
etag
"103f6fa9d1803a307fc36f4c0d490dd0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
79121
x-amz-cf-id
-E8EqrbP_4PGRUyeej6AAHbOL5w7wl-tJqDvFaXxJQHzY3_OiJG0pQ==
expires
Sat, 30 Jul 2022 21:10:39 GMT
api.js
www.google.com/recaptcha/ 		852 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb64b458d21f550c6577ddb2d1bb7a055e029c0a85df128fb3b610052c430e0d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Fri, 17 Dec 2021 14:19:45 GMT
scripts.js
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
public
Date
Fri, 17 Dec 2021 14:19:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
W/"61bc4ce5-828"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Fri, 24 Dec 2021 14:19:46 GMT
api.js
www.google.com/recaptcha/ 		852 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c17dfcc26d6ed3cc1d800c120b100cc7bcbf03ea1a9c72d8aeadfe9b41d49b2a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
558
x-xss-protection
1; mode=block
expires
Fri, 17 Dec 2021 14:19:45 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=84c92d97
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
926
x-cache-hit
HIT
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
u5NBsL81eiTfoeAPASkXH8eMgjJJhl3JxJSSkLNzL9ODlRM62VWIzQ==
expires
Sat, 18 Dec 2021 14:11:51 GMT
gravityforms.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
public
Date
Fri, 17 Dec 2021 14:19:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
W/"61bc4ce5-88c2"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Fri, 24 Dec 2021 14:19:46 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=84c92d97
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
2685
x-cache-hit
HIT
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
TCANU_hGTfffAvzhtZ97PfbZ9VspG75GtOXYOmny7me4LHYq4oMzlA==
expires
Sat, 18 Dec 2021 14:11:52 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=84c92d97
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
1747
x-cache-hit
HIT
last-modified
Fri, 17 Dec 2021 08:40:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
Q67-qveO6kkNnSHMbva_lr_Ql2aqQ5Gd_kVtMPTKU3q_6a6gtrvoWw==
expires
Sat, 18 Dec 2021 14:11:52 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=84c92d97
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdb19f9b971a1026f59a86b5a185008b1b735ac4e1d81aaac3acdc0a15886c62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
36706
x-cache-hit
HIT
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
4IUo6z1h4OHyyv_1-mocCij7-DVyetW5dMNtjaSqJwzfakSYyYkp8Q==
expires
Sat, 18 Dec 2021 14:11:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:15:38 GMT
content-encoding
gzip
age
247
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
0FG1JCGMEME3F52ED78T
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Fvyxmn59WkwQFipdVlBa5QXNhRW-vHC_-RkCHNRsuu88ZfEZsvIacg==
connatix.player.dc.js
cds.connatix.com/p/143023/ Frame EC90
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/143023/connatix.player.dc.js
1 MB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/143023/connatix.player.dc.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58cedf2abf62a7f2ce6fb9305c0ce94d005eb3a3a9daa237c224c23437930c29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
last-modified
Fri, 17 Dec 2021 11:40:48 GMT
age
9480
etag
"afcdad16a86e85a226f17a5e9c9ba0bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
241055

Redirect headers

location
https://cds.connatix.com/p/143023/connatix.player.dc.js
date
Fri, 17 Dec 2021 14:19:45 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
/
kasperskycontenthub.com/ 		0
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1231440803&back=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:46 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
x-cache-hit
MISS
Transfer-Encoding
chunked
X-Debug-Auth
off
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Request-Host
kasperskycontenthub.com
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af12966475d03b6b1e45449d80ae67fcd2dd05d7558a7e1ae4f457dcc042b28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60217
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Dec 2021 14:19:45 GMT
icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:46 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-328e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
12942
icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:46 GMT
Last-Modified
Fri, 17 Dec 2021 08:40:05 GMT
Server
nginx
ETag
"61bc4ce5-328e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
12942
logo.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-4a32"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18994
x-amz-cf-id
kxRVNoIhisRjJ5BFhlo3wQ_NAbWj9HfaxZId5TwlSBSMeKc36yq84Q==
expires
Fri, 24 Dec 2021 14:19:46 GMT
museosans-700-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-51a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20900
x-amz-cf-id
ClC1Mn_E0kPvFdjkabDHyAsVlu_L3BK44CnTBUshwO-4kR-dy9Awag==
museosans-100-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-50c8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20680
x-amz-cf-id
m5uaQA57teS5FiW7I33ePQI515eUPyXFZWsOfyJ3OBsuI1DbVdCcKA==
museosans-300-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-51b8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20920
x-amz-cf-id
XF_eZuabFz0GTVZJDFianQhFDisD_HdCj6T8v8a46ZHDwKtSd4ZVDA==
museosans-500-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-5194"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20884
x-amz-cf-id
yzywMQ_4rKJiSFv3des2ioiXQNPrk91EQPR47iUl4aUpgZ54wqH7LQ==
museosans-900-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-5124"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20772
x-amz-cf-id
wdNAiD__c-S_uHIxKDkulmDse3T1jFGQKP-XRqZNygRJIu5ieDvNUg==
museosans-700italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-3dcc"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15820
x-amz-cf-id
QcWx6FYvW-x9MSWnX3lQxW8citClrmuMROkm7UmUCBK0S9-lYlUijg==
museosans-300italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-5bac"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23468
x-amz-cf-id
qS7aJjGcuwlkWExydKmQXNJ981Eq4uJ7tPPuVZsV2jE98xkrQoXNkg==
Liz-Montalbano-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095657/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095657/Liz-Montalbano-headshot.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
369c67a5afb2ffa25d4480b3781a938e7fe7c5633f89d36570e2c1cc23c49eff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 16:47:39 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 15:45:08 GMT
server
AmazonS3
age
9149527
etag
"09775ac22fdd614b1588724aaef06c61"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
78876
x-amz-cf-id
Sqy2O-P2DDy_JXIwRDbvzNL16w0dGCOyr7NPYvA4KC7z00lbiFvSnA==
expires
Wed, 11 May 2022 15:45:07 GMT
infosec_insiders_in_article_promo.png
media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:44:34 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 20:58:17 GMT
server
AmazonS3
age
7032912
etag
"101ba02c43488b8b07cf42f9aa850f6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
20484
x-amz-cf-id
Xon481bwbUzQ6h07_aJbzP5LlHNzqNMIHb8drXyIELASFXMCuGx4WQ==
expires
Wed, 10 Aug 2022 20:58:15 GMT
centaur-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/16141318/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/16141318/centaur-540x270.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8f69f7cd671ff8ba034539b3f0b37cacd551b571a3ce41f06c192a189c2b3a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 19:16:46 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Thu, 16 Dec 2021 19:13:23 GMT
server
AmazonS3
age
68580
etag
"3011a63b33fad87f613dc5c443c9be98"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA60-P1
accept-ranges
bytes
content-length
32720
x-amz-cf-id
G7PKg6frjKvf-PghsTooXRUE0Aw7duPSDwL94udceqwyQdsONfkrjQ==
expires
Fri, 16 Dec 2022 19:13:22 GMT
keylogger-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/03/20163020/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2020/03/20163020/keylogger-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f49c1b99b596bc18e280ee6d4fb1faff8b40c18a3d00c8e7814273cfdb4a3ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 18:38:16 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Fri, 20 Mar 2020 20:30:24 GMT
server
AmazonS3
age
70890
etag
"ee57753c05093ed4385c6ed4461c3ac0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
20743
x-amz-cf-id
u4L2Q-UbISnqkukenw8Huopw-_C8JCiKb9cxG1LEV6RnfvMBYkIw4w==
expires
Sat, 20 Mar 2021 20:30:23 GMT
dark_knight-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/16084324/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/16084324/dark_knight-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0515037bb5692767b48eb69679c5b688514b09c0db1ad1ce835a09032059ad97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 13:47:37 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Thu, 16 Dec 2021 13:43:30 GMT
server
AmazonS3
age
88329
etag
"de34cbbdae04f5cd4d43d274cb34259b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA60-P1
accept-ranges
bytes
content-length
25710
x-amz-cf-id
3mT0i-z5PfRCweQAyXPP7MsA_Qs2DuYbWfgeRy7kvS1O78MmAlqxeA==
expires
Fri, 16 Dec 2022 13:43:28 GMT
mail-plane-light.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-33c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
828
x-amz-cf-id
QvbtqvYKwqyW3wdHcUt7W-Om9KudGlebBEXQI10LJFJLw8CoTvzD5A==
twitter-blue.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-364"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
868
x-amz-cf-id
cEeSQruI1qzvhu0fqHwvW61MwQyHDjKQ29yfHzu8Y3wGeIBc8yWCTw==
suppy_chain-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2020/12/30075224/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/30075224/suppy_chain-64x64.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d4f43acaf2e0749680eb279e3e56115b205efe8ca0e2461e3453b65f6c1dc99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 00:29:17 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Wed, 30 Dec 2020 12:52:29 GMT
server
AmazonS3
age
222629
etag
"7ef9270e087aae4f25c099c47c81ffaf"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA60-P1
accept-ranges
bytes
content-length
9870
x-amz-cf-id
WfQ76ma7iyglhfwfhG3T9PtZ1oN-eSlE1b4ShtcvLINlozXY2a45pA==
expires
Thu, 30 Dec 2021 12:52:28 GMT
office-365-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/09/11154917/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2020/09/11154917/office-365-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e950f047b72b2e9a986a7d140b74d09a651472a991e200ecd268a13a95d1a405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 19:29:30 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Fri, 11 Sep 2020 19:49:21 GMT
server
AmazonS3
age
586216
etag
"cc77de8072fab467a72e3869474ed7ec"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
1911
x-amz-cf-id
lEmZsqkY0niajxcOEJrtCUn-KfK4NQfgND8iq0Ij3jZy1eXl8nWBoQ==
expires
Sat, 11 Sep 2021 19:49:20 GMT
Hacker-e1638987782327-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/Hacker-e1638987782327-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c947edb74e618a58ee1ab7a05ef9a041b7c80a2282e6b4f1d8f5d36b7eef864

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 19:28:59 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Wed, 08 Dec 2021 18:23:05 GMT
server
AmazonS3
age
759047
etag
"e1d90ac3fa11bdeae13ee75f6b2fb6e1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
1770
x-amz-cf-id
p1m2OmCur7wJlpFKiE-gcC1g4ntFkORg_-Wnt6kDSzOs8S_Fnkt6mg==
expires
Thu, 08 Dec 2022 18:23:02 GMT
Bad-business-practice-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/06162635/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/06162635/Bad-business-practice-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4830f3c6221ce4802e5d35e2222aa8107e2b8c5a55bc1fcbec3a5b5e85487283

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 21:48:32 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Mon, 06 Dec 2021 21:26:39 GMT
server
AmazonS3
age
923474
etag
"b161c0973988d276766886d8973fa21c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
2110
x-amz-cf-id
l5o-0aZlQ-QqFJ-dn4bXSTT5TO_FIhXE-dGc_8nz0m7q0smS8d_vlw==
expires
Tue, 06 Dec 2022 21:26:38 GMT
noleggio-auto-1024x682-1-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/03120815/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/03120815/noleggio-auto-1024x682-1-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
117f1d5fc9766ce2f27441e82eefb08b6bd89d0e4905a56cea52732270ec25ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 20:09:36 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
last-modified
Fri, 03 Dec 2021 17:08:20 GMT
server
AmazonS3
age
1188610
etag
"32d65616e53df09b88bde2532697a9b8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA60-P1
accept-ranges
bytes
content-length
1915
x-amz-cf-id
KK93V0I2ckYpaiv_TeFSyy1OaGi5JXqKXQiAMM7tJ6tgmm_fSV4Vbw==
expires
Sat, 03 Dec 2022 17:08:19 GMT
player.css
cds.connatix.com/p/143023/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/143023/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed6cc3e4d411248d84eed9acc1d13ad3fd98396734464cf07173588aeb9d02aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
br
last-modified
Fri, 17 Dec 2021 11:40:49 GMT
age
9481
etag
"2e0a3bf94576cf171c12f9ef0e6f5c54"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8439
mail-plane-large-dark.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		812 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-32c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
812
x-amz-cf-id
iD0S-9khmXeUkcJyUjj4lWmTuYYUrPQar5IE8InTRbaaRVsd6Qk6zA==
logo-white.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-260a"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
9738
x-amz-cf-id
ZeYX7NM1DPbFx3HQFuBKp8H8rN83l0ku1d1q_xPa73e0pbjv--8QEw==
expires
Fri, 24 Dec 2021 14:19:46 GMT
pls
capi.connatix.com/core/ Frame EC90 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
d73222d0db18078422c0040d73a61960c570b7e7e10fc703c790f53cb26d37b2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
4959
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Dec 2021 14:19:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		115 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Fri, 17 Dec 2021 14:19:46 GMT
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 20:51:53 GMT
content-encoding
gzip
age
8702874
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
E-dqx3qksb4eEfa9AePbMJIpio3Bvr8qTGaPWzk3STCpA0jUp-_12w==
bl-0af0356-8f563b60.js
tagan.adlightning.com/math-aids-threatpost/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40d2015139bec53679695507c35864c4835acd9d796b651ea657cdb7f87a4bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:42:11 GMT
content-encoding
gzip
age
59856
x-cache
Hit from cloudfront
content-length
21287
x-amz-meta-git_commit
0af0356
last-modified
Thu, 16 Dec 2021 21:40:59 GMT
server
AmazonS3
etag
"e832ea89737ca9a521a094e001daca8c"
x-amz-version-id
O_1MoGWzQQbxsQd6XTFTAAx.FmDwnthk
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jqQ1txRLOK6HoxdPHiNlzs5F6myFL6StsBzZhTspBd8efR8wpb6gSQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 		344 KB
345 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 12:38:02 GMT
x-content-type-options
nosniff
age
6104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
352678
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 17 Dec 2022 12:38:02 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:27:14 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
server
Server
age
3152
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
content-length
662
x-amz-cf-id
-VVHk-Z_mqcWFw27lR2d0ZzKekPmNw6FOkGPwhYw7OqMrpxytuJcvw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
22111
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 12:22:52 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
yMqG23HYuJdsd4ocJYYzODlSNAQ_veBKU049W9RUsdOf56MX-DYNxw==
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		256 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 31 May 2021 16:54:38 GMT
server
cloudflare
etag
W/"3ffae-5c3a314b5dcb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdSd%2FS7USHsc%2FCGO8ExQl91xT7cRcvlbQOntQPXJzgXL5KyLETGC%2FgAAjpcecmzSl8Me3zBO3P6oo5jdXn0bYnQKmt7oeUZRYWfR5fWEqaf9jz1894EVhHkPzkwRL8HJ2qmO68ef4o%2FGod%2BXsw01ykUE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
6bf0c9ced2a93244-FRA
expires
Fri, 17 Dec 2021 14:29:46 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 17 Dec 2022 13:49:00 GMT
flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 		236 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-ec"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
236
x-amz-cf-id
R0XDmUx9dlGfKToQGbGwS6UjuZn4DOPL0BKeH2xjQS17TJJ6jaocNQ==
fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:200:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=84c92d97
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 08:40:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
etag
"61bc4ce5-12d68"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
x-amz-cf-id
HCjt9AtQIrZJApqho2NiLH5RMeDDiJac-JbtaUw4e8Y5IE8Hkphaqg==
v1
geo.ipify.org/api/ 		535 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
e439f9030685df6bdc604cdbf87fb562cb34f0b7750d0169e876874a37e7d8d1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
blockedDomains_3.bin
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame EC90 		81 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_3.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be3ba2f86654b73dda7d39ed448c90628092498372215fffe2281e0b587a62dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 13:27:38 GMT
age
5560703
etag
"6a19519ac776603343ae0285e9d02606"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
85
sr
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:45 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1073 / 350 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Dec 2021 14:19:46 GMT
4_media.bin
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/ Frame EC90 		477 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/4_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3330f08fa0e23f0811b726000f1680f97b32755bb770e0b7344bf77453ad2944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:39:12 GMT
age
85840
etag
"f2eb5b7224d929824c15c8860eabe9f0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
296
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EC90 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126523
x-xss-protection
0
expires
Fri, 17 Dec 2021 14:19:46 GMT
1.png
img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
br
age
2536241
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Fri, 17 Dec 2021 14:34:46 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Fri, 17 Dec 2021 14:07:04 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10053
x-request-id
60000440
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4720
date
Fri, 17 Dec 2021 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 17 Dec 2021 15:01:06 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 24 Dec 2021 14:19:46 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100092-IAD, cache-hhn11543-HHN
localstore.js
script.4dex.io/ 		483 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11
content-type
application/javascript
x-amz-request-id
tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2
tx002dec70dafe483ba85bc-0061adedd1
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZmllgAo%2F4Aq%2FQnPR2%2Feg1xL5GnVwZJOdWUyfDb1cDdCOiCjsjCnVgjaWsZfavixFssp8jxEMdSDhlDIIniVijYXUIb4VdT7sU5KsuHjDoDC4NyjRAF7ds3soBDXxf1wpKZhlRVR%2F5BRyGQK"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1638788436623244
cache-control
public, max-age=1800
cf-ray
6bf0c9d07def5c02-FRA
expires
Fri, 17 Dec 2021 14:49:46 GMT
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
149d5f5d6d83d10433f9bf62f3492bd3a3cc304e172adfd5e949865594666f2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Fri, 17 Dec 2021 14:18:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
g
capi.connatix.com/rtb/ Frame EC90 		688 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
90370c759efb343d874c6917b539ffd8003b859225749f8a56877f4a64e9f884

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
494
1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/ 		2 KB
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98d5f6e285ab8f7106a975b2a9cd09623e47618a24f0cdb9f7f6b1aeb4cb28f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
br
age
94656
etag
"Htt1sOOEfM9vaw4gTn1XyJ6udj75ufYD8YUBGrgNHGI"
access-control-max-age
86400
fastly-io-info
ifsz=22024 idim=2560x1440 ifmt=jpeg ofsz=1635 odim=400x225 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
497
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		94 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.17.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7f8d8b005ca10c15d62e0b19966eae08cfd0080ffe564210d6988837ffbd4d42

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
adreq
ads.servenobid.com/ 		548 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=655
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		711 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
c
prebid.a-mo.net/a/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 17 Dec 2021 14:19:46 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://threatpost.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2c4bd411643f1d38b78f5d5d0c5c30dac97d662f63cd567cd4ee6361b0b0bf97

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b6d58fcff751fd3b055b866f41ad9dc780bb13c2f61d9ce2790cd03ec1bddc50

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ee15e52cfca28d1026cc1fd08da6928704aa3f7df72d30be9c61a856ec31dd2f

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
prebid
mp.4dex.io/ 		99 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33a361a1d189643afbb2c6debd0467621b8ac9d4c05236b5f181dad527e7343

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6bf0c9d34a5b42c9-FRA
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
mvo
tag.1rx.io/rmp/216477/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=5.17,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
08e113579b5651d09d016b5b261b17690bbea43abe1d42ba8a37ec34e56bd49d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
742ca235-1d7a-4716-a86b-fc6569e5ef34
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e906d65f0689828181478ec6a0527d25b2170b247663bb05d0f285741dfd2de7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1b85f555-085d-4662-b7e2-01de1839efa4
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
teachingaids-d.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a4180733-c5ba-4c76-ae67-22e18076001f%2Ca4180733-c5ba-4c76-ae67-22e18076001f%2C0b8790d8-c374-467e-9fa0-cc14d1a29eea%2C1b6e90aa-0765-4fb5-993e-5a6c58d451e2%2C1b6e90aa-0765-4fb5-993e-5a6c58d451e2&nocache=1639750786458&id5id=0&pubcid=49db2892-9782-4a88-a09a-cc40217610f8&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
37935087ba925af055dc9c332e085303af2876baa2877cae010429a4b64bbc8d

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225403420ccf03e7e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%22id5id%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22557b8ef3ace0e91%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22561cb05cc8f93fa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2257f63bc3220abfb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3714e6a97fd7968173ef24d24e1c176cacbbe7276c5223eb6b0b07624bb84d74

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.26], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 17 Dec 2021 14:19:47 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		593 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=a4180733-c5ba-4c76-ae67-22e18076001f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4534313928949607
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4f9e9067db223a2220874d64cead1ae240f915d18395e7b50a5bc130768c20b3

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
593
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		591 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=0b8790d8-c374-467e-9fa0-cc14d1a29eea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.48803305985481304
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d627a99d66134fa68f308f7d48b46f8de2424c90d6268d07046208db4816511c

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
591
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		591 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=1b6e90aa-0765-4fb5-993e-5a6c58d451e2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6363863544858881
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fb5afdf593456498cac88a782c52f2df82cfe897e1bce802e17fa98e9d0489e6

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
591
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		591 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=1b6e90aa-0765-4fb5-993e-5a6c58d451e2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9585551225577129
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1eec2c9585a1ed444790088fa19b18d1d41589e99f492ad2bbd3bdae2b8b24b2

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
591
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.17.0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tmax=1200
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-85-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&pid=UtoSgNdAUmJ66&cb=0&ws=1600x1200&v=7.71.1&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
FJ41FBN2FCRVM3SNNKPF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
6mMRMIxBA61M1dKaQIn-yd5UV-Yl0qoKHV6G1w1dCQW7bLlaJEZDSA==
prebid4.43.0-4.js
cds.connatix.com/p/plugins/ Frame E6C4 		381 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
br
last-modified
Thu, 02 Dec 2021 15:13:51 GMT
age
811549
etag
"e0908e656154cdf7c73f3852e04c6ceb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
105742
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&pid=UtoSgNdAUmJ66&cb=1&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
8V7NC95QV8100KH05WB7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
J7XdOnRYUWxYQdW5s2okGOcJ8Z8B5G3IBeh3JTrf8k7ohH_dxxXjqQ==
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
e96ebf0bd2d15e9f70605d2d211ce9adc08d7013d330acdf4e14ee9744a36611
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Fri, 17 Dec 2021 14:18:11 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
961781
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx56f6954d69344d85a3796-0061adeed0
x-amz-id-2
tx56f6954d69344d85a3796-0061adeed0
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BE5psThBl3nc3MqBQtFoP1KBXg1CcgUZ%2BHz9T%2FI%2B6RCWxagt1rhQ8kXWQgyjlc4gWJJVbGb4kuv51tjGWWVpoOad10uDvJwLC2o2grdmILrhrBFC51zvlTPi2qtqiVgdbeEQyAnZ8ps2%2FkQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6bf0c9d3fa6b4e80-FRA
access-control-allow-headers
Authorization
rules-p-_7kVx0t9Jqj90.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:59:55 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
server
AmazonS3
age
1191
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
content-length
2
x-amz-cf-id
FrBr-m4Hp1v1AtjiOJM3OsL4HXj9uqqH0OTjAeO6WpSaAKRN5Wvqfg==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1106044915&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ul=en-us&de=UTF-8&dt=Conti%20Gang%20Suspected%20of%20Ransomware%20Attack%20on%20McMenamins%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1842742333&gjid=1975549107&cid=75327613.1639750787&tid=UA-35676203-21&_gid=1012592165.1639750787&_r=1&gtm=2wgc10PM29HLF&z=544064179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1106044915&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ul=en-us&de=UTF-8&dt=Conti%20Gang%20Suspected%20of%20Ransomware%20Attack%20on%20McMenamins%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=75327613.1639750787&tid=UA-35676203-21&_gid=1012592165.1639750787&gtm=2wgc10PM29HLF&z=1622888211
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 21:46:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59583
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.493.0_en.html
imasdk.googleapis.com/js/core/ Frame 71BC 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198942
date
Wed, 15 Dec 2021 00:48:04 GMT
expires
Thu, 15 Dec 2022 00:48:04 GMT
last-modified
Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
221503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame EC90 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 14:19:47 GMT
bridge3.493.0_en.html
imasdk.googleapis.com/js/core/ Frame 50C1 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198942
date
Wed, 15 Dec 2021 00:48:04 GMT
expires
Thu, 15 Dec 2022 00:48:04 GMT
last-modified
Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
221503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.493.0_en.html
imasdk.googleapis.com/js/core/ Frame E2AE 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198942
date
Wed, 15 Dec 2021 00:48:04 GMT
expires
Thu, 15 Dec 2022 00:48:04 GMT
last-modified
Wed, 15 Dec 2021 00:41:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
221503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
playlist.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame EC90 		309 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/playlist.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:39:12 GMT
age
89463
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
adsct
analytics.twitter.com/i/ 		31 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=799c895f-32ec-4dee-a663-d929319149af&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Fri, 17 Dec 2021 14:19:47 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4c75bdd9f1f6cfc5696159f7c0645c66c6e91656d3c275175967584c1afeba25
x-transaction
ce1b63a9d3b411dd
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=799c895f-32ec-4dee-a663-d929319149af&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Fri, 17 Dec 2021 14:19:47 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5180ec1935a57fbe6dcd52caaf0b446c7099c31d11ff4a97e96b69c2b43b3c72
x-transaction
848ea64f24ca44a5
expires
Tue, 31 Mar 1981 05:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://threatpost.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1407
date
Fri, 17 Dec 2021 14:19:47 GMT
strict-transport-security
max-age=86400; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame E6C4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=XfO30Hxkc0poNmRhUEtraHYzV0U3MXE3ckZvOGJGa0tXQTNXSVJtckptYXlrOVZuMjQzckdZcVp5RFNrQVZ6QnZkd2RCeVNZWm5ZUXJ3ODN6aU15OXhnaHZ3eWJJOE9KYThqS0hVQ25iSzlMamw2anVzRGJLL29lWGxOMH...
364 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XfO30Hxkc0poNmRhUEtraHYzV0U3MXE3ckZvOGJGa0tXQTNXSVJtckptYXlrOVZuMjQzckdZcVp5RFNrQVZ6QnZkd2RCeVNZWm5ZUXJ3ODN6aU15OXhnaHZ3eWJJOE9KYThqS0hVQ25iSzlMamw2anVzRGJLL29lWGxOMHdQOFlvNDA4VXBLZE1FTVhzcGc0NktNbk4xVUdaYkJ0bEVtOFJ5TXdWKzFISHUxa1BaZ0hOL3VXK1Q4L1hKVmswcFpEQmU0MTE3aWRsalRVeWtFdzlEdTA2cXdkaTFDck1jdnNPRStrOGlQZUF3OW4zdWE4PXw&cppv=2
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
077cc1e9ac63192f6ceca7f099d9aea34350d81380016c49e58cefed348e3a07
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2114
strict-transport-security
max-age=86400; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:46 GMT
location
https://mug.criteo.com/sid?cpp=XfO30Hxkc0poNmRhUEtraHYzV0U3MXE3ckZvOGJGa0tXQTNXSVJtckptYXlrOVZuMjQzckdZcVp5RFNrQVZ6QnZkd2RCeVNZWm5ZUXJ3ODN6aU15OXhnaHZ3eWJJOE9KYThqS0hVQ25iSzlMamw2anVzRGJLL29lWGxOMHdQOFlvNDA4VXBLZE1FTVhzcGc0NktNbk4xVUdaYkJ0bEVtOFJ5TXdWKzFISHUxa1BaZ0hOL3VXK1Q4L1hKVmswcFpEQmU0MTE3aWRsalRVeWtFdzlEdTA2cXdkaTFDck1jdnNPRStrOGlQZUF3OW4zdWE4PXw&cppv=2
strict-transport-security
max-age=86400; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1851
content-length
482
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame E6C4 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c2edb80701f722124ba46824eb9c791bed830a8e8a60133c8b1f04879c0659e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d4fe4784-ed67-4c75-8b70-c7d8fc8efe39
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame E6C4 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 17 Dec 2021 14:19:47 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://threatpost.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
mvo
tag.1rx.io/rmp/216476/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame E6C4 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227d9fc673f0a539%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228425068da8ab43%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b11488d61c18f7b501748f1847ceb71e00891e4440232dd7fbd4e0ac04d9c86e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.26], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Fri, 17 Dec 2021 14:19:47 GMT
translator
hbopenbid.pubmatic.com/ Frame E6C4 		14 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
74ef73490a14e909759253e877aa14c359ec37f3f6e9f42f5b16fdec439c337f

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
content-type
application/json
avjp
teachingaids-d.openx.net/v/1.0/ Frame E6C4 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aee83b27-ec72-45f1-9977-3323466ae03f&nocache=1639750786865&gdpr=0&pubcid=a14d33b7-9d62-402b-9fc8-d4485caa830c&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
via
1.1 google
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame E6C4 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame E6C4 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
29f1366d4856fa85d299c62cdfae54f1509fcdfd4bfc270c942ede9aa071cd11
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:47 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0553ea31-620c-41c0-80f7-b08a10d10fb1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame E6C4 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2217d0be3115060fc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218f1c8df58ea3fa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b4526df9fba0ecc0fe6b943c57d50b9243002fc2c7dda8d51387062f520e85e9

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.26], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 17 Dec 2021 14:19:47 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame E6C4 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.225.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-225-48.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
mvo
tag.1rx.io/rmp/233098/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216475/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
avjp
teachingaids-d.openx.net/v/1.0/ Frame E6C4 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4e348787-d6fb-4d05-8f65-ba0aa388e668&nocache=1639750786880&gdpr=0&pubcid=a14d33b7-9d62-402b-9fc8-d4485caa830c&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2Cd2bf0996-7289-4420-b440-2007975e0144%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
via
1.1 google
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/233148/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D490 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:35:57 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 919C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:35:57 GMT
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9B15 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 13:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:35:57 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=75327613.1639750787&jid=1842742333&gjid=1975549107&_gid=1012592165.1639750787&_u=YEBAAEAAAAAAAC~&z=25211443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 17 Dec 2021 14:19:47 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
capi.connatix.com/rtb/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:46 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		289 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3015550468038922&correlator=2896053236489967&output=ldjh&impl=fifs&eid=31063898%2C31060033&vrg=2021120601&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20211217&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin%2Cthreatpost-AdX-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D682137cf98adaef%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D682137cf98adaef%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_adid_oftmedia%3D6944c062a7c5ef5%26hb_bidder_oftmedia%3Doftmedia%26dyn_bids%3D0.00%26hb_adid%3D6944c062a7c5ef5%26hb_bidder%3Doftmedia%7Camznbid%3D2%26amznp%3D2%26hb_adid_oftmedia%3D706315992d02db9%26hb_bidder_oftmedia%3Doftmedia%26dyn_bids%3D0.00%26hb_adid%3D706315992d02db9%26hb_bidder%3Doftmedia%7Camznbid%3D2%26amznp%3D2%7C&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fconti-gang-ransomware-attack-mcmenamins%252F177119%252F%26urlquery%3Dgoogfc%26contentid%3D177119%26category%3Dmalware-2%26contenttags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1639750786&dt=1639750786943&dlt=1639750784251&idt=1737&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1082%2C1082%2C0%2C-9&adys=8%2C166%2C1185%2C8%2C-9&adks=4166723991%2C1414505084%2C1356251026%2C3771495681%2C2643643476&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&msz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&ga_vid=75327613.1639750787&ga_sid=1639750787&ga_hid=1106044915&ga_fc=true&fws=0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
69307d0844af6968c81c8cfb96a834b878ea15c84bd19e0384da6ebebc120e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46291
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E94 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 17 Dec 2021 14:19:47 GMT
expires
Sat, 17 Dec 2022 14:19:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Dec 2021 14:19:47 GMT
0.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame EC90 		606 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdd473c0431add43bf20f434cd1e59c1818aa1d7e0c23a91b44787c949f08988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:39:11 GMT
age
89464
etag
"64e64999c724f134c5fbd7c8f7d512a1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
265
cache
prebid.adnxs.com/pbc/v1/ Frame E6C4 		63 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
4ca206b346fa88d775d7e28ce592bb5c2f979cba1a13d85a1960a7a19cbbedad

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=75327613.1639750787&jid=1842742333&_u=YEBAAEAAAAAAAC~&z=1999635718
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=75327613.1639750787&jid=1842742333&_u=YEBAAEAAAAAAAC~&z=1999635718
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame EC90 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4bf3506350327654efcb2fc00e0fd8b64fa1af8118967d63cf7b5aaa37e052c2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-1361

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
last-modified
Tue, 14 Dec 2021 10:39:11 GMT
age
89462
etag
"58ab306ddc28464438d0b38e336bc90b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/4702372
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
pixel;r=561552783;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F;uht=2;fpan=1;fpa=P0-1237006202-1639750787021;pbc=a14d33b7-...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=561552783;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F;uht=2;fpan=1;fpa=P0-1237006202-1639750787021;pbc=a14d33b7-9d62-402b-9fc8-d4485caa830c;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;us_privacy=1---;ref=;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1639750787021;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2021%2F07%2F30171039%2Fbeer-%2Ctype.article%2Ctitle.Conti%20Gang%20Suspected%20of%20Ransomware%20Attack%20on%20McMenamins%2Cdescription.The%20incident%20occurred%20last%20weekend%20at%20the%20popular%20chain%20of%20restaurants%252C%20hotels%20a%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XfO30Hxkc0poNmRhUEtraHYzV0U3MXE3ckZvOGJGa0tXQTNXSVJtckptYXlrOVZuMjQzckdZcVp5RFNrQVZ6QnZkd2RCeVNZWm5ZUXJ3ODN6aU15OXhnaHZ3eWJJOE9KYThqS0hVQ25iSzlMamw2anVzRGJLL29lWGxOMHdQOFlvNDA4VXBLZE1FTVhzcGc0NktNbk4xVUdaYkJ0bEVtOFJ5TXdWKzFISHUxa1BaZ0hOL3VXK1Q4L1hKVmswcFpEQmU0MTE3aWRsalRVeWtFdzlEdTA2cXdkaTFDck1jdnNPRStrOGlQZUF3OW4zdWE4PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
985
date
Fri, 17 Dec 2021 14:19:47 GMT
strict-transport-security
max-age=86400; preload;
content-encoding
gzip
vary
Accept-Encoding
cache
prebid.adnxs.com/pbc/v1/ Frame E6C4 		63 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
369a23f158a6762065bd75f61790e23b646a53c05528fab1a3678ea0f3e36a1e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame EC90 		657 KB
657 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93ea6bdc20f91cdb51ce1eda01673a28dec8f8a82f10bca53315bbc82b63ff33

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=1362-673656

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
last-modified
Tue, 14 Dec 2021 10:39:11 GMT
age
89462
etag
"58ab306ddc28464438d0b38e336bc90b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-673656/4702372
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
672295
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adc41a9365044e084ca313b5aea0ef41d6b38a19bbc5590e9cecdeee47bba94d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8472
x-xss-protection
0
cache
prebid.adnxs.com/pbc/v1/ Frame EC90 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache?uuid=07520afa-7532-461f-8076-635cab3d91fd
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
6b8b97800e102b949e4dbd0375de94a685a8bf8a7545ef7ce1b7d05b68094377

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
cache
prebid.adnxs.com/pbc/v1/ Frame EC90 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache?uuid=a4012513-94cf-4f3d-b4a2-45d604013024
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
f1a347afb9072e67cbf91952b4a21c8ce3970e4e31601c0d2be9a6cf6f95e225

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:47 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Fri, 17 Dec 2021 14:19:47 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 71BC 		156 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4287901831345770&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=35DDE651-08BF-4072-B0FD-946BEC124B2D&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dt=1639750787346&cookie_enabled=1&scor=2610453009700663&ged=ve4_td3_tt0_pd3_la3000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ab
fra1-ib.adnxs.com/ Frame EC90
Redirect Chain
  • https://fra1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQmDnLxhAAAAABGOWKr6f0OYIhmDnLxhAAAAACC35I6dASgAMMAIOOc3QMyyYUjD6pcCUJ-ZpQhY4dYBYgJERWgBcAF4AIABAogBAZABkAOYAeEBoAEAqAG35I6dAbABAQ..&s=68b4b...
  • https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLoD_BM6AcAAAMA1gAFAQiDufKNBhCOsanV_--QzCIY7PLRkfzUwu...
11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLoD_BM6AcAAAMA1gAFAQiDufKNBhCOsanV_--QzCIY7PLRkfzUwu9_KjYJOmUkMfd_2j8R-1BQJywz1T8ZAAAAQDMzA0Ah-1BQJywz1T8pOmUJJNAxAAAAYLge5T8wn5mlCDjnN0DACEhSULfkjp0BWMuPemAAaOelqQF43tUFgAEBigEDVVNEkgUG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKZCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKBCSZ0PTEmYWlkPTI0OTI4MTY2MTA2OTQ5NDQ5MTAmd3BjPVVTRCZzZmU9MTNmNDFjODMmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xLU5ieGJCQy1wSGI2YlJfLXM2ek5pOS1qUEl5V3B3WEJ2aTFKM0FpN2w5WS4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9UHJlUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUUtBQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjY1JnN2aT03AS8oPTF3aDlvM3QmdnIhlCw0JTJjMTUmcnVybD1lSiglM2ElMmYlMmZ0aC4QAgglMmaaUgMQJTJmMTdhVPRTASUyZiZ0c2lnPURnXzhEQlpwMGR3LTdlS1loT2ZBczFmanpNRGh5ay1WRGdLY2w1bGVoa28uJmM9Q2dkSFpYSnRZVzU1R2dBd0FqZ0NTQUJRQVlBQkFJZ0JBcEFCQUEuLiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTS4mZHVycz1VdkFYdnMmY3JyZWxyPSZhZHB0PWFub3ImaXBsPTE3Mzg2NjU1JmZwYT02ODAmcGNtPTMmZ3JkYz1DQUUuJnZjPTMmc2FpZD04OTg4MjU3OTE3NjY0ODM0OTYwJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1aBnPBJSU1QUkVTU0lPTklEEiQ3OWMwYTY1YS03MWQzLTQyNjgtYWJjZC1hNmU0OGY5NDBjNDiAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHSpObhpbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkFTVDKAAPA8fSZjcmlkPWtpYW9yaWtwJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfR1UEFBBUkFNpXAUfRoTMjQ5PmcFBCoEQfsYOg1vcnRiLRFu8GXAA-CoAcgDANgDttW3AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw3OC40Ny4yMDguMjaoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBLfBr1iIBQGYBQCgBZDrhODEnq3efMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF4dYB-gUECAAQAJAGAZgGALgGAMEGASE0AADwP9AGjdgB2gYWChAJEhkBYBAAGADgBgTyBgIIAIAHAYgHAKAHQKoHBzFptQi6Bw8BU0gYACAAMAA4vQZAAMgH3tUF0gcNFYEBQgjaBwYJJ0TgBwDqBwIIAPAH1P0CiggCEAA.&s=01183f85e7f24357af7b308cd88f709e8e5d1542
Protocol
HTTP/1.1
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c53f2745f35e27e6907825f71b1daa7f120a12bcfa418b2c6a5e35d6498699b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:48 GMT
Content-Encoding
gzip
X-Creative-ID
329495095
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
de709da6-8de6-48b7-9b91-0071dc147744
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/xml; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:47 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4007f433-2e18-4575-97ca-05f07892a62b
Server
nginx/1.17.9
Access-Control-Allow-Origin
https://threatpost.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLoD_BM6AcAAAMA1gAFAQiDufKNBhCOsanV_--QzCIY7PLRkfzUwu9_KjYJOmUkMfd_2j8R-1BQJywz1T8ZAAAAQDMzA0Ah-1BQJywz1T8pOmUJJNAxAAAAYLge5T8wn5mlCDjnN0DACEhSULfkjp0BWMuPemAAaOelqQF43tUFgAEBigEDVVNEkgUG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKZCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKBCSZ0PTEmYWlkPTI0OTI4MTY2MTA2OTQ5NDQ5MTAmd3BjPVVTRCZzZmU9MTNmNDFjODMmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xLU5ieGJCQy1wSGI2YlJfLXM2ek5pOS1qUEl5V3B3WEJ2aTFKM0FpN2w5WS4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9UHJlUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUUtBQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjY1JnN2aT03AS8oPTF3aDlvM3QmdnIhlCw0JTJjMTUmcnVybD1lSiglM2ElMmYlMmZ0aC4QAgglMmaaUgMQJTJmMTdhVPRTASUyZiZ0c2lnPURnXzhEQlpwMGR3LTdlS1loT2ZBczFmanpNRGh5ay1WRGdLY2w1bGVoa28uJmM9Q2dkSFpYSnRZVzU1R2dBd0FqZ0NTQUJRQVlBQkFJZ0JBcEFCQUEuLiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTS4mZHVycz1VdkFYdnMmY3JyZWxyPSZhZHB0PWFub3ImaXBsPTE3Mzg2NjU1JmZwYT02ODAmcGNtPTMmZ3JkYz1DQUUuJnZjPTMmc2FpZD04OTg4MjU3OTE3NjY0ODM0OTYwJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1aBnPBJSU1QUkVTU0lPTklEEiQ3OWMwYTY1YS03MWQzLTQyNjgtYWJjZC1hNmU0OGY5NDBjNDiAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHSpObhpbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkFTVDKAAPA8fSZjcmlkPWtpYW9yaWtwJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfR1UEFBBUkFNpXAUfRoTMjQ5PmcFBCoEQfsYOg1vcnRiLRFu8GXAA-CoAcgDANgDttW3AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw3OC40Ny4yMDguMjaoBACyBBAIARAEGJADIOEBKAIwADgDuAQAwAQAyAQA2gQCCAHgBADwBLfBr1iIBQGYBQCgBZDrhODEnq3efMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF4dYB-gUECAAQAJAGAZgGALgGAMEGASE0AADwP9AGjdgB2gYWChAJEhkBYBAAGADgBgTyBgIIAIAHAYgHAKAHQKoHBzFptQi6Bw8BU0gYACAAMAA4vQZAAMgH3tUF0gcNFYEBQgjaBwYJJ0TgBwDqBwIIAPAH1P0CiggCEAA.&s=01183f85e7f24357af7b308cd88f709e8e5d1542
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3F81 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=6D2041BA-21B7-4482-901B-BBA9DFBE9031&adServerId=243&campaignId=22918&crID=kiaorikp&ucrid=6183026436333780262
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Fri, 17 Dec 2021 14:19:47 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame EC90 		627 KB
627 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc02265d40cae8cae2b19aff7cd029b3d332e58aa8edf932ed76f0e412a5d649

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=673657-1315442

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
last-modified
Tue, 14 Dec 2021 10:39:11 GMT
age
89462
etag
"58ab306ddc28464438d0b38e336bc90b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 673657-1315442/4702372
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
641786
mq
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/mq?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C00C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Fri, 17 Dec 2021 14:11:52 GMT
expires
Sat, 17 Dec 2022 14:11:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ACE3 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2c408c6ec080d754a6b2bb3459dc170017c67233bafce7f01085a0ca658ccd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YuFsqsIlXJyofHBc7rrHkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 17 Dec 2021 14:19:48 GMT
date
Fri, 17 Dec 2021 14:19:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-YuFsqsIlXJyofHBc7rrHkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 94A8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=6D2041BA-21B7-4482-901B-BBA9DFBE9031&adServerId=243&campaignId=22918&crID=kiaorikp&ucrid=6183026436333780262
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=34782
expires
Fri, 17 Dec 2021 23:59:30 GMT
date
Fri, 17 Dec 2021 14:19:48 GMT
vary
Accept-Encoding
/
insight.adsrvr.org/enduser/vast/ Frame 3F81 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?t=1&iid=53d32657-39a8-488d-8162-2946922a2716&crid=kiaorikp&wp=0.474952&aid=1&wpc=USD&sfe=13f41c83&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=19jlI3UvCD-Hcn_fB1o3JlOFzrisK3x_uqNnq5KKtdxI.&bp=0.60891238328346863122&cf=2825436&fq=0&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=135&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=156858&did=&rcxt=Other&lat=49.450000&lon=11.020000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&testid=tv-6553-10vc&vpb=MidRoll&dc=16&vcc=CAEQtAEYtAEyCggCCAUICQgGCAQ6BAgBCAJAAUgBUAKIAQKgAZADqAHhAcgBAdABA-gBA4ACA4oCCAgCCAMIBQgGmgICCAKgAgOoAgGwAgC4AgDAAgA.&sv=pubmatic&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571265&svi=12&cmp=1wh9o3t&vrtd=14,15&rurl=https%3a%2f%2fthreatpost.com%2fconti-gang-ransomware-attack-mcmenamins%2f177119%2f&tsig=RT_gfzbYqBlAdV4WC9D73p7LbJ0qlhhtNm8lYm2MULs.&c=CgdHZXJtYW55GgAwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=pubo&ipl=2446008&fpa=780&pcm=3&grdc=CAE.&vc=3&said=E9B4AD81-2255-4C9A-B6AD-C5E710159432&ict=Unknown&auct=1&im=1&mc=8fd1d245-c4a7-47ff-86ff-7b2d812a5662
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=6D2041BA-21B7-4482-901B-BBA9DFBE9031&adServerId=243&campaignId=22918&crID=kiaorikp&ucrid=6183026436333780262
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
a659dd890b52598ea3ac388e60f5971b92d015782850ac5c12db656b2fc66939

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:48 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=eyJzaXRlSWQiOiJtYXRoLWFpZHMtdGhyZWF0cG9zdCIsInVybCI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS8iLCJhZFVuaXQiOiIvMjI0MDQzMzc0NjcsMjE3MDcxMjQzMzYvdGhyZWF0cG9zdC05NzB4MjUwLUFURl8wIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6IjUwMjQ1NjkzNzQiLCJjYW1wYWlnbklkIjoiMjkxMDkwMjM4NiIsImNyZWF0aXZlSWQiOiIxMzgzNjQ3NTY1MzgiLCJsaW5laXRlbUlkIjoiNTc5NDIxMjYzMCIsImFkU2VydmVyIjoiZGZwIiwieWllbGRHcm91cElkcyI6WzI4NTgzN119LCJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwLCJ3diI6IjEuMC4wKzdiMTIwYTUiLCJidiI6IjEuMC4wKzdiMTIwYTUiLCJ0YWdNYXJrdXAiOiI8aHRtbD48aGVhZD48L2hlYWQ%2BPGJvZHk%2BVG9vIG1hbnkgcmVxdWVzdHM6IDQwLlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvcHViYWRzX2ltcGxfcGFnZV9sZXZlbF9hZHNfMjAyMTEyMDYwMS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3J1bGVzLnF1YW50Y291bnQuY29tL3J1bGVzLXAtXzdrVngwdDlKcWo5MC5qc1wiIGFzeW5jPVwiXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vc2NyaXB0LjRkZXguaW8vbG9jYWxzdG9yZS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3N0YXRpYy5hZHMtdHdpdHRlci5jb20vdXd0LmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vc2VjdXJlLnF1YW50c2VydmUuY29tL3F1YW50LmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZS1hbmFseXRpY3MuY29tL2FuYWx5dGljcy5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nc3RhdGljLmNvbS9yZWNhcHRjaGEvcmVsZWFzZXMvVlpLRURXOXdzbFBiRWM5Um16TXFhT0FQL3JlY2FwdGNoYV9fZGUuanNcIiBjcm9zc29yaWdpbj1cImFub255bW91c1wiIGludGVncml0eT1cInNoYTM4NC16ZWhNV2ZBWDA1WWg3T0l4NEtmZU1VYnRFSGsvKzBmc3hRUFRub2V6dlpLckhCelV1a1FWK1ducTVSbjRGTEI4XCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3d3LmdzdGF0aWMuY29tL3JlY2FwdGNoYS9yZWxlYXNlcy9WWktFRFc5d3NsUGJFYzlSbXpNcWFPQVAvcmVjYXB0Y2hhX19lbi5qc1wiIGNyb3Nzb3JpZ2luPVwiYW5vbnltb3VzXCIgaW50ZWdyaXR5PVwic2hhMzg0LXd5dkVWU3JBeG85OE1KR0UwUHVSMnJpNms1cXVycXhBMi9hKzJSZGoyekkxWEhKSFNHTHNvUlM1QURvenVzQU1cIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3QvYmwtMGFmMDM1Ni04ZjU2M2I2MC5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBkZWZlcj1cIlwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9iLTdiMTIwYTUtOWI4NzFkNGUuanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgZGVmZXI9XCJcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD1HVE0tUE0yOUhMRlwiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8va2FzcGVyc2t5Y29udGVudGh1Yi5jb20vP2RtPWVkMWY5ZTQzNWRjODg1MjkyZWFiNjU2MjBjNTFmM2ZiJmFtcDthY3Rpb249bG9hZCZhbXA7YmxvZ2lkPTEwMyZhbXA7c2l0ZWlkPTEmYW1wO3Q9MTIzMTQ0MDgwMyZhbXA7YmFjaz1odHRwcyUzQSUyRiUyRnRocmVhdHBvc3QuY29tJTJGY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zJTJGMTc3MTE5JTJGXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiLy9jLmFtYXpvbi1hZHN5c3RlbS5jb20vYWF4Mi9hcHN0YWcuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG52YXIgZ0FNUF91cmxob3N0ID0gICdodHRwczovL3RocmVhdHBvc3QuY29tLyc7XG52YXIgZ0FNUF91cmxwYXRoID0gICcvY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS8nO1xudmFyIGdBTVBfdXJscXVlcnkgPSAgJ2dvb2dmYyc7XG52YXIgZ0FNUF9jb250ZW50aWQgPSAgJzE3NzExOSc7XG52YXIgZ0FNUF9jYXRlZ29yeSA9ICAnbWFsd2FyZS0yJztcbnZhciBnQU1QX2NvbnRlbnR0YWdzID0gICcnO1xuPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3Qvb3AuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCIvL3d3dy5nb29nbGV0YWdzZXJ2aWNlcy5jb20vdGFnL2pzL2dwdC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3FkLmFkbWV0cmljc3Byby5jb20vanMvdGhyZWF0cG9zdC9yb3MtbGF5b3V0LmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9xZC5hZG1ldHJpY3Nwcm8uY29tL2pzL3RocmVhdHBvc3QvY21wLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9xZC5hZG1ldHJpY3Nwcm8uY29tL2pzL3RocmVhdHBvc3QvdXNwY21wLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9xZC5hZG1ldHJpY3Nwcm8uY29tL2pzL3RocmVhdHBvc3QvdGFyZ2V0aW5nLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9xZC5hZG1ldHJpY3Nwcm8uY29tL2pzL3RocmVhdHBvc3QvcHJlYmlkLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L2VuZ2luZS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiFmdW5jdGlvbihuKXtpZighd2luZG93LmNueCl7d2luZG93LmNueD17fSx3aW5kb3cuY254LmNtZD1bXTt2YXIgdD1uLmNyZWF0ZUVsZW1lbnQoJ2lmcmFtZScpO3QuZGlzcGxheT0nbm9uZScsdC5vbmxvYWQ9ZnVuY3Rpb24oKXt2YXIgbj10LmNvbnRlbnRXaW5kb3cuZG9jdW1lbnQsYz1uLmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpO2Muc3JjPScvL2NkLmNvbm5hdGl4LmNvbS9jb25uYXRpeC5wbGF5ZXIuanMnLGMuc2V0QXR0cmlidXRlKCdhc3luYycsJzEnKSxjLnNldEF0dHJpYnV0ZSgndHlwZScsJ3RleHQvamF2YXNjcmlwdCcpLG4uYm9keS5hcHBlbmRDaGlsZChjKX0sbi5oZWFkLmFwcGVuZENoaWxkKHQpfX0oZG9jdW1lbnQpO1xuPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJhcHBsaWNhdGlvbi9sZCtqc29uXCI%2Be1wiQGNvbnRleHRcIjpcImh0dHBzOi8vc2NoZW1hLm9yZ1wiLFwiQHR5cGVcIjpcIkJyZWFkY3J1bWJMaXN0XCIsXCJpdGVtTGlzdEVsZW1lbnRcIjpbe1wiQHR5cGVcIjpcIkxpc3RJdGVtXCIsXCJwb3NpdGlvblwiOjEsXCJpdGVtXCI6e1wiQGlkXCI6XCJodHRwczovL3RocmVhdHBvc3QuY29tL1wiLFwibmFtZVwiOlwiVGhyZWF0cG9zdFwifX0se1wiQHR5cGVcIjpcIkxpc3RJdGVtXCIsXCJwb3NpdGlvblwiOjIsXCJpdGVtXCI6e1wiQGlkXCI6XCJodHRwczovL3RocmVhdHBvc3QuY29tL2NhdGVnb3J5L3dlYi1zZWN1cml0eS9cIixcIm5hbWVcIjpcIldlYiBTZWN1cml0eVwifX0se1wiQHR5cGVcIjpcIkxpc3RJdGVtXCIsXCJwb3NpdGlvblwiOjMsXCJpdGVtXCI6e1wiQGlkXCI6XCJodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkvXCIsXCJuYW1lXCI6XCJDb250aSBHYW5nIFN1c3BlY3RlZCBvZiBSYW5zb213YXJlIEF0dGFjayBvbiBNY01lbmFtaW5zXCJ9fV19PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJhcHBsaWNhdGlvbi9sZCtqc29uXCI%2Be1wiQGNvbnRleHRcIjpcImh0dHBzOi8vc2NoZW1hLm9yZ1wiLFwiQHR5cGVcIjpcIk5ld3NBcnRpY2xlXCIsXCJtYWluRW50aXR5T2ZQYWdlXCI6e1wiQHR5cGVcIjpcIldlYlBhZ2VcIixcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9jb250aS1nYW5nLXJhbnNvbXdhcmUtYXR0YWNrLW1jbWVuYW1pbnMvMTc3MTE5L1wifSxcImhlYWRsaW5lXCI6XCJDb250aSBHYW5nIFN1c3BlY3RlZCBvZiBSYW5zb213YXJlIEF0dGFjayBvbiBNY01lbmFtaW5zXCIsXCJpbWFnZVwiOlwiaHR0cHM6Ly9tZWRpYS50aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3VwbG9hZHMvc2l0ZXMvMTAzLzIwMjEvMDcvMzAxNzEwMzkvYmVlci0yMS5qcGdcIixcImRhdGVQdWJsaXNoZWRcIjpcIjIwMjEtMTItMTdUMTM6NTc6MDIrMDA6MDBcIixcImRhdGVNb2RpZmllZFwiOlwiMjAyMS0xMi0xN1QxMzo1NzowMiswMDowMFwiLFwiYXV0aG9yXCI6e1wiQHR5cGVcIjpcIlBlcnNvblwiLFwibmFtZVwiOlwiRWxpemFiZXRoIE1vbnRhbGJhbm9cIn0sXCJwdWJsaXNoZXJcIjp7XCJAdHlwZVwiOlwiT3JnYW5pemF0aW9uXCIsXCJuYW1lXCI6XCJUaHJlYXRwb3N0XCIsXCJsb2dvXCI6e1wiQHR5cGVcIjpcIkltYWdlT2JqZWN0XCIsXCJ1cmxcIjpcImh0dHBzOi8vbWVkaWEudGhyZWF0cG9zdC5jb20vd3AtY29udGVudC91cGxvYWRzL3NpdGVzLzEwMy8yMDE4LzEyLzA0MTIxNTE5L2FtcF9sb2dvLnBuZ1wiLFwid2lkdGhcIjo2MCxcImhlaWdodFwiOjYwfX0sXCJkZXNjcmlwdGlvblwiOlwiVGhlIGluY2lkZW50IG9jY3VycmVkIGxhc3Qgd2Vla2VuZCBhdCB0aGUgcG9wdWxhciBjaGFpbiBvZiByZXN0YXVyYW50cywgaG90ZWxzIGFuZCBicmV3ZXJpZXMsIHdoaWNoIGlzIHN0aWxsIGZhY2luZyBkaXNydXB0aW9ucy5cIn08L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cImh0dHBzOi8vdGhyZWF0cG9zdC5jb20vd3AtY29udGVudC9wbHVnaW5zL2thc3BlcnNreS1lbmFibGUtanF1ZXJ5LW1pZ3JhdGUtaGVscGVyL2pzL2pxdWVyeS9qcXVlcnktMS4xMi40LXdwLmpzP3Zlcj0xLjEyLjQtd3BcIiBpZD1cImpxdWVyeS1jb3JlLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cIm5vdGlmaWNhdGlvbl9zdHJpbmdzLWpzLWV4dHJhXCI%2BXG4vKiA8IVtDREFUQVsgKi9cbnZhciBnZHByRHluYW1pY1N0cmluZ3MgPSB7XCJub3RpZmljYXRpb25fdGV4dFwiOlwiV2UgdXNlIGNvb2tpZXMgdG8gbWFrZSB5b3VyIGV4cGVyaWVuY2Ugb2Ygb3VyIHdlYnNpdGVzIGJldHRlci4gQnkgdXNpbmcgYW5kIGZ1cnRoZXIgbmF2aWdhdGluZyB0aGlzIHdlYnNpdGUgeW91IGFjY2VwdCB0aGlzLiBEZXRhaWxlZCBpbmZvcm1hdGlvbiBhYm91dCB0aGUgdXNlIG9mIGNvb2tpZXMgb24gdGhpcyB3ZWJzaXRlIGlzIGF2YWlsYWJsZSBieSBjbGlja2luZyBvbiA8YSBocmVmPVxcXCJodHRwczpcXC9cXC90aHJlYXRwb3N0LmNvbVxcL3dlYi1wcml2YWN5LXBvbGljeVxcL1xcXCIgdGFyZ2V0PVxcXCJfYmxhbmtcXFwiPm1vcmUgaW5mb3JtYXRpb248XFwvYT4uXCIsXCJidXR0b25fdGV4dFwiOlwiQUNDRVBUIEFORCBDTE9TRVwifTtcbi&i=1-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
CP9VD8KADTri8gJlsKN9vXeH7EFugjGepuynWvhgQyOm0ZAV2fqKgA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=8qIF1dPiAqL1xuPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cImtzc19qcy1qcy1leHRyYVwiPlxuLyogPCFbQ0RBVEFbICovXG52YXIga3NzID0ge1widHdpdHRlcl9hY2NvdW50XCI6XCJ0aHJlYXRwb3N0XCJ9O1xuLyogXV0%2BICovXG48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LWNvb2tpZXMtbm90aWZpY2F0aW9uL3NjcmlwdHMvYWxlcnRfdGV4dC5qcyx3cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LWNvb2tpZXMtbm90aWZpY2F0aW9uL3NjcmlwdHMvYWxlcnQuanMsd3AtY29udGVudC9wbHVnaW5zL2hvbmV5cG90LWNvbW1lbnRzL3B1YmxpYy9hc3NldHMvanMvcHVibGljLmpzLHdwLWNvbnRlbnQvcGx1Z2lucy9rc3ByX3R3aXR0ZXJfcHVsbHF1b3RlL2pzL2thc3BlcnNreS10d2l0dGVyLXB1bGxxdW90ZS5qcyx3cC1jb250ZW50L3RoZW1lcy90aHJlYXRwb3N0LTIwMTgvYXNzZXRzL2pzL2xvYWRtb3JlLmpzLHdwLWNvbnRlbnQvcGx1Z2lucy9rYXNwZXJza3ktc29jaWFsLXNoYXJpbmcvYXNzZXRzL2pzL3NvY2lhbC1zaGFyZS5qcyZhbXA7dmVyPTg0YzkyZDk3XCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5cbnZhciBzTmV3ID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudChcInNjcmlwdFwiKTtcbnNOZXcuYXN5bmMgPSB0cnVlO1xuc05ldy5zcmMgPSBcImh0dHBzOi8va2FzcGVyc2t5Y29udGVudGh1Yi5jb20vP2RtPWVkMWY5ZTQzNWRjODg1MjkyZWFiNjU2MjBjNTFmM2ZiJmFjdGlvbj1sb2FkJmJsb2dpZD0xMDMmc2l0ZWlkPTEmdD0xMjMxNDQwODAzJmJhY2s9aHR0cHMlM0ElMkYlMkZ0aHJlYXRwb3N0LmNvbSUyRmNvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucyUyRjE3NzExOSUyRlwiXG52YXIgczAgPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnc2NyaXB0JylbMF07XG5zMC5wYXJlbnROb2RlLmluc2VydEJlZm9yZShzTmV3LCBzMCk7XG48L3NjcmlwdD5cbjxzY3JpcHQ%2BKGZ1bmN0aW9uKHcsZCxzLGwsaSl7d1tsXT13W2xdfHxbXTt3W2xdLnB1c2goeydndG0uc3RhcnQnOlxubmV3IERhdGUoKS5nZXRUaW1lKCksZXZlbnQ6J2d0bS5qcyd9KTt2YXIgZj1kLmdldEVsZW1lbnRzQnlUYWdOYW1lKHMpWzBdLFxuaj1kLmNyZWF0ZUVsZW1lbnQocyksZGw9bCE9J2RhdGFMYXllcic%2FJyZsPScrbDonJztqLmFzeW5jPXRydWU7ai5zcmM9XG4naHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RtLmpzP2lkPScraStkbDtmLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKGosZik7XG59KSh3aW5kb3csZG9jdW1lbnQsJ3NjcmlwdCcsJ2RhdGFMYXllcicsJ0dUTS1QTTI5SExGJyk7PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5cbiAgICAgICAgICAgIHZhciBqUXVlcnlNaWdyYXRlSGVscGVySGFzU2VudERvd25ncmFkZSA9IGZhbHNlO1xuXG5cdFx0XHR3aW5kb3cub25lcnJvciA9IGZ1bmN0aW9uKCBtc2csIHVybCwgbGluZSwgY29sLCBlcnJvciApIHtcblx0XHRcdFx0Ly8gQnJlYWsgb3V0IGVhcmx5LCBkbyBub3QgcHJvY2Vzc2luZyBpZiBhIGRvd25ncmFkZSByZXFldXN0IHdhcyBhbHJlYWR5IHNlbnQuXG5cdFx0XHRcdGlmICggalF1ZXJ5TWlncmF0ZUhlbHBlckhhc1NlbnREb3duZ3JhZGUgKSB7XG5cdFx0XHRcdFx0cmV0dXJuIHRydWU7XG4gICAgICAgICAgICAgICAgfVxuXG5cdFx0XHRcdHZhciB4aHIgPSBuZXcgWE1MSHR0cFJlcXVlc3QoKTtcblx0XHRcdFx0dmFyIG5vbmNlID0gJ2I2YWUyMDlhODQnO1xuXHRcdFx0XHR2YXIgalF1ZXJ5RnVuY3Rpb25zID0gW1xuXHRcdFx0XHRcdCdhbmRTZWxmJyxcblx0XHRcdFx0XHQnYnJvd3NlcicsXG5cdFx0XHRcdFx0J2xpdmUnLFxuXHRcdFx0XHRcdCdib3hNb2RlbCcsXG5cdFx0XHRcdFx0J3N1cHBvcnQuYm94TW9kZWwnLFxuXHRcdFx0XHRcdCdzaXplJyxcblx0XHRcdFx0XHQnc3dhcCcsXG5cdFx0XHRcdFx0J2NsZWFuJyxcblx0XHRcdFx0XHQnc3ViJyxcbiAgICAgICAgICAgICAgICBdO1xuXHRcdFx0XHR2YXIgbWF0Y2hfcGF0dGVybiA9IC9cXClcXC4oLis%2FKSBpcyBub3QgYSBmdW5jdGlvbi87XG4gICAgICAgICAgICAgICAgdmFyIGVycm9yZWRGdW5jdGlvbiA9IG1zZy5tYXRjaCggbWF0Y2hfcGF0dGVybiApO1xuXG4gICAgICAgICAgICAgICAgLy8gSWYgdGhlcmUgd2FzIG5vIG1hdGNoaW5nIGZ1bmN0aW9ucywgZG8gbm90IHRyeSB0byBkb3duZ3JhZGUuXG4gICAgICAgICAgICAgICAgaWYgKCB0eXBlb2YgZXJyb3JlZEZ1bmN0aW9uICE9PSAnb2JqZWN0JyB8fCB0eXBlb2YgZXJyb3JlZEZ1bmN0aW9uWzFdID09PSBcInVuZGVmaW5lZFwiIHx8IC0xID09PSBqUXVlcnlGdW5jdGlvbnMuaW5kZXhPZiggZXJyb3JlZEZ1bmN0aW9uWzFdICkgKSB7XG4gICAgICAgICAgICAgICAgICAgIHJldHVybiB0cnVlO1xuICAgICAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgICAgIC8vIFNldCB0aGF0IHdlJ3ZlIG5vdyBhdHRlbXB0ZWQgYSBkb3duZ3JhZGUgcmVxdWVzdC5cbiAgICAgICAgICAgICAgICBqUXVlcnlNaWdyYXRlSGVscGVySGFzU2VudERvd25ncmFkZSA9IHRydWU7XG5cblx0XHRcdFx0eGhyLm9wZW4oICdQT1NUJywgJ2h0dHBzOi8vdGhyZWF0cG9zdC5jb20vd3AtYWRtaW4vYWRtaW4tYWpheC5waHAnICk7XG5cdFx0XHRcdHhoci5zZXRSZXF1ZXN0SGVhZGVyKCAnQ29udGVudC1UeXBlJywgJ2FwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZCcgKTtcblx0XHRcdFx0eGhyLm9ubG9hZCA9IGZ1bmN0aW9uICgpIHtcblx0XHRcdFx0XHR2YXIgcmVzcG9uc2UsXG4gICAgICAgICAgICAgICAgICAgICAgICByZWxvYWQgPSBmYWxzZTtcblxuXHRcdFx0XHRcdGlmICggMjAwID09PSB4aHIuc3RhdHVzICkge1xuICAgICAgICAgICAgICAgICAgICAgICAgdHJ5IHtcbiAgICAgICAgICAgICAgICAgICAgICAgIFx0cmVzcG9uc2UgPSBKU09OLnBhcnNlKCB4aHIucmVzcG9uc2UgKTtcblxuICAgICAgICAgICAgICAgICAgICAgICAgXHRyZWxvYWQgPSByZXNwb25zZS5kYXRhLnJlbG9hZDtcbiAgICAgICAgICAgICAgICAgICAgICAgIH0gY2F0Y2ggKCBlICkge1xuICAgICAgICAgICAgICAgICAgICAgICAgXHRyZWxvYWQgPSBmYWxzZTtcbiAgICAgICAgICAgICAgICAgICAgICAgIH1cbiAgICAgICAgICAgICAgICAgICAgfVxuXG5cdFx0XHRcdFx0Ly8gQXV0b21hdGljYWxseSByZWxvYWQgdGhlIHBhZ2UgaWYgYSBkZXByZWNhdGlvbiBjYXVzZWQgYW4gYXV0b21hdGljIGRvd25ncmFkZSwgZW5zdXJlIHZpc2l0b3JzIGdldCB0aGUgYmVzdCBwb3NzaWJsZSBleHBlcmllbmNlLlxuXHRcdFx0XHRcdGlmICggcmVsb2FkICkge1xuXHRcdFx0XHRcdFx0bG9jYXRpb24ucmVsb2FkKCk7XG4gICAgICAgICAgICAgICAgICAgIH1cblx0XHRcdFx0fTtcblxuXHRcdFx0XHR4aHIuc2VuZCggZW5jb2RlVVJJKCAnYWN0aW9uPWpxdWVyeS1taWdyYXRlLWRvd25ncmFkZS12ZXJzaW9uJl93cG5vbmNlPScgKyBub25jZSApICk7XG5cblx0XHRcdFx0Ly8gU3VwcHJlc3MgZXJyb3IgYWxlcnRzIGluIG9sZGVyIGJyb3dzZXJzXG5cdFx0XHRcdHJldHVybiB0cnVlO1xuXHRcdFx0fVxuICAgICAgICA8L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsXzIwMjExMjA2MDEuanNcIiBhc3luYz1cIlwiPjwvc2NyaXB0PlxuPHNjcmlwdD4oZnVuY3Rpb24oKSB7XG4gICAgICAgICAgICBcInVzZSBzdHJpY3RcIjtcbiAgICAgICAgICAgIHRyeSB7XG4gICAgICAgICAgICAgICAgY29uc3QgcGxheWVyQXBpID0gd2luZG93LnBsYXllcl9pbnN0YW5jZV9hYTg4YjQyODYwNDg0ZmVkYTA4YWM1Y2ZiZDRmM2MyZjtcbi8vZGVza3RvcCBjbG9zZSBidXR0b24gZm9sbG93c1xucGxheWVyQXBpLm9uKGNueC5jb25maWdFdmVudHMuQWRJbXByZXNzaW9uLCBmdW5jdGlvbigpIHtcbiAgY29uc29sZS5sb2coXCJDTlgtYWQtaW1wXCIpXG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLXZpZGVvXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleCFpbXBvcnRhbnRcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtbG9nby1iYXJcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpub25lXCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLWJ1dHRvbnNcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpub25lXCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLXByb2dyZXNzXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC12b2x1bWUtY29udGFpbmVyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS12aWRlb1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czpub25lXCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWNsb3NlLWJ1dHRvblwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czphdXRvIWltcG9ydGFudFwiO1xufVxuICAgICAgICAgICAgKTtcbnBsYXllckFwaS5vbihjbnguY29uZmlnRXZlbnRzLkFkU2tpcHBlZCwgZnVuY3Rpb24oKSB7XG4gIGNvbnNvbGUubG9nKFwiQ05YLWFkLXNraXBcIilcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtbG9nby1iYXJcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLWJ1dHRvbnNcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLXByb2dyZXNzXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC12b2x1bWUtY29udGFpbmVyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS12aWRlb1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czphdXRvXCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWNsb3NlLWJ1dHRvblwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czppbmhlcml0XCI7XG59XG4gICAgICAgICAgICApO1xucGxheWVyQXBpLm9uKGNueC5jb25maWdFdmVudHMuQWRDb21wbGV0ZWQxMDAsIGZ1bmN0aW9uKCkge1xuICBjb25zb2xlLmxvZyhcIkNOWC1hZC1jb21wbGV0ZVwiKVxuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC1sb2dvLWJhclwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXhcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdWktYnV0dG9uc1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXhcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdWktcHJvZ3Jlc3NcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVu&i=2-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
Mc18moNOirHUHRsZDKhiJBgT8a0GlYXxGHLYYRxcUD5witme0DXsqg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=dC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXZvbHVtZS1jb250YWluZXJcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLXZpZGVvXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcInBvaW50ZXItZXZlbnRzOmF1dG9cIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtY2xvc2UtYnV0dG9uXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcInBvaW50ZXItZXZlbnRzOmluaGVyaXRcIjtcbn1cbiAgICAgICAgICAgICk7XG5cbiAgICAgICAgICAgIH1jYXRjaChlKXtcbiAgICAgICAgICAgICAgICBjb25zb2xlLndhcm4oJy0tLUNueEN1c3RvbUFwaUVycm9yLS0tJyk7XG4gICAgICAgICAgICAgICAgY29uc29sZS53YXJuKGUubWVzc2FnZSk7XG4gICAgICAgICAgICB9XG4gICAgICAgICAgfSkoKTwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC90YWcvanMvZ3B0LmpzXCIgYXN5bmM9XCJcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0PiFmdW5jdGlvbigpe2Z1bmN0aW9uIG4obil7d2luZG93W1wiY254XCIrbl18fCh3aW5kb3dbXCJjbnhcIituXT13aW5kb3dbbl0sd2luZG93W25dPWZ1bmN0aW9uKGUpe3ZhciB0PVwiXCI7dHJ5e2UmJih0PWZ1bmN0aW9uIG4oZSx0KXt0cnl7aWYoIWUpcmV0dXJuXCJcIjtpZihlLmNueElubmVyVGFnKXJldHVybiBlLmNueElubmVyVGFnO2lmKHQ8Mil7dmFyIHI9dCsxO3JldHVybiBuKGUuY2FsbGVyLHIpfX1jYXRjaChuKXtyZXR1cm5cIlwifXJldHVyblwiXCJ9KGUpKX1jYXRjaChuKXt9dmFyIHI9d2luZG93W1wiY254XCIrbl0uYXBwbHkobnVsbCxhcmd1bWVudHMpO2lmKHQpe3ZhciBpPXdpbmRvdy5jbnhFbmZTdG9yYWdlO2lbbl1bdF09aVtuXVt0XXx8W10saVtuXVt0XS5wdXNoKHIpfXJldHVybiByfSl9d2luZG93LmNueEVuZlN0b3JhZ2U9e3NldFRpbWVvdXQ6e30sc2V0SW50ZXJ2YWw6e30sZXZlbnRMaXN0ZW5lcnM6e30sZXJyb3JzOltdfTt2YXIgZT13aW5kb3cubG9jYXRpb24uaG9zdG5hbWUuc3BsaXQoXCIuXCIpLHQ9d2luZG93LmJ0b2EoZVtlLmxlbmd0aC0yXStcIi5cIitlW2UubGVuZ3RoLTFdKTstMT09PVtcImRHMTZMbU52YlE9PVwiLFwiWW1sc2JHSnZZWEprTG1OdmJRPT1cIixcImFHOXNiSGwzYjI5a2NtVndiM0owWlhJdVkyOXRcIixcImRtbGlaUzVqYjIwPVwiLFwiYUc5eWIzTmpiM0JsTG1OdmJRPT1cIixcIllYTjBjbTlzYjJkNUxtTnZiUT09XCIsXCJZV2h2Y21GdGFYTnRieTVqYjIwPVwiXS5pbmRleE9mKHQpJiYoIWZ1bmN0aW9uKCl7Y29uc3Qgbj13aW5kb3cuRXZlbnRUYXJnZXQ%2Fd2luZG93LkV2ZW50VGFyZ2V0LnByb3RvdHlwZTp3aW5kb3cuZG9jdW1lbnQ7bi5jbnhBZGRFdmVudExpc3RlbmVyfHwobi5jbnhBZGRFdmVudExpc3RlbmVyPW4uYWRkRXZlbnRMaXN0ZW5lcixuLmFkZEV2ZW50TGlzdGVuZXI9ZnVuY3Rpb24obixlLHQpe3ZhciByPXRoaXN8fHdpbmRvdztpZihlJiZlLmNueElubmVyVGFnKXt2YXIgaT13aW5kb3cuY254RW5mU3RvcmFnZTtpLmV2ZW50TGlzdGVuZXJzW2UuY254SW5uZXJUYWddPWkuZXZlbnRMaXN0ZW5lcnNbZS5jbnhJbm5lclRhZ118fFtdLGkuZXZlbnRMaXN0ZW5lcnNbZS5jbnhJbm5lclRhZ10ucHVzaCh7ZWxlbWVudDpyLHR5cGU6bixoYW5kbGVyOmUsb3B0aW9uczp0fSl9dHJ5e3IuY254QWRkRXZlbnRMaXN0ZW5lcihuLGUsdCl9Y2F0Y2gobil7bi5tZXNzYWdlPVwiYWRsc3RuX1wiK24ubWVzc2FnZSxpLmVycm9ycy5wdXNoKG4pfX0pfSgpLG4oXCJzZXRUaW1lb3V0XCIpLG4oXCJzZXRJbnRlcnZhbFwiKSl9KCk7PC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cIi8vc2VjdXJlLmNkbi5mYXN0Y2xpY2submV0L2pzL3B1YmNpZC9sYXRlc3QvcHViY2lkLm1pbi5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2Nkbi5pZDUtc3luYy5jb20vYXBpLzEuMC9pZDUtYXBpLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0PlxuICAgIHdpbmRvdy5jbnhQcm94eVRhc2sgPSBmdW5jdGlvbih0YXNrKSB7XG4gICAgICAgIHNldFRpbWVvdXQoZnVuY3Rpb24oKXtcbiAgICAgICAgICAgIHRhc2soKTtcbiAgICAgICAgfSwgMCk7XG4gICAgfVxuPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL2Fkc2VydmljZS5nb29nbGUuZGUvYWRzaWQvaW50ZWdyYXRvci5qcz9kb21haW49dGhyZWF0cG9zdC5jb21cIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cImh0dHBzOi8vYWRzZXJ2aWNlLmdvb2dsZS5jb20vYWRzaWQvaW50ZWdyYXRvci5qcz9kb21haW49dGhyZWF0cG9zdC5jb21cIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG5cdFx0XHRnb29nbGV0YWcuY21kLnB1c2goZnVuY3Rpb24oKSB7IGdvb2dsZXRhZy5kaXNwbGF5KCdkaXYtZ3B0LWFkLTY3OTQ2NzAtMScpOyB9KTtcblx0XHQ8L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPmpRdWVyeShkb2N1bWVudCkucmVhZHkoZnVuY3Rpb24oJCl7Z2Zvcm1Jbml0U3Bpbm5lciggNSwgJ2h0dHBzOi8vdGhyZWF0cG9zdC5jb20vd3AtY29udGVudC90aGVtZXMvdGhyZWF0cG9zdC0yMDE4L2Fzc2V0cy9pbWFnZXMvbG9hZGVyLnN2ZycgKTtqUXVlcnkoJyNnZm9ybV9hamF4X2ZyYW1lXzUnKS5vbignbG9hZCcsZnVuY3Rpb24oKXt2YXIgY29udGVudHMgPSBqUXVlcnkodGhpcykuY29udGVudHMoKS5maW5kKCcqJykuaHRtbCgpO3ZhciBpc19wb3N0YmFjayA9IGNvbnRlbnRzLmluZGV4T2YoJ0dGX0FKQVhfUE9TVEJBQ0snKSA%2BPSAwO2lmKCFpc19wb3N0YmFjayl7cmV0dXJuO312YXIgZm9ybV9jb250ZW50ID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnI2dmb3JtX3dyYXBwZXJfNScpO3ZhciBpc19jb25maXJtYXRpb24gPSBqUXVlcnkodGhpcykuY29udGVudHMoKS5maW5kKCcjZ2Zvcm1fY29uZmlybWF0aW9uX3dyYXBwZXJfNScpLmxlbmd0aCA%2BIDA7dmFyIGlzX3JlZGlyZWN0ID0gY29udGVudHMuaW5kZXhPZignZ2Zvcm1SZWRpcmVjdCgpeycpID49IDA7dmFyIGlzX2Zvcm0gPSBmb3JtX2NvbnRlbnQubGVuZ3RoID4gMCAmJiAhIGlzX3JlZGlyZWN0ICYmICEgaXNfY29uZmlybWF0aW9uO3ZhciBtdCA9IHBhcnNlSW50KGpRdWVyeSgnaHRtbCcpLmNzcygnbWFyZ2luLXRvcCcpLCAxMCkgKyBwYXJzZUludChqUXVlcnkoJ2JvZHknKS5jc3MoJ21hcmdpbi10b3AnKSwgMTApICsgMTAwO2lmKGlzX2Zvcm0pe2pRdWVyeSgnI2dmb3JtX3dyYXBwZXJfNScpLmh0bWwoZm9ybV9jb250ZW50Lmh0bWwoKSk7aWYoZm9ybV9jb250ZW50Lmhhc0NsYXNzKCdnZm9ybV92YWxpZGF0aW9uX2Vycm9yJykpe2pRdWVyeSgnI2dmb3JtX3dyYXBwZXJfNScpLmFkZENsYXNzKCdnZm9ybV92YWxpZGF0aW9uX2Vycm9yJyk7fSBlbHNlIHtqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5yZW1vdmVDbGFzcygnZ2Zvcm1fdmFsaWRhdGlvbl9lcnJvcicpO31zZXRUaW1lb3V0KCBmdW5jdGlvbigpIHsgLyogZGVsYXkgdGhlIHNjcm9sbCBieSA1MCBtaWxsaXNlY29uZHMgdG8gZml4IGEgYnVnIGluIGNocm9tZSAqLyBqUXVlcnkoZG9jdW1lbnQpLnNjcm9sbFRvcChqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5vZmZzZXQoKS50b3AgLSBtdCk7IH0sIDUwICk7aWYod2luZG93WydnZm9ybUluaXREYXRlcGlja2VyJ10pIHtnZm9ybUluaXREYXRlcGlja2VyKCk7fWlmKHdpbmRvd1snZ2Zvcm1Jbml0UHJpY2VGaWVsZHMnXSkge2dmb3JtSW5pdFByaWNlRmllbGRzKCk7fXZhciBjdXJyZW50X3BhZ2UgPSBqUXVlcnkoJyNnZm9ybV9zb3VyY2VfcGFnZV9udW1iZXJfNScpLnZhbCgpO2dmb3JtSW5pdFNwaW5uZXIoIDUsICdodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvdGhlbWVzL3RocmVhdHBvc3QtMjAxOC9hc3NldHMvaW1hZ2VzL2xvYWRlci5zdmcnICk7alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9wYWdlX2xvYWRlZCcsIFs1LCBjdXJyZW50X3BhZ2VdKTt3aW5kb3dbJ2dmX3N1Ym1pdHRpbmdfNSddID0gZmFsc2U7fWVsc2UgaWYoIWlzX3JlZGlyZWN0KXt2YXIgY29uZmlybWF0aW9uX2NvbnRlbnQgPSBqUXVlcnkodGhpcykuY29udGVudHMoKS5maW5kKCcuR0ZfQUpBWF9QT1NUQkFDSycpLmh0bWwoKTtpZighY29uZmlybWF0aW9uX2NvbnRlbnQpe2NvbmZpcm1hdGlvbl9jb250ZW50ID0gY29udGVudHM7fXNldFRpbWVvdXQoZnVuY3Rpb24oKXtqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5yZXBsYWNlV2l0aChjb25maXJtYXRpb25fY29udGVudCk7alF1ZXJ5KGRvY3VtZW50KS5zY3JvbGxUb3AoalF1ZXJ5KCcjZ2ZfNScpLm9mZnNldCgpLnRvcCAtIG10KTtqUXVlcnkoZG9jdW1lbnQpLnRyaWdnZXIoJ2dmb3JtX2NvbmZpcm1hdGlvbl9sb2FkZWQnLCBbNV0pO3dpbmRvd1snZ2Zfc3VibWl0dGluZ181J10gPSBmYWxzZTt9LCA1MCk7fWVsc2V7alF1ZXJ5KCcjZ2Zvcm1fNScpLmFwcGVuZChjb250ZW50cyk7aWYod2luZG93WydnZm9ybVJlZGlyZWN0J10pIHtnZm9ybVJlZGlyZWN0KCk7fX1qUXVlcnkoZG9jdW1lbnQpLnRyaWdnZXIoJ2dmb3JtX3Bvc3RfcmVuZGVyJywgWzUsIGN1cnJlbnRfcGFnZV0pO30gKTt9ICk7PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj4galF1ZXJ5KGRvY3VtZW50KS5iaW5kKCdnZm9ybV9wb3N0X3JlbmRlcicsIGZ1bmN0aW9uKGV2ZW50LCBmb3JtSWQsIGN1cnJlbnRQYWdlKXtpZihmb3JtSWQgPT0gNSkge2dmX2dsb2JhbFtcIm51bWJlcl9mb3JtYXRzXCJdWzVdID0ge1wiOFwiOntcInByaWNlXCI6ZmFsc2UsXCJ2YWx1ZVwiOmZhbHNlfSxcIjFcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX0sXCI5XCI6e1wicHJpY2VcIjpmYWxzZSxcInZhbHVlXCI6ZmFsc2V9LFwiMlwiOntcInByaWNlXCI6ZmFsc2UsXCJ2YWx1ZVwiOmZhbHNlfSxcIjVcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX0sXCIxMFwiOntcInByaWNlXCI6ZmFsc2UsXCJ2YWx1ZVwiOmZhbHNlfX07aWYod2luZG93WydqUXVlcnknXSl7aWYoIXdpbmRvd1snZ2ZfZm9ybV9jb25kaXRpb25hbF9sb2dpYyddKXdpbmRvd1snZ2ZfZm9ybV9jb25kaXRpb25hbF9sb2dpYyddID0gbmV3IEFycmF5KCk7d2luZG93WydnZl9mb3JtX2NvbmRpdGlvbmFsX2xvZ2ljJ11bNV0gPSB7IGxvZ2ljOiB7IDA6IHtcImZpZWxkXCI6e1wiYWN0aW9uVHlwZVwiOlwic2hvd1wiLFwibG9naWNUeXBlXCI6XCJhbGxcIixcInJ1bGVzXCI6W3tcImZpZWxkSWRcIjpcIjJcIixcIm9wZXJhdG9yXCI6XCJpc1wiLFwidmFsdWVcIjpcIkkgYWdyZWVcIn0se1wiZmllbGRJZFwiOlwiNVwiLFwib3BlcmF0b3JcIjpcImlzXCIsXCJ2YWx1ZVwiOlwiSSBhZ3JlZVwifV19LFwic2VjdGlvblwiOm51bGx9IH0sIGRlcGVuZGVudHM6IHsgMDogWzBdIH0sIGFuaW1hdGlvbjogMSwgZGVmYXVsdHM6IFtdLCBmaWVsZHM6IHtcIjhcIjpbMF0sXCIxXCI6WzBdLFwiOVwiOlswXSxcIjJcIjpbMF0sXCI1XCI6WzBdLFwiMTBcIjpbMF19IH07IGlmKCF3aW5kb3dbJ2dmX251bWJlcl9mb3JtYXQnXSl3aW5kb3dbJ2dmX251bWJlcl9mb3JtYXQnXSA9ICdkZWNpbWFsX2RvdCc7alF1ZXJ5KGRvY3VtZW50KS5yZWFkeShmdW5jdGlvbigpe2dmX2FwcGx5X3J1bGVzKDUsIFswXSwgdHJ1ZSk7alF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81Jykuc2hvdygpO2pRdWVyeShkb2N1bWVudCkudHJpZ2dlcignZ2Zvcm1fcG9zdF9jb25kaXRpb25hbF9sb2dpYycsIFs1LCBudWxsLCB0cnVlXSk7fSApO30gaWYodHlwZW9mIFBsYWNlaG9sZGVycyAhPSAndW5kZWZpbmVkJyl7XG4gICAgICAgICAgICAgICAgICAgICAgICBQbGFjZWhvbGRlcnMuZW5hYmxlKC&i=3-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
y7CefSPFCCwNqwiOCDgn9LI9kgqn4rwY1rG4CPr2HcmmuKTf-7UdGA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=k7XG4gICAgICAgICAgICAgICAgICAgIH19IH0gKTtqUXVlcnkoZG9jdW1lbnQpLmJpbmQoJ2dmb3JtX3Bvc3RfY29uZGl0aW9uYWxfbG9naWMnLCBmdW5jdGlvbihldmVudCwgZm9ybUlkLCBmaWVsZHMsIGlzSW5pdCl7fSApOzwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BIGpRdWVyeShkb2N1bWVudCkucmVhZHkoZnVuY3Rpb24oKXtqUXVlcnkoZG9jdW1lbnQpLnRyaWdnZXIoJ2dmb3JtX3Bvc3RfcmVuZGVyJywgWzUsIDFdKSB9ICk7IDwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG4gICAgICAgICAgICAgICAgZG9jdW1lbnQuYWRkRXZlbnRMaXN0ZW5lcihcImlucHV0XCIsIGZ1bmN0aW9uIChldmVudCkge1xuICAgICAgICAgICAgICAgICAgICBpZiAoIWV2ZW50LnRhcmdldC5jbG9zZXN0KFwiI2NvbW1lbnRcIikpIHJldHVybjtcblxuICAgICAgICAgICAgICAgICAgICB2YXIgY2FwdGNoYUNvbnRhaW5lciA9IG51bGw7XG4gICAgICAgICAgICAgICAgICAgIGNhcHRjaGFDb250YWluZXIgPSBncmVjYXB0Y2hhLnJlbmRlcihcInJlY2FwdGNoYS1zdWJtaXQtYnRuLWFyZWFcIiwge1xuICAgICAgICAgICAgICAgICAgICAgICAgXCJzaXRla2V5XCIgOiBcIjZMZnNkckFhQUFBQUFNVktnZWk2azBFYURCVGdtS3Y2WlFyRzdhRXNcIixcbiAgICAgICAgICAgICAgICAgICAgICAgIFwidGhlbWVcIiA6IFwic3RhbmRhcmRcIlxuICAgICAgICAgICAgICAgICAgICB9KTtcbiAgICAgICAgICAgICAgICB9KTtcbiAgICAgICAgICAgIDwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3d3dy5nb29nbGUuY29tL3JlY2FwdGNoYS9hcGkuanM%2FaGw9ZW4mYW1wO3JlbmRlcj1leHBsaWNpdFwiIGFzeW5jPVwiXCIgZGVmZXI9XCJcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4gICAgZ29vZ2xldGFnLmNtZC5wdXNoKGZ1bmN0aW9uKCkgeyBnb29nbGV0YWcuZGlzcGxheSgnZGl2LWdwdC1hZC02Nzk0NjcwLTMnKTsgfSk7XG4gIDwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgICBnb29nbGV0YWcuY21kLnB1c2goZnVuY3Rpb24oKSB7IGdvb2dsZXRhZy5kaXNwbGF5KCdkaXYtZ3B0LWFkLTY3OTQ2NzAtNScpOyB9KTtcbiAgPC9zY3JpcHQ%2BXG48c2NyaXB0IGlkPVwiNzRjMmVjMWJjOGY4NGY3Y2IyZmYzNjVhZDBiNTgxMjNcIj5cblx0XHRcdFx0XHRcdFx0XHRjbnguY21kLnB1c2goZnVuY3Rpb24oKSB7XG5cdFx0XHRcdFx0XHRcdFx0XHRjbngoe1xuXHRcdFx0XHRcdFx0XHRcdFx0cGxheWVySWQ6IFwiYzJlY2QwNGYtMGRjYS00ZmZhLTg3NjEtZDkzYjM0NzE3MzgwXCJcblx0XHRcdFx0XHRcdFx0XHRcdH0pLnJlbmRlcihcIjc0YzJlYzFiYzhmODRmN2NiMmZmMzY1YWQwYjU4MTIzXCIpO1xuXHRcdFx0XHRcdFx0XHRcdH0pO1xuXHRcdFx0XHRcdFx0XHRcdDwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG4gICAgICAgICAgICBpZiAoIHR5cGVvZiBfcmVjYXB0Y2hhX3dvcmRwcmVzc19zYXZlZGNvbW1lbnQgIT0gJ3VuZGVmaW5lZCcpIHtcbiAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnY29tbWVudCcpLnZhbHVlID1cbiAgICAgICAgICAgICAgICAgICAgX3JlY2FwdGNoYV93b3JkcHJlc3Nfc2F2ZWRjb21tZW50O1xuICAgICAgICAgICAgfVxuICAgICAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tL3RocmVhdHBvc3QtZ2xvYmFsL3dwLWNvbnRlbnQvcGx1Z2lucy9rYXNwZXJza3ktZW1iZWRzL2pzL3NjcmlwdHMuanM%2FdmVyPTEuMFwiIGlkPVwia3Nwcl9lbWJlZHMtanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vcmVjYXB0Y2hhL2FwaS5qcz9yZW5kZXI9ZXhwbGljaXQmYW1wO3Zlcj0yMDIxMjQwNTA5MjdcIiBpZD1cImthc3BlcnNreS1keW5hbWljLWdyYXZpdHktZm9ybXMtZ29vZ2xlLXJlY2FwdGNoYS1qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiLy9hc3NldHMudGhyZWF0cG9zdC5jb20vd3AtY29udGVudC9wbHVnaW5zL2J3cC1taW5pZnkvbWluLz9mPXdwLWNvbnRlbnQvcGx1Z2lucy9ncmF2aXR5Zm9ybXMvanMvanF1ZXJ5Lmpzb24ubWluLmpzJmFtcDt2ZXI9ODRjOTJkOTdcIiBpZD1cImdmb3JtX2pzb24tanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGlkPVwiZ2Zvcm1fZ3Jhdml0eWZvcm1zLWpzLWV4dHJhXCI%2BXG4vKiA8IVtDREFUQVsgKi9cbnZhciBnZl9nbG9iYWwgPSB7XCJnZl9jdXJyZW5jeV9jb25maWdcIjp7XCJuYW1lXCI6XCJVLlMuIERvbGxhclwiLFwic3ltYm9sX2xlZnRcIjpcIiRcIixcInN5bWJvbF9yaWdodFwiOlwiXCIsXCJzeW1ib2xfcGFkZGluZ1wiOlwiXCIsXCJ0aG91c2FuZF9zZXBhcmF0b3JcIjpcIixcIixcImRlY2ltYWxfc2VwYXJhdG9yXCI6XCIuXCIsXCJkZWNpbWFsc1wiOjJ9LFwiYmFzZV91cmxcIjpcImh0dHBzOlxcL1xcL3RocmVhdHBvc3QuY29tXFwvd3AtY29udGVudFxcL3BsdWdpbnNcXC9ncmF2aXR5Zm9ybXNcIixcIm51bWJlcl9mb3JtYXRzXCI6W10sXCJzcGlubmVyVXJsXCI6XCJodHRwczpcXC9cXC90aHJlYXRwb3N0LmNvbVxcL3dwLWNvbnRlbnRcXC9wbHVnaW5zXFwvZ3Jhdml0eWZvcm1zXFwvaW1hZ2VzXFwvc3Bpbm5lci5naWZcIn07XG4vKiBdXT4gKi9cbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvZ3Jhdml0eWZvcm1zL2pzL2dyYXZpdHlmb3Jtcy5taW4uanM%2FdmVyPTIuNC4xNy4xNVwiIGlkPVwiZ2Zvcm1fZ3Jhdml0eWZvcm1zLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Fzc2V0cy50aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvYndwLW1pbmlmeS9taW4vP2Y9d3AtY29udGVudC9wbHVnaW5zL2dyYXZpdHlmb3Jtcy9qcy9jb25kaXRpb25hbF9sb2dpYy5taW4uanMmYW1wO3Zlcj04NGM5MmQ5N1wiIGlkPVwiZ2Zvcm1fY29uZGl0aW9uYWxfbG9naWMtanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMvZ3Jhdml0eWZvcm1zL2pzL3BsYWNlaG9sZGVycy5qcXVlcnkubWluLmpzJmFtcDt2ZXI9ODRjOTJkOTdcIiBpZD1cImdmb3JtX3BsYWNlaG9sZGVyLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cImthc3BlcnNreS1keW5hbWljLWdyYXZpdHktZm9ybXMtbWFpbi1qcy1leHRyYVwiPlxuLyogPCFbQ0RBVEFbICovXG52YXIga2FzcGVyc2t5RHluYW1pY2FSZUNhcHRjaGFEYXRhID0ge1wiYWpheFVybFwiOlwiaHR0cHM6XFwvXFwvdGhyZWF0cG9zdC5jb21cXC93cC1hZG1pblxcL2FkbWluLWFqYXgucGhwXCJ9O1xuLyogXV0%2BICovXG48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LWdyYXZpdHktZm9ybXMtZHluYW1pYy1yZWNhcHRjaGEvYXNzZXRzL2pzL21haW4uanMsd3AtY29udGVudC90aGVtZXMvdGhyZWF0cG9zdC0yMDE4L2Fzc2V0cy9qcy9tYWluLmpzLHdwLWluY2x1ZGVzL2pzL3dwLWVtYmVkLm1pbi5qcyx3cC1jb250ZW50L3BsdWdpbnMvYWtpc21ldC9faW5jL2Zvcm0uanMmYW1wO3Zlcj04NGM5MmQ5N1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3R5cGU9amF2YXNjcmlwdCZhbXA7dmVyc2lvbj0yLjAuNCZhbXA7cF9pZD1Ud2l0dGVyJmFtcDtwX3VzZXJfaWQ9MCZhbXA7dHhuX2lkPW50dDBqJmFtcDtldmVudHM9JTVCJTVCJTIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJmFtcDt0d19zYWxlX2Ftb3VudD0wJmFtcDt0d19vcmRlcl9xdWFudGl0eT0wJmFtcDt0d19pZnJhbWVfc3RhdHVzPTAmYW1wO2V2ZW50X2lkPTc5OWM4OTVmLTMyZWMtNGRlZS1hNjYzLWQ5MjkzMTkxNDlhZiZhbXA7dHdfZG9jdW1lbnRfaHJlZj1odHRwcyUzQSUyRiUyRnRocmVhdHBvc3QuY29tJTJGY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zJTJGMTc3MTE5JTJGJmFtcDt0cHhfY2I9dHd0dHIuY29udmVyc2lvbi5sb2FkUGl4ZWxzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbS9hZHNpZC9pbnRlZ3JhdG9yLmpzP2RvbWFpbj1cIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9jZC5jb25uYXRpeC5jb20vY29ubmF0aXgucGxheWVyLmpzXCIgYXN5bmM9XCIxXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ18xNDcyOTQ4MzkwJykuY29udGVudFdpbmRvd1xuICAgICAgICAgICAgICAucG9zdE1lc3NhZ2Uoe3R5cGU6ICdvbWlkSWZyYW1lTG9hZGVkJ30sICcqJyk7XG4gICAgICAgICAgfVxuICAgICAgICB9KTtcbiAgICAgIDwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanNcIj48L3Njcm&i=4-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
FhA2oUHOE--gSgoJuHthiAHzWM4goKTZb5H9j_FLMSKBbu-MnazH-w==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=lwdD5cbjxzY3JpcHQ%2BXG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ184MjUzNTIwOTUnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vb21zZGsvcmVsZWFzZXMvbGl2ZS9vbXdlYi12MS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgICAgICAgd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJ21lc3NhZ2UnLCBmdW5jdGlvbihlKSB7XG4gICAgICAgICAgaWYgKGUuZGF0YS50eXBlID09PSAnaW5uZXJCcmlkZ2VJZnJhbWVMb2FkZWQnKSB7XG4gICAgICAgICAgICB3aW5kb3cuZnJhbWVFbGVtZW50LnBhcmVudEVsZW1lbnRcbiAgICAgICAgICAgICAgLnF1ZXJ5U2VsZWN0b3IoJyNnb29nXzIwMTg2OTQ4NDQnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3ZwYWlkLnB1Ym1hdGljLmNvbS9hZHMvdmlkZW8vUE1BZE1nci5qcz9lbWJlZGRlZD0xJmFtcDtwdWJJZD0xNTY4NTgmYW1wO3NpdGVJZD02MzA5MDcmYW1wO2FkSWQ9MjQ0NjAwOCZhbXA7dnR5cGU9MSZhbXA7aW1wcklkPTZEMjA0MUJBLTIxQjctNDQ4Mi05MDFCLUJCQTlERkJFOTAzMSZhbXA7YWRTZXJ2ZXJJZD0yNDMmYW1wO2NhbXBhaWduSWQ9MjI5MTgmYW1wO2NySUQ9a2lhb3Jpa3AmYW1wO3VjcmlkPTYxODMwMjY0MzYzMzM3ODAyNjJcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPlxuICAgICAgICAgICAgd2luZG93Lk9iamVjdC5kZWZpbmVQcm9wZXJ0eShPYmplY3QucHJvdG90eXBlLCAnY254SW5uZXJUYWcnLCB7IGVudW1lcmFibGU6ICExLCB3cml0YWJsZTogITAsIHZhbHVlOiAnY254LWFkLXNsb3QtZmQyYzU4NWQtNWJiYy00NjMxLTg3YjktOWI0NGM4NzE0NzVkJyB9KTtcbiAgICAgICAgICAgIHdpbmRvdy5PYmplY3QuZGVmaW5lUHJvcGVydHkoRnVuY3Rpb24ucHJvdG90eXBlLCAnY254SW5uZXJUYWcnLFxuICAgICAgICAgICAgeyBlbnVtZXJhYmxlOiAhMSwgd3JpdGFibGU6ICEwLCB2YWx1ZTogJ2NueC1hZC1zbG90LWZkMmM1ODVkLTViYmMtNDYzMS04N2I5LTliNDRjODcxNDc1ZCcgfSk7XG4gICAgICAgICAgICBjbnh0aW1lb3V0cyA9IFtdO1xuICAgICAgICAgICAgY254aW50ZXJ2YWxzID0gW107XG4gICAgICAgICAgICBvbGRTZXRUaW1lb3V0ID0gc2V0VGltZW91dDtcbiAgICAgICAgICAgIHNldFRpbWVvdXQgPSBmdW5jdGlvbiAoZSwgdCkgeyB2YXIgbiA9IG9sZFNldFRpbWVvdXQuYXBwbHkobnVsbCwgYXJndW1lbnRzKTsgcmV0dXJuIGNueHRpbWVvdXRzLnB1c2gobiksIG4gfTtcbiAgICAgICAgICAgIG9sZFNldEludGVydmFsID0gc2V0SW50ZXJ2YWw7XG4gICAgICAgICAgICBzZXRJbnRlcnZhbCA9IGZ1bmN0aW9uIChlLCB0KSB7IHZhciBuID0gb2xkU2V0SW50ZXJ2YWwuYXBwbHkobnVsbCwgYXJndW1lbnRzKTsgcmV0dXJuIGNueGludGVydmFscy5wdXNoKG4pLCBuIH07XG4gICAgICAgICAgICBjbGVhckFsbCA9IGZ1bmN0aW9uICgpIHtcbiAgICAgICAgICAgICAgICBzZXRUaW1lb3V0ID0gZnVuY3Rpb24gKCkgeyB9O1xuICAgICAgICAgICAgICAgIHNldEludGVydmFsID0gZnVuY3Rpb24gKCkgeyB9O1xuICAgICAgICAgICAgICAgIGZvciAodmFyIGUgPSAwOyBlIDwgY254dGltZW91dHMubGVuZ3RoOyBlKyspIHtcbiAgICAgICAgICAgICAgICAgICAgY2xlYXJUaW1lb3V0KGNueHRpbWVvdXRzW2VdKTtcbiAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgZm9yIChlID0gMDsgZSA8IGNueGludGVydmFscy5sZW5ndGg7IGUrKykge1xuICAgICAgICAgICAgICAgICAgICBjbGVhckludGVydmFsKGNueGludGVydmFsc1tlXSk7XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfTtcbiAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj53aW5kb3cucG9zdE1lc3NhZ2UoJ3tcImV2ZW50XCI6IFwicmVhZHlcIiwgXCJpZFwiOiBcImNueC1pZnJhbWVfNDhjNGUyMGEtNDFmZi00MzAyLTg0M2MtZTExMWZkODU2ZWI1XCJ9JywgJyonKTs8L3NjcmlwdD5cbjxzY3JpcHQgaWQ9XCJjbngtcHJlYmlkLWxvYWRlclwiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Nkcy5jb25uYXRpeC5jb20vcC9wbHVnaW5zL3ByZWJpZDQuNDMuMC00LmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj53aW5kb3cucG9zdE1lc3NhZ2UoJ3tcImV2ZW50XCI6IFwicmVhZHlcIiwgXCJpZFwiOiBcImNueC1pZnJhbWVfOGQxZWJlNGItNDI2Mi00ZjQ3LWEwMTQtMTBmNWFmNDE2ZGFhXCJ9JywgJyonKTs8L3NjcmlwdD5cbjxpZnJhbWUgc3JjPVwiaHR0cHM6Ly9pbWFzZGsuZ29vZ2xlYXBpcy5jb20vanMvY29yZS9icmlkZ2UzLjQ5My4wX2VuLmh0bWwjZ29vZ18xNDcyOTQ4MzkwXCIgYWxsb3dmdWxsc2NyZWVuPVwiXCIgYWxsb3c9XCJhdXRvcGxheTthdHRyaWJ1dGlvbi1yZXBvcnRpbmdcIiBpZD1cImdvb2dfMTQ3Mjk0ODM5MFwiIHN0eWxlPVwiYm9yZGVyOiAwcHg7IG9wYWNpdHk6IDA7IG1hcmdpbjogMHB4OyBwYWRkaW5nOiAwcHg7IHBvc2l0aW9uOiByZWxhdGl2ZTsgY29sb3Itc2NoZW1lOiBsaWdodDtcIj48L2lmcmFtZT5cbjxpZnJhbWUgc3JjPVwiaHR0cHM6Ly9pbWFzZGsuZ29vZ2xlYXBpcy5jb20vanMvY29yZS9icmlkZ2UzLjQ5My4wX2VuLmh0bWwjZ29vZ184MjUzNTIwOTVcIiBhbGxvd2Z1bGxzY3JlZW49XCJcIiBhbGxvdz1cImF1dG9wbGF5O2F0dHJpYnV0aW9uLXJlcG9ydGluZ1wiIGlkPVwiZ29vZ184MjUzNTIwOTVcIiBzdHlsZT1cImJvcmRlcjogMHB4OyBvcGFjaXR5OiAwOyBtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBwb3NpdGlvbjogcmVsYXRpdmU7IGNvbG9yLXNjaGVtZTogbGlnaHQ7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tL2pzL2NvcmUvYnJpZGdlMy40OTMuMF9lbi5odG1sI2dvb2dfMjAxODY5NDg0NFwiIGFsbG93ZnVsbHNjcmVlbj1cIlwiIGFsbG93PVwiYXV0b3BsYXk7YXR0cmlidXRpb24tcmVwb3J0aW5nXCIgaWQ9XCJnb29nXzIwMTg2OTQ4NDRcIiBzdHlsZT1cImJvcmRlcjogMHB4OyBvcGFjaXR5OiAwOyBtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBwb3NpdGlvbjogcmVsYXRpdmU7IGNvbG9yLXNjaGVtZTogbGlnaHQ7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vY2ExNDM5MWE4MjRlNDY0MzgwZjAxYWI0YjZjMDJkNzIuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zYWZlZnJhbWUvMS0wLTM4L2h0bWwvY29udGFpbmVyLmh0bWxcIiBzdHlsZT1cInZpc2liaWxpdHk6IGhpZGRlbjsgZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT5cbjxpZnJhbWUgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NvZGFyL3NvZGFyMi8yMjUvcnVubmVyLmh0bWxcIiB3aWR0aD1cIjBcIiBoZWlnaHQ9XCIwXCIgc3R5bGU9XCJkaXNwbGF5OiBub25lO1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBzcmM9XCJodHRwczovL3d3dy5nb29nbGUuY29tL3JlY2FwdGNoYS9hcGkyL2FmcmFtZVwiIHdpZHRoPVwiMFwiIGhlaWdodD1cIjBcIiBzdHlsZT1cImRpc3BsYXk6IG5vbmU7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIGlkPVwicG0tODdcIiBzcmM9XCJodHRwczovL2Fkcy5wdWJtYXRpYy5jb20vQWRTZXJ2ZXIvanMvc2hvd2FkLmpzPyNQSVgmYW1wO2l0PTImYW1wO2tkbnR1aWQ9MSZhbXA7bnA9MCZhbXA7cD0xNTY4NTgmYW1wO3M9NjMwOTA3JmFtcDthPTI0NDYwMDhcIiB3aWR0aD1cIjBcIiBoZWlnaHQ9XCIwXCIgc2Nyb2xsaW5nPVwibm9cIiBzdHlsZT1cImhlaWdodDogMHB4OyB3aWR0aDogMHB4OyBkaXNwbGF5OiBub25lO1wiPjwvaWZyYW1lPjwvYm9keT48L2h0bWw%2BIiwiYmxhY2tsaXN0RGF0YSI6eyJhY3Rpb24iOjEwLCJhY3Rpb25EZXRhaWxzIjoiYWxnYmlkLmFwcCIsInJlcG9ydFJhdGlvIjoxLCJyZXBvcnRNYXJrdXAiOnRydWUsIml0ZW1zIjpbeyJob3N0bmFtZSI6ImFsZ2JpZC5hcHAiLCJ0b2tlbiI6IiIsImFjdGlvbiI6MTB9LHsiaG9zdG5hbWUiOiJhbGdiaWQuYXBwIiwidG9rZW4iOiIiLCJhY3Rpb24iOjEwfV0sIm1hcmt1cCI6IjwhLS0gdHJ1bmNhdGVkLi4uIC0tPmUoYSlbMF07YT1cIlwiO2ZvcihsZXQgYz0wO2M8Yi5sZW5ndGg7YysrKWErPVN0cmluZy5mcm9tQ2hhckNvZGUoYi5jaGFyQ29kZUF0KGMpXlwiXFx1MDAwM1xcdTAwMDdcXHUwMDAzXFx1MDAwN1xcYlxcdTAwMDRcXHUwMDA0XFx1MDAwNlxcdTAwMDVcXHUwMDAzXCIuY2hhckNvZGVBdChjJTEwKSk7dGhpcy5nPUpTT04ucGFyc2UoYSl9Y2F0Y2goYil7fX19LE47dmFyIExhPWRvY3VtZW50LE1hPXdpbmRvdzt2YXIgTmE9ISF3aW5kb3cuZ29vZ2xlX2FzeW5jX2lmcmFtZV9pZDtsZXQgTz1OYSYmd2luZG93LnBhcmVudHx8d2luZG93O2NsYXNzIE9he2NvbnN0cnVjdG9yKGEsYil7dGhpcy5lcnJvcj1hO3RoaXMuY29udGV4dD1iLmNvbnRleHQ7dGhpcy5tc2c9Yi5tZXNzYWdlfHxcIlwiO3RoaXMuaWQ9Yi5pZHx8XCJqc2Vycm9yXCI7dGhpcy5tZXRhPXt9fX07Y29uc3QgUGE9UmVnRXhwKFwiXmh0dHBzPzovLyhcXFxcd3wtKStcXFxcLmNkblxcXFwuYW1wcHJvamVjdFxcXFwuKG5ldHxvcmcpKFxcXFw%2FfC98JClcIik7dmFyIFFhPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy5nPWE7dGhpcy5oPWJ9fSxSYT1jbGFzc3tjb25zdHJ1Y3RvcihhLGIpe3RoaXMudXJsPWE7dGhpcy5tPSEhYjt0aGlzLmRlcHRoPW51bGx9fTtmdW5jdGlvbiBQKGEsYil7Y29uc3QgYz17fTtjW2FdPWI7cmV0dXJuW2NdfWZ1bmN0aW9uIFNhKGEsYixjLGQsZil7Y29uc3QgZz1bXTtKKGEsZnVuY3Rpb24oZSxrKXsoZT1UYShlLGIsYyxkLGYpKSYmZy5wdXNoKGsrXCI9XCIrZSl9KTtyZXR1cm4gZy5qb2luKGIpfSBmdW5jdGlvbiBUYShhLGIsYyxkLGYpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtjb25zdCBnPVtdO2ZvcihsZXQgZT0wO2U8YS5sZW5ndGg7ZSsrKWcucHVzaChUYShhW2VdLGIsYyxkKzEsZikpO3JldHVybiBnLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGY9Znx8MCwyPmY%2FZW5jb2RlVVJJQ29tcG9uZW50KFNhKGEsYixjLGQsZisxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9ZnVuY3Rpb24gVWEoYSl7bGV0IGI9MTtmb3IoY29uc3QgYyBpbiBhLmgpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIDM5OTctYi1hLmkubGVuZ3RoLTF9IGZ1bmN0aW9uIFZhKGEsYixjKXtiPWIrXCIvL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tXCIrYztsZXQgZD1VYShhKS1jLmxlbmd0aDtpZigwPmQpcmV0dXJuXCJcIjthLmcuc29ydChmdW5jdGlvbihnLGUpe3JldHVybiBnLWV9KTtjPW51bGw7bGV0IGY9XCJcIjtm&i=5-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
biRO03DoZ-11LmFhU1EIQEPpqj_4RUn7WZuN9h0KUt6zjYa5KjayHA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
428 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=b3IobGV0IGc9MDtnPGEuZy5sZW5ndGg7ZysrKXtjb25zdCBlPWEuZ1tnXSxrPWEuaFtlXTtmb3IobGV0IGg9MDtoPGsubGVuZ3RoO2grKyl7aWYoIWQpe2M9bnVsbD09Yz9lOmM7YnJlYWt9bGV0IGw9U2Eoa1toXSxhLmksXCIsJFwiKTtpZihsKXtsPWYrbDtpZihkPj1sLmxlbmd0aCl7ZC09bC5sZW5ndGg7Yis9bDtmPWEuaTticmVha31jPW51bGw9PWM%2FZTpjfX19YT1cIlwiO251bGwhPWMmJihhPWYrXCJ0cm49XCIrYyk7cmV0dXJuIGIrYX1jbGFzcyBRe2NvbnN0cnVjdG9yKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLmo9MDt0aGlzLmc9W119fTtmdW5jdGlvbiBXYSgpe3ZhciBhPVIsYj1TLmdvb2dsZV9zcnQ7MDw9YiYmMT49YiYmKGEuZz1iKX1mdW5jdGlvbiBUKGEsYixjLGQsZixnKXtpZigoZD9hLmc6TWF0aC5yYW5kb20oKSk8KGZ8fC4wMSkpdHJ5e2xldCBlO2MgaW5zdGFuY2VvZiBRP2U9YzooZT1uZXcgUSxKKGMsKGgsbCk9Pnt2YXIgbT1lLG49bS5qKys7aD1QKGwsaCk7bS5nLnB1c2gobik7bS5oW25dPWh9KSk7Y29uc3Qgaz1WYShlLGEuaCxcIi9wYWdlYWQvZ2VuXzIwND9pZD1cIitiK1wiJlwiKTtrJiYoXCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBnP0wocixrLGcpOkwocixrKSl9Y2F0Y2goZSl7fX1jbGFzcyBYYXtjb25zdHJ1Y3Rvcigpe3ZhciBhPXZvaWQgMD09PWE%2FTWE6YTt0aGlzLmg9XCJodHRwOlwiPT09YS5sb2NhdGlvbi5wcm90b2NvbD9cImh0dHA6XCI6XCJodHRwczpcIjt0aGlzLmc9TWF0aC5yYW5kb20oKX19O2xldCBVPW51bGw7dmFyIFlhPSgpPT57Y29uc3QgYT1yLnBlcmZvcm1hbmNlO3JldHVybiBhJiZhLm5vdyYmYS50aW1pbmc%2FTWF0aC5mbG9vcihhLm5vdygpK2EudGltaW5nLm5hdmlnYXRpb25TdGFydCk6RGF0ZS5ub3coKX0sWmE9KCk9Pntjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmJmEubm93P2Eubm93KCk6bnVsbH07Y2xhc3MgJGF7Y29uc3RydWN0b3IoYSxiKXt2YXIgYz1aYSgpfHxZYSgpO3RoaXMubGFiZWw9YTt0aGlzLnR5cGU9Yjt0aGlzLnZhbHVlPWM7dGhpcy5kdXJhdGlvbj0wO3RoaXMudW5pcXVlSWQ9TWF0aC5yYW5kb20oKTt0aGlzLnNsb3RJZD12b2lkIDB9fTtjb25zdCBWPXIucGVyZm9ybWFuY2UsYWI9ISEoViYmVi5tYXJrJiZWLm1lYXN1cmUmJlYuY2xlYXJNYXJrcyksVz1mdW5jdGlvbihhKXtsZXQgYj0hMSxjO3JldHVybiBmdW5jdGlvbigpe2J8fChjPWEoKSxiPSEwKTtyZXR1cm4gY319KCgpPT57dmFyIGE7aWYoYT1hYil7dmFyIGI7aWYobnVsbD09PVUpe1U9XCJcIjt0cnl7YT1cIlwiO3RyeXthPXIudG9wLmxvY2F0aW9uLmhhc2h9Y2F0Y2goYyl7YT1yLmxvY2F0aW9uLmhhc2h9YSYmKFU9KGI9YS5tYXRjaCgvXFxiZGVpZD0oW1xcZCxdKykvKSk%2FYlsxXTpcIlwiKX1jYXRjaChjKXt9fWI9VTthPSEhYi5pbmRleE9mJiYwPD1iLmluZGV4T2YoXCIxMzM3XCIpfXJldHVybiBhfSk7ZnVuY3Rpb24gYmIoYSl7YSYmViYmVygpJiYoVi5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGApLFYuY2xlYXJNYXJrcyhgZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fZW5kYCkpfSBjbGFzcyBjYntjb25zdHJ1Y3Rvcigpe3ZhciBhPVM7dGhpcy5oPVtdO3RoaXMuaT1hfHxyO2xldCBiPW51bGw7YSYmKGEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZT1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWV8fFtdLHRoaXMuaD1hLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUsYj1hLmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZyk7dGhpcy5nPVcoKXx8KG51bGwhPWI%2FYjoxPk1hdGgucmFuZG9tKCkpfXN0YXJ0KGEsYil7aWYoIXRoaXMuZylyZXR1cm4gbnVsbDthPW5ldyAkYShhLGIpO2I9YGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YDtWJiZXKCkmJlYubWFyayhiKTtyZXR1cm4gYX1lbmQoYSl7aWYodGhpcy5nJiZcIm51bWJlclwiPT09dHlwZW9mIGEudmFsdWUpe2EuZHVyYXRpb249KFphKCl8fFlhKCkpLWEudmFsdWU7dmFyIGI9YGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X2VuZGA7ViYmVygpJiZWLm1hcmsoYik7IXRoaXMuZ3x8MjA0ODx0aGlzLmgubGVuZ3RofHwgdGhpcy5oLnB1c2goYSl9fX07ZnVuY3Rpb24gWChhKXtsZXQgYj1hLnRvU3RyaW5nKCk7YS5uYW1lJiYtMT09Yi5pbmRleE9mKGEubmFtZSkmJihiKz1cIjogXCIrYS5uYW1lKTthLm1lc3NhZ2UmJi0xPT1iLmluZGV4T2YoYS5tZXNzYWdlKSYmKGIrPVwiOiBcIithLm1lc3NhZ2UpO2lmKGEuc3RhY2spe2E9YS5zdGFjazt0cnl7LTE9PWEuaW5kZXhPZihiKSYmKGE9YitcIlxcblwiK2EpO2xldCBjO2Zvcig7YSE9YzspYz1hLGE9YS5yZXBsYWNlKC8oKGh0dHBzPzpcXC8uLipcXC8pW15cXC86XSo6XFxkKyg%2FOi58XFxuKSopXFwyLyxcIiQxXCIpO2I9YS5yZXBsYWNlKC9cXG4gKi9nLFwiXFxuXCIpfWNhdGNoKGMpe319cmV0dXJuIGJ9IGZ1bmN0aW9uIGRiKGEsYil7bGV0IGMsZDt0cnl7YS5nJiZhLmcuZz8oZD1hLmcuc3RhcnQoKDkwMykudG9TdHJpbmcoKSwzKSxjPWIoKSxhLmcuZW5kKGQpKTpjPWIoKX1jYXRjaChmKXtiPSEwO3RyeXtiYihkKSxiPWEucyg5MDMsbmV3IE9hKGYse21lc3NhZ2U6WChmKX0pLHZvaWQgMCx2b2lkIDApfWNhdGNoKGcpe2EubygyMTcsZyl9aWYoYil7bGV0IGcsZTtudWxsPT0oZz13aW5kb3cuY29uc29sZSl8fG51bGw9PShlPWcuZXJyb3IpfHxlLmNhbGwoZyxmKX1lbHNlIHRocm93IGY7fXJldHVybiBjfWZ1bmN0aW9uIGViKGEpe3ZhciBiPVk7cmV0dXJuKC4uLmMpPT5kYihiLCgpPT5hLmFwcGx5KHZvaWQgMCxjKSl9IGNsYXNzIGZie2NvbnN0cnVjdG9yKCl7dmFyIGE9Wjt0aGlzLmk9Ujt0aGlzLmg9bnVsbDt0aGlzLnM9dGhpcy5vO3RoaXMuZz12b2lkIDA9PT1hP251bGw6YTt0aGlzLmo9ITF9cGluZ2VyKCl7cmV0dXJuIHRoaXMuaX1vKGEsYixjLGQsZil7Zj1mfHxcImpzZXJyb3JcIjtsZXQgZzt0cnl7Y29uc3Qgdj1uZXcgUTt2YXIgZT12O2UuZy5wdXNoKDEpO2UuaFsxXT1QKFwiY29udGV4dFwiLGEpO2IuZXJyb3ImJmIubWV0YSYmYi5pZHx8KGI9bmV3IE9hKGIse21lc3NhZ2U6WChiKX0pKTtpZihiLm1zZyl7ZT12O3ZhciBrPWIubXNnLnN1YnN0cmluZygwLDUxMik7ZS5nLnB1c2goMik7ZS5oWzJdPVAoXCJtc2dcIixrKX12YXIgaD1iLm1ldGF8fHt9O2I9aDtpZih0aGlzLmgpdHJ5e3RoaXMuaChiKX1jYXRjaCh5KXt9aWYoZCl0cnl7ZChiKX1jYXRjaCh5KXt9ZD12O2g9W2hdO2QuZy5wdXNoKDMpO2QuaFszXT1oO2Q9cjtoPVtdO2I9bnVsbDtkb3t2YXIgbD1kO2lmKEkobCkpe3ZhciBtPWwubG9jYXRpb24uaHJlZjsgYj1sLmRvY3VtZW50JiZsLmRvY3VtZW50LnJlZmVycmVyfHxudWxsfWVsc2UgbT1iLGI9bnVsbDtoLnB1c2gobmV3IFJhKG18fFwiXCIpKTt0cnl7ZD1sLnBhcmVudH1jYXRjaCh5KXtkPW51bGx9fXdoaWxlKGQmJmwhPWQpO2ZvcihsZXQgeT0wLHphPWgubGVuZ3RoLTE7eTw9emE7Kyt5KWhbeV0uZGVwdGg9emEteTtsPXI7aWYobC5sb2NhdGlvbiYmbC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMmJmwubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zLmxlbmd0aD09aC5sZW5ndGgtMSlmb3IobT0xO208aC5sZW5ndGg7KyttKXt2YXIgbj1oW21dO24udXJsfHwobi51cmw9bC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnNbbS0xXXx8XCJcIixuLm09ITApfXZhciB1PWg7bGV0IEs9bmV3IFJhKHIubG9jYXRpb24uaHJlZiwhMSk7bD1udWxsO2NvbnN0IGFhPXUubGVuZ3RoLTE7Zm9yKG49YWE7MDw9bjstLW4pe3ZhciBwPXVbbl07IWwmJlBhLnRlc3QocC51cmwpJiYobD1wKTtpZihwLnVybCYmIXAubSl7Sz0gcDticmVha319cD1udWxsO2NvbnN0IGpiPXUubGVuZ3RoJiZ1W2FhXS51cmw7MCE9Sy5kZXB0aCYmamImJihwPXVbYWFdKTtnPW5ldyBRYShLLHApO2lmKGcuaCl7dT12O3ZhciBxPWcuaC51cmx8fFwiXCI7dS5nLnB1c2goNCk7dS5oWzRdPVAoXCJ0b3BcIixxKX12YXIgYmE9e3VybDpnLmcudXJsfHxcIlwifTtpZihnLmcudXJsKXt2YXIgY2E9Zy5nLnVybC5tYXRjaCh4YSksQz1jYVsxXSxBYT1jYVszXSxCYT1jYVs0XTtxPVwiXCI7QyYmKHErPUMrXCI6XCIpO0FhJiYocSs9XCIvL1wiLHErPUFhLEJhJiYocSs9XCI6XCIrQmEpKTt2YXIgQ2E9cX1lbHNlIENhPVwiXCI7Qz12O2JhPVtiYSx7dXJsOkNhfV07Qy5nLnB1c2goNSk7Qy5oWzVdPWJhO1QodGhpcy5pLGYsdix0aGlzLmosYyl9Y2F0Y2godil7dHJ5e1QodGhpcy5pLGYse2NvbnRleHQ6XCJlY21zZXJyXCIscmN0eDphLG1zZzpYKHYpLHVybDpnJiZnLmcudXJsfSx0aGlzLmosYyl9Y2F0Y2goSyl7fX1yZXR1cm4hMH19O2NsYXNzIGdie307bGV0IFIsWTtpZihOYSYmIUkoTykpe2xldCBhPVwiLlwiK0xhLmRvbWFpbjt0cnl7Zm9yKDsyPGEuc3BsaXQoXCIuXCIpLmxlbmd0aCYmIUkoTyk7KUxhLmRvbWFpbj1hPWEuc3Vic3RyKGEuaW5kZXhPZihcIi5cIikrMSksTz13aW5kb3cucGFyZW50fWNhdGNoKGIpe31JKE8pfHwoTz13aW5kb3cpfU8hPT13aW5kb3cmJi4wMT5NYXRoLnJhbmRvbSgpJiZHYSgpO2NvbnN0IFM9TyxaPW5ldyBjYjt2YXIgaGI9KCk9PntpZighUy5nb29nbGVfbWVhc3VyZV9qc190aW1pbmcpe3ZhciBhPVo7YS5nPSExO2EuaCE9YS5pLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUmJihXKCkmJkFycmF5LnByb3RvdHlwZS5mb3JFYWNoLmNhbGwoYS5oLGJiLHZvaWQgMCksYS5oLmxlbmd0aD0wKX19OyAoYT0%2Be1I9bnVsbCE9YT9hOm5ldyBYYTtcIm51bWJlclwiIT09dHlwZW9mIFMuZ29vZ2xlX3NydCYmKFMuZ29vZ2xlX3NydD1NYXRoLnJhbmRvbSgpKTtXYSgpO1k9bmV3IGZiO1kuaD1iPT57dmFyIGM9TTswIT09YyYmKGIuamM9U3RyaW5nKGMpLGM9KGM9SGEoYyxkb2N1bWVudC5jdXJyZW50U2NyaXB0KSkmJmMuZ2V0QXR0cmlidXRlKFwiZGF0YS1qYy12ZXJzaW9uXCIpfHxcInVua25vd25cIixiLnNodj1jKX07WS5qPSEwO1wiY29tcGxldGVcIj09Uy5kb2N1bWVudC5yZWFkeVN0YXRlP2hiKCk6Wi5nJiZIKFMsXCJsb2FkXCIsKCk9PntoYigpfSl9KSgpO2Z1bmN0aW9uIGliKCl7dmFyIGEsYjtjb25zdCBjPXdpbmRvdztpZihjLmdtYVNka3x8KG51bGw9PT0oYT1jLndlYmtpdCl8fHZvaWQgMD09PWE%2FMDphLm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscykpcmV0dXJuIGM7dHJ5e2NvbnN0IGQ9d2luZG93LnBhcmVudDtpZihkLmdtYVNka3x8KG51bGw9PT0oYj1kLndlYmtpdCl8fHZvaWQgMD09PWI%2FMDpiLm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscykpcmV0dXJuIGR9Y2F0Y2goZCl7fXJldHVybiBudWxsfSBmdW5jdGlvbiBrYihhLGI9e30sYz0oKT0%2Be30sZD0oKT0%2Be30pe2NvbnN0IGY9U3RyaW5nKE1hdGguZmxvb3IoMjE0NzQ4MzY0Nyp5YSgpKSk7bGV0IGc9MDtjb25zdCBlPWs9Pnt0cnl7dmFyIGg9XCJvYmplY3RcIj09PXR5cGVvZiBrLmRhdGE%2Fay5kYXRhOkpTT04ucGFyc2Uoay5kYXRhKTtmPT09aC5wYXdfaWQmJih3aW5kb3cuY2xlYXJUaW1lb3V0KGcpLHdpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGUpLGguc2lnbmFsP2MoaC5zaWduYWwpOmguZXJyb3ImJmQoaC5lcnJvcikpfWNhdGNoKG0pe2s9e21zZzpcInBvc3RtZXNzYWdlRXJyb3JcIixlcnI6bSBpbnN0YW5jZW9mIEVycm9yP20ubWVzc2FnZTpcIm5vbkVycm9yXCIsZGF0YTpudWxsPT1rLmRhdGE%2FXCJudWxsXCI6NTAwPGsuZGF0YS5sZW5ndGg%2Fay5kYXRhLnN1YnN0cmluZygwLDUwMCk6ay5kYXRhfTtoPWdiO3ZhciBsPVwibFwiO2gubCYmaC5oYXNPd25Qcm9wZXJ0eShsKXx8KGw9bmV3IGgsaC5sPWwpO2g9W107IWsuZWlkJiYgaC5sZW5ndGgmJihrLmVpZD1oLnRvU3RyaW5nKCkpO1QoUixcInBhd19zaWdzXCIsaywhMCx2b2lkIDAsdm9pZCAwKX19O3dpbmRvdy5hZGRFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGViKGs9PntlKGspfSkpO2EucG9z&i=6-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
QI_xLczr98BVvXBlf8kcOmtwSVx4J2QvY8VU5g_Cvczi-NtLBKIfKw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=dE1lc3NhZ2UoT2JqZWN0LmFzc2lnbih7cGF3X2lkOmZ9LGIpKTtnPXdpbmRvdy5zZXRUaW1lb3V0KCgpPT57d2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsZSk7ZChcIlBBVyBHTUEgcG9zdG1lc3NhZ2UgdGltZWQgb3V0LlwiKX0sMjAwKX07dmFyIGxiPWNsYXNzIGV4dGVuZHMgRHt9LHFhPVs2XTtjb25zdCBtYj1cInBsYXRmb3JtIHBsYXRmb3JtVmVyc2lvbiBhcmNoaXRlY3R1cmUgbW9kZWwgdWFGdWxsVmVyc2lvbiBiaXRuZXNzXCIuc3BsaXQoXCIgXCIpO3ZhciBuYj0oKT0%2Be3ZhciBhPXdpbmRvdztyZXR1cm4gYS5uYXZpZ2F0b3ImJmEubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEmJlwiZnVuY3Rpb25cIj09PXR5cGVvZiBhLm5hdmlnYXRvci51c2VyQWdlbnREYXRhLmdldEhpZ2hFbnRyb3B5VmFsdWVzP2EubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXMobWIpLnRoZW4oYj0%2Be3ZhciBjPW5ldyBsYjtjPUUoYywxLGIucGxhdGZvcm0pO2M9RShjLDIsYi5wbGF0Zm9ybVZlcnNpb24pO2M9RShjLDMsYi5hcmNoaXRlY3R1cmUpO2M9RShjLDQsYi5tb2RlbCk7Yz1FKGMsNSxiLnVhRnVsbFZlcnNpb24pO3JldHVybiBFKGMsOSxiLmJpdG5lc3MpfSk6bnVsbH07Y2xhc3Mgb2J7Y29uc3RydWN0b3IoKXt0aGlzLnByb21pc2U9bmV3IFByb21pc2UoYT0%2Be3RoaXMuZz1hfSl9fTt3aW5kb3cudmlld1JlcT1bXTtjb25zdCBwYj1hPT57Y29uc3QgYj1uZXcgSW1hZ2U7Yi5zcmM9YS5yZXBsYWNlKFwiJmFtcDtcIixcIiZcIik7d2luZG93LnZpZXdSZXEucHVzaChiKX0scWI9YT0%2Be2ZldGNoKGEse2tlZXBhbGl2ZTohMCxjcmVkZW50aWFsczpcImluY2x1ZGVcIixyZWRpcmVjdDpcImZvbGxvd1wiLG1ldGhvZDpcImdldFwiLG1vZGU6XCJuby1jb3JzXCJ9KS5jYXRjaCgoKT0%2Be3BiKGEpfSl9LHJiPWE9Pnt3aW5kb3cuZmV0Y2g%2FcWIoYSk6cGIoYSl9O009NDI7IHdpbmRvdy52dT1hPT57dmFyIGIsYyxkLGY7Y29uc3QgZz1JYSh2YSksZT1pYigpO2cmJm51bGwhPShudWxsPT09KGI9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUuZ21hU2RrKXx8dm9pZCAwPT09Yj92b2lkIDA6Yi5nZXRWaWV3U2lnbmFscykmJihiPW51bGw9PT0oYz1udWxsPT09ZXx8dm9pZCAwPT09ZT92b2lkIDA6ZS5nbWFTZGspfHx2b2lkIDA9PT1jP3ZvaWQgMDpjLmdldFZpZXdTaWduYWxzKCkpJiYoYT1HKGEsXCImbXM9XCIrYikpO2NvbnN0IGs9W107Yz0oKT0%2Be2NvbnN0IGg9bmV3IG9iO2sucHVzaChoLnByb21pc2UpO3JldHVybiBoLmd9O2lmKGI9SWEod2EpKXtjb25zdCBoPW5iKCk7aWYobnVsbCE9aCl7Y29uc3QgbD1jKCk7aC50aGVuKG09PnthOntBPSEwO3RyeXt2YXIgbj1KU09OLnN0cmluZ2lmeShtLnRvSlNPTigpLHRhKTticmVhayBhfWZpbmFsbHl7QT0hMX1uPXZvaWQgMH1tPW47bj1bXTtmb3IodmFyIHU9MCxwPTA7cDxtLmxlbmd0aDtwKyspe3ZhciBxPSBtLmNoYXJDb2RlQXQocCk7MjU1PHEmJihuW3UrK109cSYyNTUscT4%2BPTgpO25bdSsrXT1xfW09amEobiwzKTswPG0ubGVuZ3RoJiYoYT1HKGEsXCImdWFjaD1cIittKSk7bCgpfSl9fWlmKGcmJm51bGwhPShudWxsPT09KGQ9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUud2Via2l0KXx8dm9pZCAwPT09ZD92b2lkIDA6ZC5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMpKXtjb25zdCBoPWMoKTtrYihudWxsPT09KGY9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUud2Via2l0KXx8dm9pZCAwPT09Zj92b2lkIDA6Zi5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMse30sbD0%2Be2E9RyhhLFwiJlwiK2wpO2goKX0sKCk9PntoKCl9KX1ifHxnP1Byb21pc2UuYWxsKGspLnRoZW4oKCk9PntyYihhKX0pOnJiKGEpfTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQ%2BdnUoXCJodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpXFx4M2RDQWMwWmc1eThZWm5vSk1qcjN3TzFfWUhJQTZ5ZDRxNW11ZEN1eXBZUHdJMjNBUkFCSUFCZ2xiS2hnckFIZ2dFWFkyRXRjSFZpTFRReE1UTTJPREU0T0RJek1URTBOVFhJQVFuZ0FnQ29Bd0dxQktVQ1Q5Q0tlanBmQ3NmQnZRY01SWlRiRUVSN25oY3NaT3FuZGk3YjNHVjF0Qi15c3Qxdk9EYVZKVzlhQUNMUUVxNmtoS3h1QzhxRHJ6SzZHdV81ZkVIdFFCMWxEV0loZkE1dlo2RGNJc2VkQWtUMU91SFpPcjdqdzRyLXJhdkRITi1OUXp2TzZBcXdhelQ2YjM4NnluNkc0dk44YjFjNS1aY0doek5JT2ZxWU02NWJ6Z19kSjNlQU1icC1iOGM1RVlDSUJiTW54cnVZVmR0OEhrV2xtUm1QUVhzcnIxbDN2SWYxWUNleTlZVTFHUmdaekF1WUl3Z0IyVUoxNXNkQXlvU1p5WG5vaktMNld5WXM0TGJvUEVIOVF0cmNiRkdCVGpQcEQyWVQzMWdNS0hYTnREQV9KRnIwNTc3T0NqRHNWcHFUanI0cmFwdWEySGRjbnRGeFp4NnIyMHpUMGM2NWh3V0dOcnNSYW4wdkRZOENTaFNsX2tvRnRKWWphSmhpRTZWYUxoOWtpTWZnQkFHQUJwNkhqYmVNLV9XVkpxQUdJYWdIcHI0YnFBZVcyQnVvQjZxYnNRS29COS1mc1FMWUJ3RFNDQVVJaUdFUUFZQUtBX29MQWdnQmdBd0IwQlVCZ0JjQnNoY2NDaG9TRkhCMVlpMDBNVEV6TmpneE9EZ3lNekV4TkRVMUdJVGJld1xceDI2c2lnaFxceDNkWU8xWEo1NlVxeVlcXHgyNnVhY2hfbVxceDNkW1VBQ0hdXFx4MjZjaWRcXHgzZENBUVNQd0NOSXJMTTRVTXo4dkhkVW9kVzBuYl81N014YmVUaTZtMm4yQkFxMnVZa3JnTGtKbUpncWI2dklkaTNtT0VhbUNxdzR1aXdyQkRLVnNmTFJ0Y21KQmdCXCIpPC9zY3JpcHQ%2BPHNjcmlwdD52dShcImh0dHBzOi8vZy5hbGdiaWQuYXBwL3J0aW1wP3NpZFxceDNkNjNjMTQ5MDAtNWY0NC0xMWVjLWEzN2ItZjZkMzJlMGJhNzk0XFx4MjZkXFx4M2R0aHJlYXRwb3N0LmNvbVxceDI2Y3JcXHgzZGdyZF9nZW4xMV8yXFx4MjZhXFx4M2RpbXBcXHgyNnBcXHgzZFlieWNnd0FKTkJrS2RfWElBQUItdFlPUEtORU93Z2FRWTVyN25RXFx4MjZpbVxceDNkTWs5SDBJTHZLSGNoUGhqbzZSX2JZV2Y1Ql8zdWVyWno1ZUl0LWY0d0tmQWtKOUNsNHlaMGNCbEVHa1lXOEduRzVHbVo5aGc2RXhDaHRXN2ozQVNDei1xSWpzUHRFTlRNNEJrQkFzUmxZT0lTV2FxYmRVNjlBNFdHUDNSMWh0SkhmTEQ4WHZlMmhYd3VjSk1QNmVfelVpUktkaEdVTnliTGcxVDQ5dEVNM1dtbWFQVXZFOXFCV2J4ai1IZWFUdGNzRHZRbmVyeWw4dGMtaXF1NmJXdnBEV1lHTjFLTTdDb0pfMGhpVllfbTQ2a3dWZ0VLaHJobmQ3OFhtZWhTeUZzcDRJN0hwWnotVER3SGI2QUZQNXFHLVpBeFJIVkh4NXlPS1ZDSERtR1IzODRJMWpzX0IyS043dHF5OFd5a2RFNXZcIik8L3NjcmlwdD48ZGl2IGNsYXNzPVwiR29vZ2xlQWN0aXZlVmlld0lubmVyQ29udGFpbmVyXCJzdHlsZT1cImxlZnQ6MHB4O3RvcDowcHg7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJTtwb3NpdGlvbjpmaXhlZDtwb2ludGVyLWV2ZW50czpub25lO3otaW5kZXg6LTk5OTk7XCI%2BPC9kaXY%2BPGRpdiBzdHlsZT1cImRpc3BsYXk6aW5saW5lXCJjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdFbGVtZW50XCJkYXRhLWdvb2dsZS1hdi1jeG49XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanNzMnlsRlBsVnQ1WGtoSW9PNy1EOC1uNnpmZEZHOWdBWW9hbjZiN3dEVVM0a2pneDJPaENOQU9GVDBUZFVzUThmdlJpNnd5ckdrM0hwM1JtOXNUbW9xRXFBJmFtcDtzaWc9Q2cwQXJLSlN6SlNFSlFXekdMVzVFQUVcImRhdGEtZ29vZ2xlLWF2LWFkaz1cIjQxNjY3MjM5OTFcImRhdGEtZ29vZ2xlLWF2LW1ldGFkYXRhPVwibGE9MSZhbXA7eGRpPTAmYW1wO1wiZGF0YS1nb29nbGUtYXYtb3ZlcnJpZGU9XCItMVwiZGF0YS1nb29nbGUtYXYtZG09XCIyXCJkYXRhLWdvb2dsZS1hdi1pbW1lZGlhdGUgZGF0YS1nb29nbGUtYXYtYWlkPVwiMFwiZGF0YS1nb29nbGUtYXYtbmFpZD1cIjFcImRhdGEtZ29vZ2xlLWF2LXNsaWZ0PVwiXCJkYXRhLWdvb2dsZS1hdi1jcG1hdj1cIlwiZGF0YS1nb29nbGUtYXYtYnRyPVwiXCJkYXRhLWdvb2dsZS1hdi1pdHBsPVwiMjBcImRhdGEtZ29vZ2xlLWF2LXJzPVwiNFwiZGF0YS1nb29nbGUtYXYtZmxhZ3M9XCJbJnF1b3Q7eCUyNzg0NDAmIzM5OzllZm90bSgmYW1wOzc1MzM3NCUyYmVqdmYvJTI3ODQ0Jmd0OyYjMzk7OXd1dmIkJmFtcDs1NjUzMyZndDshPXx2cWMpITI3Mzc5NCZhbXA7Jmx0O3FxdmIvJSZsdDsxNzM1MDIwIT1uZWh1YC8hMzY0PTUwNTEhOWFia3thKCQxNjAyMTA6MyZhbXA7Jmx0O2Nib3RmKyowMTUwMDM0OiUyYmVqdmYvJTcyOzE3NjEzIT1lZmR3YSomIzM5Ozc2NDYzOzIxJD9lYmtwYiQmYW1wOzAzNjY3MTcmZ3Q7KiZndDtiZ2lwZishMz03MTIzNjMlOWFpaHdjKSE3MjAyJmx0OzIxNyYjMzk7OWVmb3RtKCZhbXA7MjAwNjE7NDgmYW1wOyZndDtgZG9wYi8lJmx0OzE3MDcyMDAhPTgoJmFtcDsyMDA1NTc1PyZhbXA7Jmd0O2Bkb3BiLyUmbHQ7MTcwNjoyMSE9bmVodWB%2BJnF1b3Q7XVwiPjwhRE9DVFlQRSBodG1sPjxodG1sIGxhbmc9XCJlblwiPiA8aGVhZD4gPG1ldGEgY2hhcnNldD1cIlVURi04XCIvPiA8bWV0YSBuYW1lPVwidmlld3BvcnRcIiBjb250ZW50PVwid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEuMFwiLz4gPG1ldGEgaHR0cC1lcXVpdj1cIlgtVUEtQ29tcGF0aWJsZVwiIGNvbnRlbnQ9XCJpZT1lZGdlXCIvPiA8bWV0YSBuYW1lPVwicmVmZXJyZXJcIiBjb250ZW50PVwibm8tcmVmZXJyZXJcIi8%2BIDx0aXRsZT5Eb2N1bWVudDwvdGl0bGU%2BIDxsaW5rIGhyZWY9XCJodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9Um9ib3RvOjQwMCw3MDAmZGlzcGxheT1zd2FwXCIgcmVsPVwic3R5bGVzaGVldFwiLz4gPGxpbmsgaHJlZj1cImh0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzP2ZhbWlseT1TZWN1bGFyK09uZSZkaXNwbGF5PXN3YXBcIiByZWw9XCJzdHlsZXNoZWV0XCIvPiA8c3R5bGU%2BLyogcmVzZXQgKi8gYWJiciwgYWRkcmVzcywgYXJ0aWNsZSwgYXNpZGUsIGF1ZGlvLCBiLCBibG9ja3F1b3RlLCBib2R5LCBjYW52YXMsIGNhcHRpb24sIGNpdGUsIGNvZGUsIGRkLCBkZWwsIGRldGFpbHMsIGRmbiwgZGl2LCBkbCwgZHQsIGVtLCBmaWVsZHNldCwgZmlnY2FwdGlvbiwgZmlndXJlLCBmb290ZXIsIGZvcm0sIGgxLCBoMiwgaDMsIGg0LCBoNSwgaDYsIGhlYWRlciwgaGdyb3VwLCBodG1sLCBpLCBpZnJhbWUsIGltZywgaW5zLCBrYmQsIGxhYmVsLCBsZWdlbmQsIGxpLCBtYXJrLCBtZW51LCBuYXYsIG9iamVjdCwgb2wsIHAsIHByZSwgcSwgc2FtcCwgc2VjdGlvbiwgc21hbGwsIHNwYW4sIHN0cm9uZywgc3ViLCBzdW1tYXJ5LCBzdXAsIHRhYmxlLCB0Ym9keSwgdGQsIHRmb290LCB0aCwgdGhlYWQsIHRpbWUsIHRyLCB1bCwgdmFyLCB2aWRlb3ttYXJnaW46IDA7IHBhZGRpbmc6IDA7IGJvcmRlcjogMDsgb3V0bGluZTogMDsgZm9udC1zaXplOiAxMDAlOyB2ZXJ0aWNhbC1hbGlnbjogYmFzZWxpbmU7IGJhY2tncm91bmQ6IDAgMDt9Ym9keXtsaW5lLWhlaWdodDogMTt9YXJ0aWNsZSwgYXNpZGUsIGRldGFpbHMsIGZpZ2NhcHRpb24sIGZpZ3VyZSwgZm9vdGVyLCBoZWFkZXIsIGhncm91cCwgbWVudSwgbmF2LCBzZWN0aW9ue2Rpc3BsYXk6IGJsb2NrO31uYXYgdWx7bGlzdC1zdHlsZTogbm9uZTt9YmxvY2txdW90ZSwgcXtxdW90ZXM6IG5vbmU7fWJsb2NrcXVvdGU6YWZ0ZXIsIGJsb2NrcXVvdGU6YmVmb3JlLCBxOmFmdGVyLCBxOmJlZm9yZXtjb250ZW50OiBcIlwiOyBjb250ZW50OiBub25lO31he21hcmdpbjogMDsgcGFkZGluZzogMDsgZm9udC1zaXplOiAxMDAlOyB2ZXJ0aWNhbC1hbGlnbjogYmFzZWxpbmU7IGJhY2tncm91bmQ6IDAgMDt9aW5ze2JhY2tncm91bmQtY29sb3I6ICNmZjk7IGNvbG9yOiAjMDAwOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7fW1hcmt7YmFja2dyb3VuZC1jb2xvcjogI2ZmOTsgY29sb3I6&i=7-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
UpMGChf8BRv9BaJ4GLdT3cICFW9cvuUhJolBhjRfBGQggpy3F2h9uA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=ICMwMDA7IGZvbnQtc3R5bGU6IGl0YWxpYzsgZm9udC13ZWlnaHQ6IDcwMDt9ZGVse3RleHQtZGVjb3JhdGlvbjogbGluZS10aHJvdWdoO31hYmJyW3RpdGxlXSwgZGZuW3RpdGxlXXtib3JkZXItYm90dG9tOiAxcHggZG90dGVkOyBjdXJzb3I6IGhlbHA7fXRhYmxle2JvcmRlci1jb2xsYXBzZTogY29sbGFwc2U7IGJvcmRlci1zcGFjaW5nOiAwO31ocntkaXNwbGF5OiBibG9jazsgaGVpZ2h0OiAxcHg7IGJvcmRlcjogMDsgYm9yZGVyLXRvcDogMXB4IHNvbGlkICNjY2M7IG1hcmdpbjogMWVtIDA7IHBhZGRpbmc6IDA7fWlucHV0LCBzZWxlY3R7dmVydGljYWwtYWxpZ246IG1pZGRsZTt9PC9zdHlsZT4gPHN0eWxlPmh0bWx7Ym94LXNpemluZzogYm9yZGVyLWJveDt9Ym9keXtmb250LWZhbWlseTogXCJSb2JvdG9cIiwgc2Fucy1zZXJpZjt9YXt0ZXh0LWRlY29yYXRpb246IG5vbmU7IGNvbG9yOiAjMDAwMDAwO311bCBsaXtkaXNwbGF5OiBibG9jazsgcGFkZGluZzogMDsgbWFyZ2luOiAwO30uY29udGFpbmVyX19pbm5lcnt3aWR0aDogY2FsYygxMDB2dyAtIDEwcHgpOyBoZWlnaHQ6IGNhbGMoMTAwdmggLSAxMHB4KTsgbWFyZ2luOiA1cHggNXB4IDVweCA1cHg7IGRpc3BsYXk6IGZsZXg7IGFsaWduLWl0ZW1zOiBjZW50ZXI7IGp1c3RpZnktY29udGVudDogc3BhY2UtYXJvdW5kOyBiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudDsgYm94LXNpemluZzogYm9yZGVyLWJveDsgY3Vyc29yOiBkZWZhdWx0O30uc3RhcnRfX2J0bnttaW4td2lkdGg6IDIwN3B4OyBjdXJzb3I6IHBvaW50ZXI7IGJhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCggdG8gYm90dG9tLCByZ2JhKDAsIDE5MiwgMTYsIDEpIDAlLCByZ2JhKDAsIDE0NywgOSwgMSkgMTAwJSApOyBmb250LWZhbWlseTogXCJTZWN1bGFyIE9uZVwiLCBzYW5zLXNlcmlmOyBkaXNwbGF5OiBpbmxpbmUtYmxvY2s7IHRleHQtZGVjb3JhdGlvbjogbm9uZTsgdGV4dC10cmFuc2Zvcm06IHVwcGVyY2FzZTsgY29sb3I6ICNmZmY7IGZvbnQtd2VpZ2h0OiBib2xkOyBiYWNrZ3JvdW5kLWNvbG9yOiAjMDBiYTBkOyBwYWRkaW5nOiAxOHB4IDQ1cHg7IGxldHRlci1zcGFjaW5nOiAwLjFlbTsgdGV4dC1zaGFkb3c6IDFweCAxcHggMnB4IHJnYmEoMCwgMCwgMCwgMC43Nik7IGJvcmRlcjogMXB4IHNvbGlkICMwMTRmMDQ5NDsgYm9yZGVyLXJhZGl1czogMTBweDsgYm94LXNoYWRvdzogM3B4IDNweCAwcHggIzAxNGYwNDk0LCAwcHggM3B4IDE1cHggcmdiYSgwLCAwLCAwLCAwLjQpLCBpbnNldCAwcHggMXB4IDBweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuMyksIGluc2V0IDBweCAwcHggM3B4IHJnYmEoMjU1LCAyNTUsIDI1NSwgMC41KTsgdHJhbnNpdGlvbjogYm94LXNoYWRvdyAyMDBtczsgd2lkdGg6IGNsYW1wKDIwMHB4LCA0MHZ3LCAzMDBweCk7IHBhZGRpbmc6IDE0cHggMjVweDsgZm9udC1zaXplOiAyMHB4OyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDZ2dywgMzhweCk7fS5sb25nLXRleHR7d2lkdGg6IGNsYW1wKDIwMHB4LCA0NXZ3LCAzNTBweCk7fS5zdGFydF9fYnRuOmZvY3Vze291dGxpbmU6IG5vbmU7fS5zdGFydF9fd3JhcHBlcnthbGlnbi1pdGVtczogY2VudGVyOyBkaXNwbGF5OiBmbGV4O30uaW5mb3tkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogZmxleC1lbmQ7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMTdweDsgbGluZS1oZWlnaHQ6IDIxcHg7IGZvbnQtd2VpZ2h0OiA3MDA7fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAxOHB4O30uaW5mb19fc3RlcHMgc3Bhbntmb250LXdlaWdodDogNzAwO30ubG9nb3ttYXJnaW4tdG9wOiA2MHB4OyBtaW4td2lkdGg6IDcwcHg7fS50aXRsZS1jb250YWluZXJ7ZGlzcGxheTogZmxleDsganVzdGlmeS1jb250ZW50OiBjZW50ZXI7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47fS50aXRsZXtkaXNwbGF5OiBibG9jazsgZm9udC1zaXplOiBjbGFtcCgzMHB4LCA0dncsIDgwcHgpOyB0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiAxLjI7IGZvbnQtZmFtaWx5OiBhdXRvO30udGl0bGUtYWRkaXRpb257Zm9udC13ZWlnaHQ6IDYwMDt9LmhpZGV7ZGlzcGxheTogbm9uZTt9LmhhbGYtSW1nLUFydGljbGUtbWFpbnt3aWR0aDogODh2dzsgZm9udC1zaXplOiAxMy41cHg7IGxpbmUtaGVpZ2h0OiAxLjI7fS5oYWxmLUltZy1BcnRpY2xlLWFkZGl0aW9uYWwtdGV4dHttYXJnaW4tdG9wOiAzdmg7fS5oYWxmLUltZy1BcnRpY2xlLWFkZGl0aW9uYWwtdGV4dDplbXB0eXtkaXNwbGF5OiBub25lO30ucHJlc3MtZG93bjphY3RpdmUsIC5wcmVzcy1kb3duOmZvY3VzLCAucHJlc3MtZG93bjp2aXNpdGVke3RyYW5zZm9ybTogdHJhbnNsYXRlWSgxcHgpO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA3MjlweCl7LnN0YXJ0X19idG57bWluLXdpZHRoOiAyMDdweDsgcGFkZGluZzogMTZweCAxMHB4OyB3aWR0aDogY2xhbXAoMjEwcHgsIDQ1dncsIDMwMHB4KTsgZm9udC1zaXplOiA0Ljd2dzt9LmxvbmctdGV4dHt3aWR0aDogY2xhbXAoMjEwcHgsIDQ1dncsIDM1MHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiA1MDBweCl7LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiA5NnZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEyMHB4KXsuY29udGFpbmVyX19pbm5lcntoZWlnaHQ6IDg5dmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTAwcHgpe2g0e2Rpc3BsYXk6IG5vbmU7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNzlweCl7LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiA4NHZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogNTk2cHgpey5jb250YWluZXJfX291dGVye2hlaWdodDogMTAwdmg7IC8qIGJhY2tncm91bmQtY29sb3I6IGdyZXk7ICovIGRpc3BsYXk6IGZsZXg7IGFsaWduLWl0ZW1zOiBjZW50ZXI7IGp1c3RpZnktY29udGVudDogY2VudGVyO30uY29udGFpbmVyX19pbm5lcntoZWlnaHQ6IDEwMCU7fS5pbmZve2hlaWdodDogMTAwdmg7fS5pbmZvX193cmFwcGVye2Rpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGhlaWdodDogMTAwJTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1ldmVubHk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA1OTZweCl7LnN0YXJ0X19idG57d2lkdGg6IGNsYW1wKDE4MHB4LCA1MHZ3LCAyNTBweCk7IG1pbi13aWR0aDogMTc1cHg7IG1pbi1oZWlnaHQ6IDUwcHg7IHBhZGRpbmc6IDlweCAxM3B4OyBmb250LXNpemU6IDE2cHg7IGZvbnQtc2l6ZTogY2xhbXAoMTZweCwgNXZ3LCAzMHB4KTt9LmluZm8gaDR7Zm9udC1zaXplOiAxNHB4OyBsaW5lLWhlaWdodDogMThweDt9LmluZm9fX3N0ZXBze2ZvbnQtc2l6ZTogMTJweDsgbGluZS1oZWlnaHQ6IDE0cHg7fS5sb2dve2ZvbnQtc2l6ZTogMTJweDsgbWFyZ2luLXRvcDogNDVweDsgbWluLXdpZHRoOiA1MHB4O319LmxpbmtzLXRyeS1hZ2FpbntmbGV4LWRpcmVjdGlvbjogcm93LXJldmVyc2U7fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDQ1OHB4KXsuY29udGFpbmVyX19pbm5lcntmbGV4LWRpcmVjdGlvbjogY29sdW1uO30ubGlua3N7ZmxleC1kaXJlY3Rpb246IGluaGVyaXQ7fS5saW5rcy10cnktYWdhaW57ZmxleC1kaXJlY3Rpb246IGNvbHVtbi1yZXZlcnNlO30uaW5mb3ttYXJnaW4tdG9wOiA2dm1pbjsgZmxleC1kaXJlY3Rpb246IGNvbHVtbjsgYWxpZ24taXRlbXM6IGNlbnRlcjt9LmxvZ297Zm9udC1zaXplOiAxNXB4OyBtYXJnaW4tdG9wOiA2dm1pbjsgbWFyZ2luLWxlZnQ6IDc1JTt9LmluZm8gaDR7Zm9udC1zaXplOiAxOHB4OyBsaW5lLWhlaWdodDogMS4zZW07fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAxLjJlbTt9LnN0YXJ0X19idG57Lyogd2lkdGg6IDIzMHB4OyAqLyAvKiBwYWRkaW5nOiAxOHB4IDQwcHg7ICovIC8qIGZvbnQtc2l6ZTogMjBweDsgKi8gd2lkdGg6IDk0dnc7IHBhZGRpbmc6IDI0cHggMTRweDsgZm9udC1zaXplOiBjbGFtcCgyMHB4LCAxMnZ3LCA0MHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDI4MHB4KXsuc3RhcnRfX2J0bnt3aWR0aDogOTV2dzsgbWluLXdpZHRoOiAxMDZweDsgcGFkZGluZzogMjBweCA0cHg7IGZvbnQtc2l6ZTogMThweDsgZm9udC1zaXplOiBjbGFtcCgxM3B4LCAxM3Z3LCAyMXB4KTt9LmxvbmctdGV4dHtmb250LXNpemU6IGNsYW1wKDEzcHgsIDEzdncsIDE4cHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogMjAwcHgpey5sb25nLXRleHR7Zm9udC1zaXplOiBjbGFtcCgxM3B4LCAxM3Z3LCAxNXB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDE1MHB4KXsubG9uZy10ZXh0e2ZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMTNweCk7fX0ubG9nb3tmb250LXNpemU6IDEzcHg7IG1hcmdpbi1sZWZ0OiA2MCU7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMTVweDsgbGluZS1oZWlnaHQ6IDJlbTt9LmluZm9fX3N0ZXBze2ZvbnQtc2l6ZTogMTJweDsgbGluZS1oZWlnaHQ6IDJlbTt9LyogUkVTUE9OU0lWRSAqLyAuc3RhcnRfX2Fycm93LCAubG9nb3tkaXNwbGF5OiBub25lO31AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiAxNjBweCl7LnN0YXJ0X19hcnJvd3tkaXNwbGF5OiBibG9jazt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDUwMHB4KXsubG9nb3tkaXNwbGF5OiBibG9jazt9fS5jb250YWluZXJfX2lubmVye2hlaWdodDogMTAwdmg7IGhlaWdodDogY2FsYygxMDB2aCAtIDEwcHgpO31AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNDlweCl7LnN0YXJ0X19hcnJvd3tkaXNwbGF5OiBibG9jazt9LnN0YXJ0X19idG57d2lkdGg6IGNsYW1wKDIwMHB4LCA1MHZ3LCA1MDBweCk7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgNnZ3LCA2MHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiAyNDlweCl7LmluZm9fX3N0ZXBze2Rpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5OyBsaW5lLWhlaWdodDogaW5oZXJpdDsgZm9udC1zaXplOiBjbGFtcCgxNXB4LCA1LjV2dywgMThweCk7fS5pbmZvX193cmFwcGVyey8qIGhlaWdodDogMTAwJTsgKi8gZGlzcGxheTogZmxleDsgZmxleC1kaXJlY3Rpb246IGNvbHVtbjsganVzdGlmeS1jb250ZW50OiBjZW50ZXI7IG1heC13aWR0aDogMTAwdnc7IG1heC13aWR0aDogY2FsYygxMDB2dyAtIDEwcHgpOyBsaW5lLWhlaWdodDogMTB2aDt9LmluZm97ZmxleDogNTUlO30uc3RhcnR7ZmxleDogMzUlOyBkaXNwbGF5OiBmbGV4OyBmbGV4OiB1bnNldDt9LmxvZ297ZGlzcGxheTogZmxleDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiAzNTBweCl7LmluZm9fX3dyYXBwZXJ7bGluZS1oZWlnaHQ6IDd2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDUwMHB4KSBhbmQgKG1pbi1oZWlnaHQ6IDI0OXB4KXsuaW5mb19fc3RlcHN7ZGlzcGxheTogZmxleDsgZmxleC1kaXJlY3Rpb246IGNvbHVtbjsganVzdGlmeS1jb250ZW50OiBzcGFjZS1ldmVubHk7IC8qIGxpbmUtaGVpZ2h0OiAyMHZoOyAqLyBsaW5lLWhlaWdodDogMjB2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDUwMHB4KXsubWFpbiBsaSwgLm1haW4gaDQsIC5tYWluIC5sb2dve2ZvbnQtc2l6ZTogY2xhbXAoMTZweCwgMS41dncsIDIycHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDUwMHB4KXsubWFpbiBsaSwgLm1haW4gaDQsIC5tYWluIC5sb2dve2ZvbnQtc2l6ZTogY2xhbXAoMTZweCwgMnZoLCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCkgYW5kIChtaW4td2lkdGg6IDI1MHB4KXsubWFpbiBsaSwgLm1haW4gaDQsIC5tYWluIC5sb2dve2ZvbnQtc2l6ZTogY2xhbXAoMTZweCwg&i=8-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
8tH79JEZvlCIbl4PLdDAVult1m-DrMiUYDnphW36aTTRGpp0QU0Yzg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
428 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=My41dmgsIDIycHgpOyBsaW5lLWhlaWdodDogMTB2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDUwMHB4KSBhbmQgKG1pbi1oZWlnaHQ6IDI1MHB4KXsubWFpbiBsaSwgLm1haW4gaDQsIC5tYWluIC5sb2dve2ZvbnQtc2l6ZTogY2xhbXAoMTZweCwgMi41dncsIDIycHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDUwMHB4KXsubG9nb3t3aWR0aDogMTAwdnc7fX0ubGlua190ZXh0e2NvbG9yOiAjMWEwZGFiOyBmb250LXNpemU6IDE5cHg7IGZvbnQtZmFtaWx5OiBhcmlhbCwgc2Fucy1zZXJpZjsgY3Vyc29yOiBwb2ludGVyO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMjAwcHgpey5saW5rX3RleHR7dHJhbnNmb3JtOiB0cmFuc2xhdGVZKC01cHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDE2MHB4KXsubGlua190ZXh0e2ZvbnQtc2l6ZTogMThweDt9LnN0YXJ0X19idG57cGFkZGluZzogOXB4IDEzcHg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTI1cHgpey5saW5rX3RleHR7ZGlzcGxheTogbm9uZTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMTBweCl7LnN0YXJ0X19idG57cGFkZGluZzogOXB4IDEzcHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTB2dywgNDBweCk7IGxpbmUtaGVpZ2h0OiAxLjI7fS5hZHZfbmFtZXsvKiBkaXNwbGF5OiBub25lOyAqL30uY29udGFpbmVyX19pbm5lcnsvKiBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgKi99fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiA3NHB4KXsuc3RhcnRfX2J0bntwYWRkaW5nOiA2cHggMTNweDsgZm9udC1zaXplOiBjbGFtcCgyMHB4LCA5dncsIDQwcHgpOyBsaW5lLWhlaWdodDogMTsgbWluLWhlaWdodDogdW5zZXQ7IHdpZHRoOiA4NXZ3O319QG1lZGlhIDwhLS0gLi4udHJ1bmNhdGVkIC0tPiIsIm1ldGhvZEJsb2NrZWQiOiJpbml0aWFsREZQU0Ytd3JpdGUifSwiYmxvY2tlZCI6dHJ1ZSwiY2FsbFN0YWNrIjoiRXJyb3JcbiAgICBhdCB2MiAoaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3QvYi03YjEyMGE1LTliODcxZDRlLmpzOjE6MjUzMjIpXG4gICAgYXQgdnYgKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L2ItN2IxMjBhNS05Yjg3MWQ0ZS5qczoxOjI5NzYzKVxuICAgIGF0IGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L29wLmpzOjE6MzQ1ODJcbiAgICBhdCBPYmplY3QuYmVmb3JlSW5zZXJ0IChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9vcC5qczoxOjM1MjY0KVxuICAgIGF0IEhUTUxEaXZFbGVtZW50Lm5pLjxjb21wdXRlZD4ubmkuPGNvbXB1dGVkPi5uaS48Y29tcHV0ZWQ%2BIFthcyBhcHBlbmRDaGlsZF0gKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L29wLmpzOjE6NDM4NDYpXG4gICAgYXQgaEEgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzOjEwOjEwNjgyNSlcbiAgICBhdCBuZXcgTmggKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzOjEwOjEwMzg5NSlcbiAgICBhdCBSaCAoaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsXzIwMjExMjA2MDEuanM6NjozMzM4OClcbiAgICBhdCBZaC5XRi5vIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvcHViYWRzX2ltcGxfMjAyMTEyMDYwMS5qczoxMDoxODY1OTMpXG4gICAgYXQgWWgubCAoaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsXzIwMjExMjA2MDEuanM6MTA6MTg3MzQ4KSIsImludGVybWVkaWF0ZU1hcmt1cCI6IiJ9&i=9-9&t=adltag_kxaha55n_detvKbmbf2p&r=15cee0b3eda86eb87dc59143220c05c&c=math-aids-threatpost&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34033
x-cache
Error from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
yMR8zX8SDuZVZuvpOSdV03h6YfQ9c6kNjjsIa9_lweITK-Fx3qW1AQ==
container.html
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 17 Dec 2021 14:19:47 GMT
expires
Sat, 17 Dec 2022 14:19:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PugMaster
image6.pubmatic.com/AdServer/ Frame 94A8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46661954&p=156858&s=630907&a=2446008&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4e87e0f5567b5f703b5ef40731b955f93c565dce13366e17e9541504802fb541

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1810
content-type
text/html; charset=UTF-8
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=460298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 3F81 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=460298;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=6D2041BA-21B7-4482-901B-BBA9DFBE9031&adServerId=243&campaignId=22918&crID=kiaorikp&ucrid=6183026436333780262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
3447eccea23541d5cdbfa1b638441a08b23bc179731973f3ec407a0e27d3d004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1446
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ACE3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3015550468038922&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
container.html
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 883F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 17 Dec 2021 14:19:47 GMT
expires
Sat, 17 Dec 2022 14:19:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 093F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 17 Dec 2021 14:19:47 GMT
expires
Sat, 17 Dec 2022 14:19:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 17 Dec 2021 14:19:47 GMT
expires
Sat, 17 Dec 2022 14:19:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=eyJzaXRlSWQiOiJtYXRoLWFpZHMtdGhyZWF0cG9zdCIsInVybCI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS8iLCJhZFVuaXQiOiIvMjI0MDQzMzc0NjcsMjE3MDcxMjQzMzYvdGhyZWF0cG9zdC0zMDB4MjUwLUFURl8wIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6IjUwMjQ1NjkzNzQiLCJjYW1wYWlnbklkIjoiMjkxMDkwMjM4NiIsImNyZWF0aXZlSWQiOiIxMzgzNjQ3NTY1MzgiLCJsaW5laXRlbUlkIjoiNTc5NDIxMjYzMCIsImFkU2VydmVyIjoiZGZwIiwieWllbGRHcm91cElkcyI6WzI4NTgzN119LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MCwid3YiOiIxLjAuMCs3YjEyMGE1IiwiYnYiOiIxLjAuMCs3YjEyMGE1IiwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BPC9oZWFkPjxib2R5PlRvbyBtYW55IHJlcXVlc3RzOiA1MS5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsX3BhZ2VfbGV2ZWxfYWRzXzIwMjExMjA2MDEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9ydWxlcy5xdWFudGNvdW50LmNvbS9ydWxlcy1wLV83a1Z4MHQ5SnFqOTAuanNcIiBhc3luYz1cIlwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3NjcmlwdC40ZGV4LmlvL2xvY2Fsc3RvcmUuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9zdGF0aWMuYWRzLXR3aXR0ZXIuY29tL3V3dC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3NlY3VyZS5xdWFudHNlcnZlLmNvbS9xdWFudC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGUtYW5hbHl0aWNzLmNvbS9hbmFseXRpY3MuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly93d3cuZ3N0YXRpYy5jb20vcmVjYXB0Y2hhL3JlbGVhc2VzL1ZaS0VEVzl3c2xQYkVjOVJtek1xYU9BUC9yZWNhcHRjaGFfX2RlLmpzXCIgY3Jvc3NvcmlnaW49XCJhbm9ueW1vdXNcIiBpbnRlZ3JpdHk9XCJzaGEzODQtemVoTVdmQVgwNVloN09JeDRLZmVNVWJ0RUhrLyswZnN4UVBUbm9lenZaS3JIQnpVdWtRVitXbnE1Um40RkxCOFwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nc3RhdGljLmNvbS9yZWNhcHRjaGEvcmVsZWFzZXMvVlpLRURXOXdzbFBiRWM5Um16TXFhT0FQL3JlY2FwdGNoYV9fZW4uanNcIiBjcm9zc29yaWdpbj1cImFub255bW91c1wiIGludGVncml0eT1cInNoYTM4NC13eXZFVlNyQXhvOThNSkdFMFB1UjJyaTZrNXF1cnF4QTIvYSsyUmRqMnpJMVhISkhTR0xzb1JTNUFEb3p1c0FNXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L2JsLTBhZjAzNTYtOGY1NjNiNjAuanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgZGVmZXI9XCJcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3QvYi03YjEyMGE1LTliODcxZDRlLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGRlZmVyPVwiXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD5cbjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndG0uanM%2FaWQ9R1RNLVBNMjlITEZcIj48L3NjcmlwdD5cbjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tLz9kbT1lZDFmOWU0MzVkYzg4NTI5MmVhYjY1NjIwYzUxZjNmYiZhbXA7YWN0aW9uPWxvYWQmYW1wO2Jsb2dpZD0xMDMmYW1wO3NpdGVpZD0xJmFtcDt0PTEyMzE0NDA4MDMmYW1wO2JhY2s9aHR0cHMlM0ElMkYlMkZ0aHJlYXRwb3N0LmNvbSUyRmNvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucyUyRjE3NzExOSUyRlwiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cIi8vYy5hbWF6b24tYWRzeXN0ZW0uY29tL2FheDIvYXBzdGFnLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0PlxudmFyIGdBTVBfdXJsaG9zdCA9ICAnaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS8nO1xudmFyIGdBTVBfdXJscGF0aCA9ICAnL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkvJztcbnZhciBnQU1QX3VybHF1ZXJ5ID0gICdnb29nZmMnO1xudmFyIGdBTVBfY29udGVudGlkID0gICcxNzcxMTknO1xudmFyIGdBTVBfY2F0ZWdvcnkgPSAgJ21hbHdhcmUtMic7XG52YXIgZ0FNUF9jb250ZW50dGFncyA9ICAnJztcbjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L29wLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiLy93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL3RhZy9qcy9ncHQuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9xZC5hZG1ldHJpY3Nwcm8uY29tL2pzL3RocmVhdHBvc3Qvcm9zLWxheW91dC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L2NtcC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L3VzcGNtcC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L3RhcmdldGluZy5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L3ByZWJpZC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3FkLmFkbWV0cmljc3Byby5jb20vanMvdGhyZWF0cG9zdC9lbmdpbmUuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4hZnVuY3Rpb24obil7aWYoIXdpbmRvdy5jbngpe3dpbmRvdy5jbng9e30sd2luZG93LmNueC5jbWQ9W107dmFyIHQ9bi5jcmVhdGVFbGVtZW50KCdpZnJhbWUnKTt0LmRpc3BsYXk9J25vbmUnLHQub25sb2FkPWZ1bmN0aW9uKCl7dmFyIG49dC5jb250ZW50V2luZG93LmRvY3VtZW50LGM9bi5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtjLnNyYz0nLy9jZC5jb25uYXRpeC5jb20vY29ubmF0aXgucGxheWVyLmpzJyxjLnNldEF0dHJpYnV0ZSgnYXN5bmMnLCcxJyksYy5zZXRBdHRyaWJ1dGUoJ3R5cGUnLCd0ZXh0L2phdmFzY3JpcHQnKSxuLmJvZHkuYXBwZW5kQ2hpbGQoYyl9LG4uaGVhZC5hcHBlbmRDaGlsZCh0KX19KGRvY3VtZW50KTtcbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwiYXBwbGljYXRpb24vbGQranNvblwiPntcIkBjb250ZXh0XCI6XCJodHRwczovL3NjaGVtYS5vcmdcIixcIkB0eXBlXCI6XCJCcmVhZGNydW1iTGlzdFwiLFwiaXRlbUxpc3RFbGVtZW50XCI6W3tcIkB0eXBlXCI6XCJMaXN0SXRlbVwiLFwicG9zaXRpb25cIjoxLFwiaXRlbVwiOntcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9cIixcIm5hbWVcIjpcIlRocmVhdHBvc3RcIn19LHtcIkB0eXBlXCI6XCJMaXN0SXRlbVwiLFwicG9zaXRpb25cIjoyLFwiaXRlbVwiOntcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9jYXRlZ29yeS93ZWItc2VjdXJpdHkvXCIsXCJuYW1lXCI6XCJXZWIgU2VjdXJpdHlcIn19LHtcIkB0eXBlXCI6XCJMaXN0SXRlbVwiLFwicG9zaXRpb25cIjozLFwiaXRlbVwiOntcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9jb250aS1nYW5nLXJhbnNvbXdhcmUtYXR0YWNrLW1jbWVuYW1pbnMvMTc3MTE5L1wiLFwibmFtZVwiOlwiQ29udGkgR2FuZyBTdXNwZWN0ZWQgb2YgUmFuc29td2FyZSBBdHRhY2sgb24gTWNNZW5hbWluc1wifX1dfTwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwiYXBwbGljYXRpb24vbGQranNvblwiPntcIkBjb250ZXh0XCI6XCJodHRwczovL3NjaGVtYS5vcmdcIixcIkB0eXBlXCI6XCJOZXdzQXJ0aWNsZVwiLFwibWFpbkVudGl0eU9mUGFnZVwiOntcIkB0eXBlXCI6XCJXZWJQYWdlXCIsXCJAaWRcIjpcImh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS9cIn0sXCJoZWFkbGluZVwiOlwiQ29udGkgR2FuZyBTdXNwZWN0ZWQgb2YgUmFuc29td2FyZSBBdHRhY2sgb24gTWNNZW5hbWluc1wiLFwiaW1hZ2VcIjpcImh0dHBzOi8vbWVkaWEudGhyZWF0cG9zdC5jb20vd3AtY29udGVudC91cGxvYWRzL3NpdGVzLzEwMy8yMDIxLzA3LzMwMTcxMDM5L2JlZXItMjEuanBnXCIsXCJkYXRlUHVibGlzaGVkXCI6XCIyMDIxLTEyLTE3VDEzOjU3OjAyKzAwOjAwXCIsXCJkYXRlTW9kaWZpZWRcIjpcIjIwMjEtMTItMTdUMTM6NTc6MDIrMDA6MDBcIixcImF1dGhvclwiOntcIkB0eXBlXCI6XCJQZXJzb25cIixcIm5hbWVcIjpcIkVsaXphYmV0aCBNb250YWxiYW5vXCJ9LFwicHVibGlzaGVyXCI6e1wiQHR5cGVcIjpcIk9yZ2FuaXphdGlvblwiLFwibmFtZVwiOlwiVGhyZWF0cG9zdFwiLFwibG9nb1wiOntcIkB0eXBlXCI6XCJJbWFnZU9iamVjdFwiLFwidXJsXCI6XCJodHRwczovL21lZGlhLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9zaXRlcy8xMDMvMjAxOC8xMi8wNDEyMTUxOS9hbXBfbG9nby5wbmdcIixcIndpZHRoXCI6NjAsXCJoZWlnaHRcIjo2MH19LFwiZGVzY3JpcHRpb25cIjpcIlRoZSBpbmNpZGVudCBvY2N1cnJlZCBsYXN0IHdlZWtlbmQgYXQgdGhlIHBvcHVsYXIgY2hhaW4gb2YgcmVzdGF1cmFudHMsIGhvdGVscyBhbmQgYnJld2VyaWVzLCB3aGljaCBpcyBzdGlsbCBmYWNpbmcgZGlzcnVwdGlvbnMuXCJ9PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9rYXNwZXJza3ktZW5hYmxlLWpxdWVyeS1taWdyYXRlLWhlbHBlci9qcy9qcXVlcnkvanF1ZXJ5LTEuMTIuNC13cC5qcz92ZXI9MS4xMi40LXdwXCIgaWQ9XCJqcXVlcnktY29yZS1qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgaWQ9XCJub3RpZmljYXRpb25fc3RyaW5ncy1qcy1leHRyYVwiPlxuLyogPCFbQ0RBVEFbICovXG52YXIgZ2RwckR5bmFtaWNTdHJpbmdzID0ge1wibm90aWZpY2F0aW9uX3RleHRcIjpcIldlIHVzZSBjb29raWVzIHRvIG1ha2UgeW91ciBleHBlcmllbmNlIG9mIG91ciB3ZWJzaXRlcyBiZXR0ZXIuIEJ5IHVzaW5nIGFuZCBmdXJ0aGVyIG5hdmlnYXRpbmcgdGhpcyB3ZWJzaXRlIHlvdSBhY2NlcHQgdGhpcy4gRGV0YWlsZWQgaW5mb3JtYXRpb24gYWJvdXQgdGhlIHVzZSBvZiBjb29raWVzIG9uIHRoaXMgd2Vic2l0ZSBpcyBhdmFpbGFibGUgYnkgY2xpY2tpbmcgb24gPGEgaHJlZj1cXFwiaHR0cHM6XFwvXFwvdGhyZWF0cG9zdC5jb21cXC93ZWItcHJpdmFjeS1wb2xpY3lcXC9cXFwiIHRhcmdldD1cXFwiX2JsYW5rXFxcIj5tb3JlIGluZm9ybWF0aW9uPFxcL2E%2BLlwiLFwiYnV0dG9uX3RleHRcIjpcIkFDQ0VQVCBBTkQgQ0xPU0VcIn07XG4vKiBdXT4gKi9cbjwvc2NyaXB0PlxuPHNj&i=1-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
IVwcIOCLYgIYPqcXY4zz4zhxoUnhchQCw6td6-hwfxOM9uZnXDr1vQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=cmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgaWQ9XCJrc3NfanMtanMtZXh0cmFcIj5cbi8qIDwhW0NEQVRBWyAqL1xudmFyIGtzcyA9IHtcInR3aXR0ZXJfYWNjb3VudFwiOlwidGhyZWF0cG9zdFwifTtcbi8qIF1dPiAqL1xuPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Fzc2V0cy50aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvYndwLW1pbmlmeS9taW4vP2Y9d3AtY29udGVudC9wbHVnaW5zL2thc3BlcnNreS1jb29raWVzLW5vdGlmaWNhdGlvbi9zY3JpcHRzL2FsZXJ0X3RleHQuanMsd3AtY29udGVudC9wbHVnaW5zL2thc3BlcnNreS1jb29raWVzLW5vdGlmaWNhdGlvbi9zY3JpcHRzL2FsZXJ0LmpzLHdwLWNvbnRlbnQvcGx1Z2lucy9ob25leXBvdC1jb21tZW50cy9wdWJsaWMvYXNzZXRzL2pzL3B1YmxpYy5qcyx3cC1jb250ZW50L3BsdWdpbnMva3Nwcl90d2l0dGVyX3B1bGxxdW90ZS9qcy9rYXNwZXJza3ktdHdpdHRlci1wdWxscXVvdGUuanMsd3AtY29udGVudC90aGVtZXMvdGhyZWF0cG9zdC0yMDE4L2Fzc2V0cy9qcy9sb2FkbW9yZS5qcyx3cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LXNvY2lhbC1zaGFyaW5nL2Fzc2V0cy9qcy9zb2NpYWwtc2hhcmUuanMmYW1wO3Zlcj04NGM5MmQ5N1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG52YXIgc05ldyA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoXCJzY3JpcHRcIik7XG5zTmV3LmFzeW5jID0gdHJ1ZTtcbnNOZXcuc3JjID0gXCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tLz9kbT1lZDFmOWU0MzVkYzg4NTI5MmVhYjY1NjIwYzUxZjNmYiZhY3Rpb249bG9hZCZibG9naWQ9MTAzJnNpdGVpZD0xJnQ9MTIzMTQ0MDgwMyZiYWNrPWh0dHBzJTNBJTJGJTJGdGhyZWF0cG9zdC5jb20lMkZjb250aS1nYW5nLXJhbnNvbXdhcmUtYXR0YWNrLW1jbWVuYW1pbnMlMkYxNzcxMTklMkZcIlxudmFyIHMwID0gZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ3NjcmlwdCcpWzBdO1xuczAucGFyZW50Tm9kZS5pbnNlcnRCZWZvcmUoc05ldywgczApO1xuPC9zY3JpcHQ%2BXG48c2NyaXB0PihmdW5jdGlvbih3LGQscyxsLGkpe3dbbF09d1tsXXx8W107d1tsXS5wdXNoKHsnZ3RtLnN0YXJ0Jzpcbm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxcbmo9ZC5jcmVhdGVFbGVtZW50KHMpLGRsPWwhPSdkYXRhTGF5ZXInPycmbD0nK2w6Jyc7ai5hc3luYz10cnVlO2ouc3JjPVxuJ2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD0nK2krZGw7Zi5wYXJlbnROb2RlLmluc2VydEJlZm9yZShqLGYpO1xufSkod2luZG93LGRvY3VtZW50LCdzY3JpcHQnLCdkYXRhTGF5ZXInLCdHVE0tUE0yOUhMRicpOzwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG4gICAgICAgICAgICB2YXIgalF1ZXJ5TWlncmF0ZUhlbHBlckhhc1NlbnREb3duZ3JhZGUgPSBmYWxzZTtcblxuXHRcdFx0d2luZG93Lm9uZXJyb3IgPSBmdW5jdGlvbiggbXNnLCB1cmwsIGxpbmUsIGNvbCwgZXJyb3IgKSB7XG5cdFx0XHRcdC8vIEJyZWFrIG91dCBlYXJseSwgZG8gbm90IHByb2Nlc3NpbmcgaWYgYSBkb3duZ3JhZGUgcmVxZXVzdCB3YXMgYWxyZWFkeSBzZW50LlxuXHRcdFx0XHRpZiAoIGpRdWVyeU1pZ3JhdGVIZWxwZXJIYXNTZW50RG93bmdyYWRlICkge1xuXHRcdFx0XHRcdHJldHVybiB0cnVlO1xuICAgICAgICAgICAgICAgIH1cblxuXHRcdFx0XHR2YXIgeGhyID0gbmV3IFhNTEh0dHBSZXF1ZXN0KCk7XG5cdFx0XHRcdHZhciBub25jZSA9ICdiNmFlMjA5YTg0Jztcblx0XHRcdFx0dmFyIGpRdWVyeUZ1bmN0aW9ucyA9IFtcblx0XHRcdFx0XHQnYW5kU2VsZicsXG5cdFx0XHRcdFx0J2Jyb3dzZXInLFxuXHRcdFx0XHRcdCdsaXZlJyxcblx0XHRcdFx0XHQnYm94TW9kZWwnLFxuXHRcdFx0XHRcdCdzdXBwb3J0LmJveE1vZGVsJyxcblx0XHRcdFx0XHQnc2l6ZScsXG5cdFx0XHRcdFx0J3N3YXAnLFxuXHRcdFx0XHRcdCdjbGVhbicsXG5cdFx0XHRcdFx0J3N1YicsXG4gICAgICAgICAgICAgICAgXTtcblx0XHRcdFx0dmFyIG1hdGNoX3BhdHRlcm4gPSAvXFwpXFwuKC4rPykgaXMgbm90IGEgZnVuY3Rpb24vO1xuICAgICAgICAgICAgICAgIHZhciBlcnJvcmVkRnVuY3Rpb24gPSBtc2cubWF0Y2goIG1hdGNoX3BhdHRlcm4gKTtcblxuICAgICAgICAgICAgICAgIC8vIElmIHRoZXJlIHdhcyBubyBtYXRjaGluZyBmdW5jdGlvbnMsIGRvIG5vdCB0cnkgdG8gZG93bmdyYWRlLlxuICAgICAgICAgICAgICAgIGlmICggdHlwZW9mIGVycm9yZWRGdW5jdGlvbiAhPT0gJ29iamVjdCcgfHwgdHlwZW9mIGVycm9yZWRGdW5jdGlvblsxXSA9PT0gXCJ1bmRlZmluZWRcIiB8fCAtMSA9PT0galF1ZXJ5RnVuY3Rpb25zLmluZGV4T2YoIGVycm9yZWRGdW5jdGlvblsxXSApICkge1xuICAgICAgICAgICAgICAgICAgICByZXR1cm4gdHJ1ZTtcbiAgICAgICAgICAgICAgICB9XG5cbiAgICAgICAgICAgICAgICAvLyBTZXQgdGhhdCB3ZSd2ZSBub3cgYXR0ZW1wdGVkIGEgZG93bmdyYWRlIHJlcXVlc3QuXG4gICAgICAgICAgICAgICAgalF1ZXJ5TWlncmF0ZUhlbHBlckhhc1NlbnREb3duZ3JhZGUgPSB0cnVlO1xuXG5cdFx0XHRcdHhoci5vcGVuKCAnUE9TVCcsICdodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWFkbWluL2FkbWluLWFqYXgucGhwJyApO1xuXHRcdFx0XHR4aHIuc2V0UmVxdWVzdEhlYWRlciggJ0NvbnRlbnQtVHlwZScsICdhcHBsaWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQnICk7XG5cdFx0XHRcdHhoci5vbmxvYWQgPSBmdW5jdGlvbiAoKSB7XG5cdFx0XHRcdFx0dmFyIHJlc3BvbnNlLFxuICAgICAgICAgICAgICAgICAgICAgICAgcmVsb2FkID0gZmFsc2U7XG5cblx0XHRcdFx0XHRpZiAoIDIwMCA9PT0geGhyLnN0YXR1cyApIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRyeSB7XG4gICAgICAgICAgICAgICAgICAgICAgICBcdHJlc3BvbnNlID0gSlNPTi5wYXJzZSggeGhyLnJlc3BvbnNlICk7XG5cbiAgICAgICAgICAgICAgICAgICAgICAgIFx0cmVsb2FkID0gcmVzcG9uc2UuZGF0YS5yZWxvYWQ7XG4gICAgICAgICAgICAgICAgICAgICAgICB9IGNhdGNoICggZSApIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIFx0cmVsb2FkID0gZmFsc2U7XG4gICAgICAgICAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgICAgIH1cblxuXHRcdFx0XHRcdC8vIEF1dG9tYXRpY2FsbHkgcmVsb2FkIHRoZSBwYWdlIGlmIGEgZGVwcmVjYXRpb24gY2F1c2VkIGFuIGF1dG9tYXRpYyBkb3duZ3JhZGUsIGVuc3VyZSB2aXNpdG9ycyBnZXQgdGhlIGJlc3QgcG9zc2libGUgZXhwZXJpZW5jZS5cblx0XHRcdFx0XHRpZiAoIHJlbG9hZCApIHtcblx0XHRcdFx0XHRcdGxvY2F0aW9uLnJlbG9hZCgpO1xuICAgICAgICAgICAgICAgICAgICB9XG5cdFx0XHRcdH07XG5cblx0XHRcdFx0eGhyLnNlbmQoIGVuY29kZVVSSSggJ2FjdGlvbj1qcXVlcnktbWlncmF0ZS1kb3duZ3JhZGUtdmVyc2lvbiZfd3Bub25jZT0nICsgbm9uY2UgKSApO1xuXG5cdFx0XHRcdC8vIFN1cHByZXNzIGVycm9yIGFsZXJ0cyBpbiBvbGRlciBicm93c2Vyc1xuXHRcdFx0XHRyZXR1cm4gdHJ1ZTtcblx0XHRcdH1cbiAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzXCIgYXN5bmM9XCJcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BKGZ1bmN0aW9uKCkge1xuICAgICAgICAgICAgXCJ1c2Ugc3RyaWN0XCI7XG4gICAgICAgICAgICB0cnkge1xuICAgICAgICAgICAgICAgIGNvbnN0IHBsYXllckFwaSA9IHdpbmRvdy5wbGF5ZXJfaW5zdGFuY2VfYWE4OGI0Mjg2MDQ4NGZlZGEwOGFjNWNmYmQ0ZjNjMmY7XG4vL2Rlc2t0b3AgY2xvc2UgYnV0dG9uIGZvbGxvd3NcbnBsYXllckFwaS5vbihjbnguY29uZmlnRXZlbnRzLkFkSW1wcmVzc2lvbiwgZnVuY3Rpb24oKSB7XG4gIGNvbnNvbGUubG9nKFwiQ05YLWFkLWltcFwiKVxuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS12aWRlb1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXghaW1wb3J0YW50XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWxvZ28tYmFyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1idXR0b25zXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1wcm9ncmVzc1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5Om5vbmVcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdm9sdW1lLWNvbnRhaW5lclwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5Om5vbmVcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdWktdmlkZW9cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC1jbG9zZS1idXR0b25cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6YXV0byFpbXBvcnRhbnRcIjtcbn1cbiAgICAgICAgICAgICk7XG5wbGF5ZXJBcGkub24oY254LmNvbmZpZ0V2ZW50cy5BZFNraXBwZWQsIGZ1bmN0aW9uKCkge1xuICBjb25zb2xlLmxvZyhcIkNOWC1hZC1za2lwXCIpXG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWxvZ28tYmFyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1idXR0b25zXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1wcm9ncmVzc1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXhcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdm9sdW1lLWNvbnRhaW5lclwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXhcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdWktdmlkZW9cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6YXV0b1wiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC1jbG9zZS1idXR0b25cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6aW5oZXJpdFwiO1xufVxuICAgICAgICAgICAgKTtcbnBsYXllckFwaS5vbihjbnguY29uZmlnRXZlbnRzLkFkQ29tcGxldGVkMTAwLCBmdW5jdGlvbigpIHtcbiAgY29uc29sZS5sb2coXCJDTlgtYWQtY29tcGxldGVcIilcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtbG9nby1iYXJcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLWJ1dHRvbnNcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLXByb2dyZXNzXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNu&i=2-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
FohKfmMkTF6_GGm2OYSfU1m8PM27JyOfY7VscAvXNVbTI6wWvO9J0w==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=eC12b2x1bWUtY29udGFpbmVyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS12aWRlb1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czphdXRvXCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWNsb3NlLWJ1dHRvblwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czppbmhlcml0XCI7XG59XG4gICAgICAgICAgICApO1xuXG4gICAgICAgICAgICB9Y2F0Y2goZSl7XG4gICAgICAgICAgICAgICAgY29uc29sZS53YXJuKCctLS1DbnhDdXN0b21BcGlFcnJvci0tLScpO1xuICAgICAgICAgICAgICAgIGNvbnNvbGUud2FybihlLm1lc3NhZ2UpO1xuICAgICAgICAgICAgfVxuICAgICAgICAgIH0pKCk8L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvdGFnL2pzL2dwdC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdD4hZnVuY3Rpb24oKXtmdW5jdGlvbiBuKG4pe3dpbmRvd1tcImNueFwiK25dfHwod2luZG93W1wiY254XCIrbl09d2luZG93W25dLHdpbmRvd1tuXT1mdW5jdGlvbihlKXt2YXIgdD1cIlwiO3RyeXtlJiYodD1mdW5jdGlvbiBuKGUsdCl7dHJ5e2lmKCFlKXJldHVyblwiXCI7aWYoZS5jbnhJbm5lclRhZylyZXR1cm4gZS5jbnhJbm5lclRhZztpZih0PDIpe3ZhciByPXQrMTtyZXR1cm4gbihlLmNhbGxlcixyKX19Y2F0Y2gobil7cmV0dXJuXCJcIn1yZXR1cm5cIlwifShlKSl9Y2F0Y2gobil7fXZhciByPXdpbmRvd1tcImNueFwiK25dLmFwcGx5KG51bGwsYXJndW1lbnRzKTtpZih0KXt2YXIgaT13aW5kb3cuY254RW5mU3RvcmFnZTtpW25dW3RdPWlbbl1bdF18fFtdLGlbbl1bdF0ucHVzaChyKX1yZXR1cm4gcn0pfXdpbmRvdy5jbnhFbmZTdG9yYWdlPXtzZXRUaW1lb3V0Ont9LHNldEludGVydmFsOnt9LGV2ZW50TGlzdGVuZXJzOnt9LGVycm9yczpbXX07dmFyIGU9d2luZG93LmxvY2F0aW9uLmhvc3RuYW1lLnNwbGl0KFwiLlwiKSx0PXdpbmRvdy5idG9hKGVbZS5sZW5ndGgtMl0rXCIuXCIrZVtlLmxlbmd0aC0xXSk7LTE9PT1bXCJkRzE2TG1OdmJRPT1cIixcIlltbHNiR0p2WVhKa0xtTnZiUT09XCIsXCJhRzlzYkhsM2IyOWtjbVZ3YjNKMFpYSXVZMjl0XCIsXCJkbWxpWlM1amIyMD1cIixcImFHOXliM05qYjNCbExtTnZiUT09XCIsXCJZWE4wY205c2IyZDVMbU52YlE9PVwiLFwiWVdodmNtRnRhWE50Ynk1amIyMD1cIl0uaW5kZXhPZih0KSYmKCFmdW5jdGlvbigpe2NvbnN0IG49d2luZG93LkV2ZW50VGFyZ2V0P3dpbmRvdy5FdmVudFRhcmdldC5wcm90b3R5cGU6d2luZG93LmRvY3VtZW50O24uY254QWRkRXZlbnRMaXN0ZW5lcnx8KG4uY254QWRkRXZlbnRMaXN0ZW5lcj1uLmFkZEV2ZW50TGlzdGVuZXIsbi5hZGRFdmVudExpc3RlbmVyPWZ1bmN0aW9uKG4sZSx0KXt2YXIgcj10aGlzfHx3aW5kb3c7aWYoZSYmZS5jbnhJbm5lclRhZyl7dmFyIGk9d2luZG93LmNueEVuZlN0b3JhZ2U7aS5ldmVudExpc3RlbmVyc1tlLmNueElubmVyVGFnXT1pLmV2ZW50TGlzdGVuZXJzW2UuY254SW5uZXJUYWddfHxbXSxpLmV2ZW50TGlzdGVuZXJzW2UuY254SW5uZXJUYWddLnB1c2goe2VsZW1lbnQ6cix0eXBlOm4saGFuZGxlcjplLG9wdGlvbnM6dH0pfXRyeXtyLmNueEFkZEV2ZW50TGlzdGVuZXIobixlLHQpfWNhdGNoKG4pe24ubWVzc2FnZT1cImFkbHN0bl9cIituLm1lc3NhZ2UsaS5lcnJvcnMucHVzaChuKX19KX0oKSxuKFwic2V0VGltZW91dFwiKSxuKFwic2V0SW50ZXJ2YWxcIikpfSgpOzwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL3NlY3VyZS5jZG4uZmFzdGNsaWNrLm5ldC9qcy9wdWJjaWQvbGF0ZXN0L3B1YmNpZC5taW4uanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9jZG4uaWQ1LXN5bmMuY29tL2FwaS8xLjAvaWQ1LWFwaS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgICB3aW5kb3cuY254UHJveHlUYXNrID0gZnVuY3Rpb24odGFzaykge1xuICAgICAgICBzZXRUaW1lb3V0KGZ1bmN0aW9uKCl7XG4gICAgICAgICAgICB0YXNrKCk7XG4gICAgICAgIH0sIDApO1xuICAgIH1cbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmRlL2Fkc2lkL2ludGVncmF0b3IuanM%2FZG9tYWluPXRocmVhdHBvc3QuY29tXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL2Fkc2VydmljZS5nb29nbGUuY29tL2Fkc2lkL2ludGVncmF0b3IuanM%2FZG9tYWluPXRocmVhdHBvc3QuY29tXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0PlxuXHRcdFx0Z29vZ2xldGFnLmNtZC5wdXNoKGZ1bmN0aW9uKCkgeyBnb29nbGV0YWcuZGlzcGxheSgnZGl2LWdwdC1hZC02Nzk0NjcwLTEnKTsgfSk7XG5cdFx0PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5qUXVlcnkoZG9jdW1lbnQpLnJlYWR5KGZ1bmN0aW9uKCQpe2dmb3JtSW5pdFNwaW5uZXIoIDUsICdodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvdGhlbWVzL3RocmVhdHBvc3QtMjAxOC9hc3NldHMvaW1hZ2VzL2xvYWRlci5zdmcnICk7alF1ZXJ5KCcjZ2Zvcm1fYWpheF9mcmFtZV81Jykub24oJ2xvYWQnLGZ1bmN0aW9uKCl7dmFyIGNvbnRlbnRzID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnKicpLmh0bWwoKTt2YXIgaXNfcG9zdGJhY2sgPSBjb250ZW50cy5pbmRleE9mKCdHRl9BSkFYX1BPU1RCQUNLJykgPj0gMDtpZighaXNfcG9zdGJhY2spe3JldHVybjt9dmFyIGZvcm1fY29udGVudCA9IGpRdWVyeSh0aGlzKS5jb250ZW50cygpLmZpbmQoJyNnZm9ybV93cmFwcGVyXzUnKTt2YXIgaXNfY29uZmlybWF0aW9uID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnI2dmb3JtX2NvbmZpcm1hdGlvbl93cmFwcGVyXzUnKS5sZW5ndGggPiAwO3ZhciBpc19yZWRpcmVjdCA9IGNvbnRlbnRzLmluZGV4T2YoJ2dmb3JtUmVkaXJlY3QoKXsnKSA%2BPSAwO3ZhciBpc19mb3JtID0gZm9ybV9jb250ZW50Lmxlbmd0aCA%2BIDAgJiYgISBpc19yZWRpcmVjdCAmJiAhIGlzX2NvbmZpcm1hdGlvbjt2YXIgbXQgPSBwYXJzZUludChqUXVlcnkoJ2h0bWwnKS5jc3MoJ21hcmdpbi10b3AnKSwgMTApICsgcGFyc2VJbnQoalF1ZXJ5KCdib2R5JykuY3NzKCdtYXJnaW4tdG9wJyksIDEwKSArIDEwMDtpZihpc19mb3JtKXtqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5odG1sKGZvcm1fY29udGVudC5odG1sKCkpO2lmKGZvcm1fY29udGVudC5oYXNDbGFzcygnZ2Zvcm1fdmFsaWRhdGlvbl9lcnJvcicpKXtqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5hZGRDbGFzcygnZ2Zvcm1fdmFsaWRhdGlvbl9lcnJvcicpO30gZWxzZSB7alF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81JykucmVtb3ZlQ2xhc3MoJ2dmb3JtX3ZhbGlkYXRpb25fZXJyb3InKTt9c2V0VGltZW91dCggZnVuY3Rpb24oKSB7IC8qIGRlbGF5IHRoZSBzY3JvbGwgYnkgNTAgbWlsbGlzZWNvbmRzIHRvIGZpeCBhIGJ1ZyBpbiBjaHJvbWUgKi8galF1ZXJ5KGRvY3VtZW50KS5zY3JvbGxUb3AoalF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81Jykub2Zmc2V0KCkudG9wIC0gbXQpOyB9LCA1MCApO2lmKHdpbmRvd1snZ2Zvcm1Jbml0RGF0ZXBpY2tlciddKSB7Z2Zvcm1Jbml0RGF0ZXBpY2tlcigpO31pZih3aW5kb3dbJ2dmb3JtSW5pdFByaWNlRmllbGRzJ10pIHtnZm9ybUluaXRQcmljZUZpZWxkcygpO312YXIgY3VycmVudF9wYWdlID0galF1ZXJ5KCcjZ2Zvcm1fc291cmNlX3BhZ2VfbnVtYmVyXzUnKS52YWwoKTtnZm9ybUluaXRTcGlubmVyKCA1LCAnaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3RoZW1lcy90aHJlYXRwb3N0LTIwMTgvYXNzZXRzL2ltYWdlcy9sb2FkZXIuc3ZnJyApO2pRdWVyeShkb2N1bWVudCkudHJpZ2dlcignZ2Zvcm1fcGFnZV9sb2FkZWQnLCBbNSwgY3VycmVudF9wYWdlXSk7d2luZG93WydnZl9zdWJtaXR0aW5nXzUnXSA9IGZhbHNlO31lbHNlIGlmKCFpc19yZWRpcmVjdCl7dmFyIGNvbmZpcm1hdGlvbl9jb250ZW50ID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnLkdGX0FKQVhfUE9TVEJBQ0snKS5odG1sKCk7aWYoIWNvbmZpcm1hdGlvbl9jb250ZW50KXtjb25maXJtYXRpb25fY29udGVudCA9IGNvbnRlbnRzO31zZXRUaW1lb3V0KGZ1bmN0aW9uKCl7alF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81JykucmVwbGFjZVdpdGgoY29uZmlybWF0aW9uX2NvbnRlbnQpO2pRdWVyeShkb2N1bWVudCkuc2Nyb2xsVG9wKGpRdWVyeSgnI2dmXzUnKS5vZmZzZXQoKS50b3AgLSBtdCk7alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9jb25maXJtYXRpb25fbG9hZGVkJywgWzVdKTt3aW5kb3dbJ2dmX3N1Ym1pdHRpbmdfNSddID0gZmFsc2U7fSwgNTApO31lbHNle2pRdWVyeSgnI2dmb3JtXzUnKS5hcHBlbmQoY29udGVudHMpO2lmKHdpbmRvd1snZ2Zvcm1SZWRpcmVjdCddKSB7Z2Zvcm1SZWRpcmVjdCgpO319alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9wb3N0X3JlbmRlcicsIFs1LCBjdXJyZW50X3BhZ2VdKTt9ICk7fSApOzwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BIGpRdWVyeShkb2N1bWVudCkuYmluZCgnZ2Zvcm1fcG9zdF9yZW5kZXInLCBmdW5jdGlvbihldmVudCwgZm9ybUlkLCBjdXJyZW50UGFnZSl7aWYoZm9ybUlkID09IDUpIHtnZl9nbG9iYWxbXCJudW1iZXJfZm9ybWF0c1wiXVs1XSA9IHtcIjhcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX0sXCIxXCI6e1wicHJpY2VcIjpmYWxzZSxcInZhbHVlXCI6ZmFsc2V9LFwiOVwiOntcInByaWNlXCI6ZmFsc2UsXCJ2YWx1ZVwiOmZhbHNlfSxcIjJcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX0sXCI1XCI6e1wicHJpY2VcIjpmYWxzZSxcInZhbHVlXCI6ZmFsc2V9LFwiMTBcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX19O2lmKHdpbmRvd1snalF1ZXJ5J10pe2lmKCF3aW5kb3dbJ2dmX2Zvcm1fY29uZGl0aW9uYWxfbG9naWMnXSl3aW5kb3dbJ2dmX2Zvcm1fY29uZGl0aW9uYWxfbG9naWMnXSA9IG5ldyBBcnJheSgpO3dpbmRvd1snZ2ZfZm9ybV9jb25kaXRpb25hbF9sb2dpYyddWzVdID0geyBsb2dpYzogeyAwOiB7XCJmaWVsZFwiOntcImFjdGlvblR5cGVcIjpcInNob3dcIixcImxvZ2ljVHlwZVwiOlwiYWxsXCIsXCJydWxlc1wiOlt7XCJmaWVsZElkXCI6XCIyXCIsXCJvcGVyYXRvclwiOlwiaXNcIixcInZhbHVlXCI6XCJJIGFncmVlXCJ9LHtcImZpZWxkSWRcIjpcIjVcIixcIm9wZXJhdG9yXCI6XCJpc1wiLFwidmFsdWVcIjpcIkkgYWdyZWVcIn1dfSxcInNlY3Rpb25cIjpudWxsfSB9LCBkZXBlbmRlbnRzOiB7IDA6IFswXSB9LCBhbmltYXRpb246IDEsIGRlZmF1bHRzOiBbXSwgZmllbGRzOiB7XCI4XCI6WzBdLFwiMVwiOlswXSxcIjlcIjpbMF0sXCIyXCI6WzBdLFwiNVwiOlswXSxcIjEwXCI6WzBdfSB9OyBpZighd2luZG93WydnZl9udW1iZXJfZm9ybWF0J10pd2luZG93WydnZl9udW1iZXJfZm9ybWF0J10gPSAnZGVjaW1hbF9kb3QnO2pRdWVyeShkb2N1bWVudCkucmVhZHkoZnVuY3Rpb24oKXtnZl9hcHBseV9ydWxlcyg1LCBbMF0sIHRydWUpO2pRdWVyeSgnI2dmb3JtX3dyYXBwZXJfNScpLnNob3coKTtqUXVlcnkoZG9jdW1lbnQpLnRyaWdnZXIoJ2dmb3JtX3Bvc3RfY29uZGl0aW9uYWxfbG9naWMnLCBbNSwgbnVsbCwgdHJ1ZV0pO30gKTt9IGlmKHR5cGVvZiBQbGFjZWhvbGRlcnMgIT0gJ3VuZGVmaW5lZCcpe1xuICAgICAgICAgICAgICAgICAgICAgICAgUGxhY2Vob2xkZXJzLmVuYWJsZSgpO1xuICAgICAgICAgICAgICAgICAgICB9fSB9ICk7&i=3-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
kg4qiVH_siSUPe_muzqIZAQ-fCAXOoMc7tgkIFXU1KKFjYRDfsI8NA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=alF1ZXJ5KGRvY3VtZW50KS5iaW5kKCdnZm9ybV9wb3N0X2NvbmRpdGlvbmFsX2xvZ2ljJywgZnVuY3Rpb24oZXZlbnQsIGZvcm1JZCwgZmllbGRzLCBpc0luaXQpe30gKTs8L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPiBqUXVlcnkoZG9jdW1lbnQpLnJlYWR5KGZ1bmN0aW9uKCl7alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9wb3N0X3JlbmRlcicsIFs1LCAxXSkgfSApOyA8L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPlxuICAgICAgICAgICAgICAgIGRvY3VtZW50LmFkZEV2ZW50TGlzdGVuZXIoXCJpbnB1dFwiLCBmdW5jdGlvbiAoZXZlbnQpIHtcbiAgICAgICAgICAgICAgICAgICAgaWYgKCFldmVudC50YXJnZXQuY2xvc2VzdChcIiNjb21tZW50XCIpKSByZXR1cm47XG5cbiAgICAgICAgICAgICAgICAgICAgdmFyIGNhcHRjaGFDb250YWluZXIgPSBudWxsO1xuICAgICAgICAgICAgICAgICAgICBjYXB0Y2hhQ29udGFpbmVyID0gZ3JlY2FwdGNoYS5yZW5kZXIoXCJyZWNhcHRjaGEtc3VibWl0LWJ0bi1hcmVhXCIsIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIFwic2l0ZWtleVwiIDogXCI2TGZzZHJBYUFBQUFBTVZLZ2VpNmswRWFEQlRnbUt2NlpRckc3YUVzXCIsXG4gICAgICAgICAgICAgICAgICAgICAgICBcInRoZW1lXCIgOiBcInN0YW5kYXJkXCJcbiAgICAgICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICA8L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9yZWNhcHRjaGEvYXBpLmpzP2hsPWVuJmFtcDtyZW5kZXI9ZXhwbGljaXRcIiBhc3luYz1cIlwiIGRlZmVyPVwiXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGlkPVwiNzRjMmVjMWJjOGY4NGY3Y2IyZmYzNjVhZDBiNTgxMjNcIj5cblx0XHRcdFx0XHRcdFx0XHRjbnguY21kLnB1c2goZnVuY3Rpb24oKSB7XG5cdFx0XHRcdFx0XHRcdFx0XHRjbngoe1xuXHRcdFx0XHRcdFx0XHRcdFx0cGxheWVySWQ6IFwiYzJlY2QwNGYtMGRjYS00ZmZhLTg3NjEtZDkzYjM0NzE3MzgwXCJcblx0XHRcdFx0XHRcdFx0XHRcdH0pLnJlbmRlcihcIjc0YzJlYzFiYzhmODRmN2NiMmZmMzY1YWQwYjU4MTIzXCIpO1xuXHRcdFx0XHRcdFx0XHRcdH0pO1xuXHRcdFx0XHRcdFx0XHRcdDwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG4gICAgICAgICAgICBpZiAoIHR5cGVvZiBfcmVjYXB0Y2hhX3dvcmRwcmVzc19zYXZlZGNvbW1lbnQgIT0gJ3VuZGVmaW5lZCcpIHtcbiAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnY29tbWVudCcpLnZhbHVlID1cbiAgICAgICAgICAgICAgICAgICAgX3JlY2FwdGNoYV93b3JkcHJlc3Nfc2F2ZWRjb21tZW50O1xuICAgICAgICAgICAgfVxuICAgICAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tL3RocmVhdHBvc3QtZ2xvYmFsL3dwLWNvbnRlbnQvcGx1Z2lucy9rYXNwZXJza3ktZW1iZWRzL2pzL3NjcmlwdHMuanM%2FdmVyPTEuMFwiIGlkPVwia3Nwcl9lbWJlZHMtanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vcmVjYXB0Y2hhL2FwaS5qcz9yZW5kZXI9ZXhwbGljaXQmYW1wO3Zlcj0yMDIxMjQwNTA5MjdcIiBpZD1cImthc3BlcnNreS1keW5hbWljLWdyYXZpdHktZm9ybXMtZ29vZ2xlLXJlY2FwdGNoYS1qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiLy9hc3NldHMudGhyZWF0cG9zdC5jb20vd3AtY29udGVudC9wbHVnaW5zL2J3cC1taW5pZnkvbWluLz9mPXdwLWNvbnRlbnQvcGx1Z2lucy9ncmF2aXR5Zm9ybXMvanMvanF1ZXJ5Lmpzb24ubWluLmpzJmFtcDt2ZXI9ODRjOTJkOTdcIiBpZD1cImdmb3JtX2pzb24tanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGlkPVwiZ2Zvcm1fZ3Jhdml0eWZvcm1zLWpzLWV4dHJhXCI%2BXG4vKiA8IVtDREFUQVsgKi9cbnZhciBnZl9nbG9iYWwgPSB7XCJnZl9jdXJyZW5jeV9jb25maWdcIjp7XCJuYW1lXCI6XCJVLlMuIERvbGxhclwiLFwic3ltYm9sX2xlZnRcIjpcIiRcIixcInN5bWJvbF9yaWdodFwiOlwiXCIsXCJzeW1ib2xfcGFkZGluZ1wiOlwiXCIsXCJ0aG91c2FuZF9zZXBhcmF0b3JcIjpcIixcIixcImRlY2ltYWxfc2VwYXJhdG9yXCI6XCIuXCIsXCJkZWNpbWFsc1wiOjJ9LFwiYmFzZV91cmxcIjpcImh0dHBzOlxcL1xcL3RocmVhdHBvc3QuY29tXFwvd3AtY29udGVudFxcL3BsdWdpbnNcXC9ncmF2aXR5Zm9ybXNcIixcIm51bWJlcl9mb3JtYXRzXCI6W10sXCJzcGlubmVyVXJsXCI6XCJodHRwczpcXC9cXC90aHJlYXRwb3N0LmNvbVxcL3dwLWNvbnRlbnRcXC9wbHVnaW5zXFwvZ3Jhdml0eWZvcm1zXFwvaW1hZ2VzXFwvc3Bpbm5lci5naWZcIn07XG4vKiBdXT4gKi9cbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvZ3Jhdml0eWZvcm1zL2pzL2dyYXZpdHlmb3Jtcy5taW4uanM%2FdmVyPTIuNC4xNy4xNVwiIGlkPVwiZ2Zvcm1fZ3Jhdml0eWZvcm1zLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Fzc2V0cy50aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvYndwLW1pbmlmeS9taW4vP2Y9d3AtY29udGVudC9wbHVnaW5zL2dyYXZpdHlmb3Jtcy9qcy9jb25kaXRpb25hbF9sb2dpYy5taW4uanMmYW1wO3Zlcj04NGM5MmQ5N1wiIGlkPVwiZ2Zvcm1fY29uZGl0aW9uYWxfbG9naWMtanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMvZ3Jhdml0eWZvcm1zL2pzL3BsYWNlaG9sZGVycy5qcXVlcnkubWluLmpzJmFtcDt2ZXI9ODRjOTJkOTdcIiBpZD1cImdmb3JtX3BsYWNlaG9sZGVyLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cImthc3BlcnNreS1keW5hbWljLWdyYXZpdHktZm9ybXMtbWFpbi1qcy1leHRyYVwiPlxuLyogPCFbQ0RBVEFbICovXG52YXIga2FzcGVyc2t5RHluYW1pY2FSZUNhcHRjaGFEYXRhID0ge1wiYWpheFVybFwiOlwiaHR0cHM6XFwvXFwvdGhyZWF0cG9zdC5jb21cXC93cC1hZG1pblxcL2FkbWluLWFqYXgucGhwXCJ9O1xuLyogXV0%2BICovXG48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LWdyYXZpdHktZm9ybXMtZHluYW1pYy1yZWNhcHRjaGEvYXNzZXRzL2pzL21haW4uanMsd3AtY29udGVudC90aGVtZXMvdGhyZWF0cG9zdC0yMDE4L2Fzc2V0cy9qcy9tYWluLmpzLHdwLWluY2x1ZGVzL2pzL3dwLWVtYmVkLm1pbi5qcyx3cC1jb250ZW50L3BsdWdpbnMvYWtpc21ldC9faW5jL2Zvcm0uanMmYW1wO3Zlcj04NGM5MmQ5N1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3R5cGU9amF2YXNjcmlwdCZhbXA7dmVyc2lvbj0yLjAuNCZhbXA7cF9pZD1Ud2l0dGVyJmFtcDtwX3VzZXJfaWQ9MCZhbXA7dHhuX2lkPW50dDBqJmFtcDtldmVudHM9JTVCJTVCJTIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJmFtcDt0d19zYWxlX2Ftb3VudD0wJmFtcDt0d19vcmRlcl9xdWFudGl0eT0wJmFtcDt0d19pZnJhbWVfc3RhdHVzPTAmYW1wO2V2ZW50X2lkPTc5OWM4OTVmLTMyZWMtNGRlZS1hNjYzLWQ5MjkzMTkxNDlhZiZhbXA7dHdfZG9jdW1lbnRfaHJlZj1odHRwcyUzQSUyRiUyRnRocmVhdHBvc3QuY29tJTJGY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zJTJGMTc3MTE5JTJGJmFtcDt0cHhfY2I9dHd0dHIuY29udmVyc2lvbi5sb2FkUGl4ZWxzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbS9hZHNpZC9pbnRlZ3JhdG9yLmpzP2RvbWFpbj1cIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9jZC5jb25uYXRpeC5jb20vY29ubmF0aXgucGxheWVyLmpzXCIgYXN5bmM9XCIxXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ18xNDcyOTQ4MzkwJykuY29udGVudFdpbmRvd1xuICAgICAgICAgICAgICAucG9zdE1lc3NhZ2Uoe3R5cGU6ICdvbWlkSWZyYW1lTG9hZGVkJ30sICcqJyk7XG4gICAgICAgICAgfVxuICAgICAgICB9KTtcbiAgICAgIDwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ184MjUzNTIwOTUnKS5jb250ZW50V2luZG93XG4gICAg&i=4-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
pwfSWNRTirE25ZcvQeKjJ74KsVdTK1emHtfdGgPZaEHSonV27dLlcw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=ICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vb21zZGsvcmVsZWFzZXMvbGl2ZS9vbXdlYi12MS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgICAgICAgd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJ21lc3NhZ2UnLCBmdW5jdGlvbihlKSB7XG4gICAgICAgICAgaWYgKGUuZGF0YS50eXBlID09PSAnaW5uZXJCcmlkZ2VJZnJhbWVMb2FkZWQnKSB7XG4gICAgICAgICAgICB3aW5kb3cuZnJhbWVFbGVtZW50LnBhcmVudEVsZW1lbnRcbiAgICAgICAgICAgICAgLnF1ZXJ5U2VsZWN0b3IoJyNnb29nXzIwMTg2OTQ4NDQnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3ZwYWlkLnB1Ym1hdGljLmNvbS9hZHMvdmlkZW8vUE1BZE1nci5qcz9lbWJlZGRlZD0xJmFtcDtwdWJJZD0xNTY4NTgmYW1wO3NpdGVJZD02MzA5MDcmYW1wO2FkSWQ9MjQ0NjAwOCZhbXA7dnR5cGU9MSZhbXA7aW1wcklkPTZEMjA0MUJBLTIxQjctNDQ4Mi05MDFCLUJCQTlERkJFOTAzMSZhbXA7YWRTZXJ2ZXJJZD0yNDMmYW1wO2NhbXBhaWduSWQ9MjI5MTgmYW1wO2NySUQ9a2lhb3Jpa3AmYW1wO3VjcmlkPTYxODMwMjY0MzYzMzM3ODAyNjJcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPlxuICAgICAgICAgICAgd2luZG93Lk9iamVjdC5kZWZpbmVQcm9wZXJ0eShPYmplY3QucHJvdG90eXBlLCAnY254SW5uZXJUYWcnLCB7IGVudW1lcmFibGU6ICExLCB3cml0YWJsZTogITAsIHZhbHVlOiAnY254LWFkLXNsb3QtZmQyYzU4NWQtNWJiYy00NjMxLTg3YjktOWI0NGM4NzE0NzVkJyB9KTtcbiAgICAgICAgICAgIHdpbmRvdy5PYmplY3QuZGVmaW5lUHJvcGVydHkoRnVuY3Rpb24ucHJvdG90eXBlLCAnY254SW5uZXJUYWcnLFxuICAgICAgICAgICAgeyBlbnVtZXJhYmxlOiAhMSwgd3JpdGFibGU6ICEwLCB2YWx1ZTogJ2NueC1hZC1zbG90LWZkMmM1ODVkLTViYmMtNDYzMS04N2I5LTliNDRjODcxNDc1ZCcgfSk7XG4gICAgICAgICAgICBjbnh0aW1lb3V0cyA9IFtdO1xuICAgICAgICAgICAgY254aW50ZXJ2YWxzID0gW107XG4gICAgICAgICAgICBvbGRTZXRUaW1lb3V0ID0gc2V0VGltZW91dDtcbiAgICAgICAgICAgIHNldFRpbWVvdXQgPSBmdW5jdGlvbiAoZSwgdCkgeyB2YXIgbiA9IG9sZFNldFRpbWVvdXQuYXBwbHkobnVsbCwgYXJndW1lbnRzKTsgcmV0dXJuIGNueHRpbWVvdXRzLnB1c2gobiksIG4gfTtcbiAgICAgICAgICAgIG9sZFNldEludGVydmFsID0gc2V0SW50ZXJ2YWw7XG4gICAgICAgICAgICBzZXRJbnRlcnZhbCA9IGZ1bmN0aW9uIChlLCB0KSB7IHZhciBuID0gb2xkU2V0SW50ZXJ2YWwuYXBwbHkobnVsbCwgYXJndW1lbnRzKTsgcmV0dXJuIGNueGludGVydmFscy5wdXNoKG4pLCBuIH07XG4gICAgICAgICAgICBjbGVhckFsbCA9IGZ1bmN0aW9uICgpIHtcbiAgICAgICAgICAgICAgICBzZXRUaW1lb3V0ID0gZnVuY3Rpb24gKCkgeyB9O1xuICAgICAgICAgICAgICAgIHNldEludGVydmFsID0gZnVuY3Rpb24gKCkgeyB9O1xuICAgICAgICAgICAgICAgIGZvciAodmFyIGUgPSAwOyBlIDwgY254dGltZW91dHMubGVuZ3RoOyBlKyspIHtcbiAgICAgICAgICAgICAgICAgICAgY2xlYXJUaW1lb3V0KGNueHRpbWVvdXRzW2VdKTtcbiAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgZm9yIChlID0gMDsgZSA8IGNueGludGVydmFscy5sZW5ndGg7IGUrKykge1xuICAgICAgICAgICAgICAgICAgICBjbGVhckludGVydmFsKGNueGludGVydmFsc1tlXSk7XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfTtcbiAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj53aW5kb3cucG9zdE1lc3NhZ2UoJ3tcImV2ZW50XCI6IFwicmVhZHlcIiwgXCJpZFwiOiBcImNueC1pZnJhbWVfNDhjNGUyMGEtNDFmZi00MzAyLTg0M2MtZTExMWZkODU2ZWI1XCJ9JywgJyonKTs8L3NjcmlwdD5cbjxzY3JpcHQgaWQ9XCJjbngtcHJlYmlkLWxvYWRlclwiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Nkcy5jb25uYXRpeC5jb20vcC9wbHVnaW5zL3ByZWJpZDQuNDMuMC00LmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj53aW5kb3cucG9zdE1lc3NhZ2UoJ3tcImV2ZW50XCI6IFwicmVhZHlcIiwgXCJpZFwiOiBcImNueC1pZnJhbWVfOGQxZWJlNGItNDI2Mi00ZjQ3LWEwMTQtMTBmNWFmNDE2ZGFhXCJ9JywgJyonKTs8L3NjcmlwdD5cbjxpZnJhbWUgZnJhbWVib3JkZXI9XCIwXCIgc3JjPVwiaHR0cHM6Ly9jYTE0MzkxYTgyNGU0NjQzODBmMDFhYjRiNmMwMmQ3Mi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZmVmcmFtZS8xLTAtMzgvaHRtbC9jb250YWluZXIuaHRtbFwiIGlkPVwiZ29vZ2xlX2Fkc19pZnJhbWVfLzIyNDA0MzM3NDY3LDIxNzA3MTI0MzM2L3RocmVhdHBvc3QtOTcweDI1MC1BVEZfMFwiIHRpdGxlPVwiM3JkIHBhcnR5IGFkIGNvbnRlbnRcIiBuYW1lPVwiMS0wLTM4OzU3NjM3OzwhZG9jdHlwZSBodG1sPjxodG1sPjxoZWFkPjxzY3JpcHQ%2BdmFyIGpzY1ZlcnNpb24gPSAncjIwMjExMjA3Jzs8L3NjcmlwdD48c2NyaXB0PnZhciBnb29nbGVfY2FzbT1bXTs8L3NjcmlwdD48L2hlYWQ%2BPGJvZHkgbGVmdE1hcmdpbj0mcXVvdDswJnF1b3Q7IHRvcE1hcmdpbj0mcXVvdDswJnF1b3Q7IG1hcmdpbndpZHRoPSZxdW90OzAmcXVvdDsgbWFyZ2luaGVpZ2h0PSZxdW90OzAmcXVvdDs%2BPHNjcmlwdD53aW5kb3cuZGljbmYgPSB7fTs8L3NjcmlwdD48c2NyaXB0IGRhdGEtamM9JnF1b3Q7NDImcXVvdDsgZGF0YS1qYy12ZXJzaW9uPSZxdW90O3IyMDIxMTIwNyZxdW90OyBkYXRhLWpjLWZsYWdzPSZxdW90O1smYW1wO3F1b3Q7eCUyNzg0NDYmYW1wOyMzOTs5ZWZvdG0oJmFtcDthbXA7MjAwNjc7JmFtcDtndDs4JmFtcDthbXA7JmFtcDtndDtgZG9wYi8lJmFtcDtsdDsxNzMyMjYxIT1uZWh1YH4mYW1wO3F1b3Q7XSZxdW90Oz4oZnVuY3Rpb24oKXsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gJ3VzZSBzdHJpY3QnO3ZhciBkYT0mcXVvdDtmdW5jdGlvbiZxdW90Oz09dHlwZW9mIE9iamVjdC5kZWZpbmVQcm9wZXJ0aWVzP09iamVjdC5kZWZpbmVQcm9wZXJ0eTpmdW5jdGlvbihhLGIsYyl7aWYoYT09QXJyYXkucHJvdG90eXBlfHxhPT1PYmplY3QucHJvdG90eXBlKXJldHVybiBhO2FbYl09Yy52YWx1ZTtyZXR1cm4gYX07ZnVuY3Rpb24gZWEoYSl7YT1bJnF1b3Q7b2JqZWN0JnF1b3Q7PT10eXBlb2YgZ2xvYmFsVGhpcyZhbXA7JmFtcDtnbG9iYWxUaGlzLGEsJnF1b3Q7b2JqZWN0JnF1b3Q7PT10eXBlb2Ygd2luZG93JmFtcDsmYW1wO3dpbmRvdywmcXVvdDtvYmplY3QmcXVvdDs9PXR5cGVvZiBzZWxmJmFtcDsmYW1wO3NlbGYsJnF1b3Q7b2JqZWN0JnF1b3Q7PT10eXBlb2YgZ2xvYmFsJmFtcDsmYW1wO2dsb2JhbF07Zm9yKHZhciBiPTA7YjxhLmxlbmd0aDsrK2Ipe3ZhciBjPWFbYl07aWYoYyZhbXA7JmFtcDtjLk1hdGg9PU1hdGgpcmV0dXJuIGN9dGhyb3cgRXJyb3IoJnF1b3Q7Q2Fubm90IGZpbmQgZ2xvYmFsIG9iamVjdCZxdW90Oyk7fXZhciBmYT1lYSh0aGlzKTsgZnVuY3Rpb24gaGEoYSxiKXtpZihiKWE6e3ZhciBjPWZhO2E9YS5zcGxpdCgmcXVvdDsuJnF1b3Q7KTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoLTE7ZCsrKXt2YXIgZj1hW2RdO2lmKCEoZiBpbiBjKSlicmVhayBhO2M9Y1tmXX1hPWFbYS5sZW5ndGgtMV07ZD1jW2FdO2I9YihkKTtiIT1kJmFtcDsmYW1wO251bGwhPWImYW1wOyZhbXA7ZGEoYyxhLHtjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsdmFsdWU6Yn0pfX1oYSgmcXVvdDtnbG9iYWxUaGlzJnF1b3Q7LGZ1bmN0aW9uKGEpe3JldHVybiBhfHxmYX0pO3ZhciByPXRoaXN8fHNlbGY7ZnVuY3Rpb24gdChhKXt0WyZxdW90OyAmcXVvdDtdKGEpO3JldHVybiBhfXRbJnF1b3Q7ICZxdW90O109ZnVuY3Rpb24oKXt9O3ZhciBpYT17fSx3PW51bGw7IGZ1bmN0aW9uIGphKGEsYil7dm9pZCAwPT09YiZhbXA7JmFtcDsoYj0wKTtpZighdyl7dz17fTtmb3IodmFyIGM9JnF1b3Q7QUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkmcXVvdDsuc3BsaXQoJnF1b3Q7JnF1b3Q7KSxkPVsmcXVvdDsrLz0mcXVvdDssJnF1b3Q7Ky8mcXVvdDssJnF1b3Q7LV89JnF1b3Q7LCZxdW90Oy1fLiZxdW90OywmcXVvdDstXyZxdW90O10sZj0wOzU%2BZjtmKyspe3ZhciBnPWMuY29uY2F0KGRbZl0uc3BsaXQoJnF1b3Q7JnF1b3Q7KSk7aWFbZl09Zztmb3IodmFyIGU9MDtlPGcubGVuZ3RoO2UrKyl7dmFyIGs9Z1tlXTt2b2lkIDA9PT13W2tdJmFtcDsmYW1wOyh3W2tdPWUpfX19Yj1pYVtiXTtjPUFycmF5KE1hdGguZmxvb3IoYS5sZW5ndGgvMykpO2Q9Yls2NF18fCZxdW90OyZxdW90Oztmb3IoZj1nPTA7ZzxhLmxlbmd0aC0yO2crPTMpe3ZhciBoPWFbZ10sbD1hW2crMV07az1hW2crMl07ZT1iW2g%2BPjJdO2g9YlsoaCZhbXA7Myk8PDR8bD4%2BNF07bD1iWyhsJmFtcDsxNSk8PDJ8az4%2BNl07az1iW2smYW1wOzYzXTtjW2YrK109ZStoK2wra31lPTA7az1kO3N3aXRjaChhLmxlbmd0aC1nKXtjYXNlIDI6ZT0gYVtnKzFdLGs9YlsoZSZhbXA7MTUpPDwyXXx8ZDtjYXNlIDE6YT1hW2ddLGNbZl09YlthPj4yXStiWyhhJmFtcDszKTw8NHxlPj40XStrK2R9cmV0dXJuIGMuam9pbigmcXVvdDsmcXVvdDspfTt2YXIga2E9JnF1b3Q7ZnVuY3Rpb24mcXVvdDs9PT10eXBlb2YgVWludDhBcnJheTtjb25zdCB4PVN5bWJvbCh2b2lkIDApO2Z1bmN0aW9uIHooYSl7T2JqZWN0LmlzRnJvemVuKGEpfHwoeD9hW3hdfD0xOnZvaWQgMCE9PWEuZz9hLmd8PTE6T2JqZWN0LmRlZmluZVByb3BlcnRpZXMoYSx7Zzp7dmFsdWU6MSxjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsZW51bWVyYWJsZTohMX19KSk7cmV0dXJuIGF9O2Z1bmN0aW9uIGxhKGEpe3JldHVybiBudWxsIT09YSZhbXA7JmFtcDsmcXVvdDtvYmplY3QmcXVvdDs9PT10eXBlb2YgYSZhbXA7JmFtcDshQXJyYXkuaXNBcnJheShhKSZhbXA7JmFtcDthLmNvbnN0cnVjdG9yPT09T2JqZWN0fWxldCBBO2Z1bmN0aW9uIG1hKGEpe3N3aXRjaCh0eXBlb2YgYSl7Y2FzZSAmcXVvdDtudW1iZXImcXVvdDs6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgJnF1b3Q7b2JqZWN0JnF1b3Q7OmlmKGEmYW1wOyZhbXA7IUFycmF5LmlzQXJyYXkoYSkmYW1wOyZhbXA7a2EmYW1wOyZhbXA7bnVsbCE9YSZhbXA7JmFtcDthIGluc3RhbmNlb2YgVWludDhBcnJheSlyZXR1cm4gamEoYSl9cmV0dXJuIGF9O2Z1bmN0aW9uIG5hKGEsYil7aWYobnVsbCE9YSlyZXR1cm4gQXJyYXkuaXNBcnJheShhKXx8bGEoYSk%2FQihhLGIpOmIoYSl9ZnVuY3Rpb24gQihhLGIpe2lmKEFycmF5LmlzQXJyYXkoYSkpe3ZhciBjPUFycmF5KGEubGVuZ3RoKTtmb3IobGV0IGY9MDtmPGEubGVuZ3RoO2YrKyljW2ZdPW5hKGFbZl0sYik7aWYoYj1BcnJheS5pc0FycmF5KGEpKXt2YXIgZDt4P2Q9YVt4XTpkPWEuZztiPShudWxsPT1kPzA6ZCkmYW1wOzF9YiZhbXA7JmFtcDt6KGMpO3JldHVybiBjfWQ9e307Zm9yKGMgaW4gYSlkW2NdPW5hKGFbY10sYik7cmV0dXJuIGR9ZnVuY3Rpb24gb2EoYSl7aWYoYSZhbXA7JmFtcDsmcXVvdDtvYmplY3QmcXVvdDs9PXR5cGVvZiBhJm&i=5-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
HVU-8oDS65ckohkSueNPY8wl_m6ySMA0sAgRoAGwWuIYphXdMaKs1g==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=FtcDsmYW1wO2EudG9KU09OKXJldHVybiBhLnRvSlNPTigpO2E9bWEoYSk7cmV0dXJuIEFycmF5LmlzQXJyYXkoYSk%2FQihhLG9hKTphfTtsZXQgcGE7ZnVuY3Rpb24gRCgpe3ZhciBhPXZvaWQgMCxiPXFhLGM9cGE7cGE9bnVsbDthfHwoYT1jKTtjPXRoaXMuY29uc3RydWN0b3IudjthfHwoYT1jP1tjXTpbXSk7dGhpcy5oPShjPzA6LTEpLSh0aGlzLmNvbnN0cnVjdG9yLnV8fDApO3RoaXMuZz1hO2E6e2M9dGhpcy5nLmxlbmd0aDthPWMtMTtpZihjJmFtcDsmYW1wOyhjPXRoaXMuZ1thXSxsYShjKSkpe3RoaXMuaj1hLXRoaXMuaDt0aGlzLmk9YzticmVhayBhfXRoaXMuaj1OdW1iZXIuTUFYX1ZBTFVFfWlmKGIpZm9yKGE9MDthPGIubGVuZ3RoO2ErKylpZihjPWJbYV0sYzx0aGlzLmope2MrPXRoaXMuaDt2YXIgZD10aGlzLmdbY107ZD9BcnJheS5pc0FycmF5KGQpJmFtcDsmYW1wO3ooZCk6dGhpcy5nW2NdPXJhfWVsc2Ugc2EodGhpcyksKGQ9dGhpcy5pW2NdKT9BcnJheS5pc0FycmF5KGQpJmFtcDsmYW1wO3ooZCk6dGhpcy5pW2NdPXJhfWNvbnN0IHJhPU9iamVjdC5mcmVlemUoeihbXSkpOyBmdW5jdGlvbiBzYShhKXtsZXQgYj1hLmorYS5oO2EuZ1tiXXx8KGEuaT1hLmdbYl09e30pfWZ1bmN0aW9uIEUoYSxiLGMpe2I%2BPWEuaj8oc2EoYSksYS5pW2JdPWMpOmEuZ1tiK2EuaF09YztyZXR1cm4gYX1ELnByb3RvdHlwZS50b0pTT049ZnVuY3Rpb24oKXtjb25zdCBhPXRoaXMuZztyZXR1cm4gQT9hOkIoYSxvYSl9O2Z1bmN0aW9uIHRhKGEsYil7cmV0dXJuIG1hKGIpfUQucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuZy50b1N0cmluZygpfTtjbGFzcyB1YXtjb25zdHJ1Y3RvcihhKXt0aGlzLmtleT1hfX12YXIgRj1jbGFzcyBleHRlbmRzIHVhe2NvbnN0cnVjdG9yKGEpe3N1cGVyKGEpO3RoaXMuZGVmYXVsdFZhbHVlPSExfX07dmFyIHZhPW5ldyBGKCZxdW90OzQ1MzU3MTU2JnF1b3Q7KSx3YT1uZXcgRigmcXVvdDs0NTM1MDg5MCZxdW90Oyk7dmFyIEc9KGEsYik9PiZxdW90OyZhbXA7YWR1cmw9JnF1b3Q7PT1hLnN1YnN0cmluZyhhLmxlbmd0aC03KT9hLnN1YnN0cmluZygwLGEubGVuZ3RoLTcpK2IrJnF1b3Q7JmFtcDthZHVybD0mcXVvdDs6YStiOy8qICBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyBmdW5jdGlvbiBIKGEsYixjKXthLmFkZEV2ZW50TGlzdGVuZXImYW1wOyZhbXA7YS5hZGRFdmVudExpc3RlbmVyKGIsYywhMSl9O3ZhciB4YT1SZWdFeHAoJnF1b3Q7Xig%2FOihbXjovPyMuXSspOik%2FKD86Ly8oPzooW15cXFxcXFxcXC8%2FI10qKUApPyhbXlxcXFxcXFxcLz8jXSo%2FKSg%2FOjooWzAtOV0rKSk%2FKD89W1xcXFxcXFxcLz8jXXwkKSk%2FKFtePyNdKyk%2FKD86XFxcXD8oW14jXSopKT8oPzojKFtcXFxcc1xcXFxTXSopKT8kJnF1b3Q7KTtmdW5jdGlvbiBJKGEpe3RyeXt2YXIgYjtpZihiPSEhYSZhbXA7JmFtcDtudWxsIT1hLmxvY2F0aW9uLmhyZWYpYTp7dHJ5e3QoYS5mb28pO2I9ITA7YnJlYWsgYX1jYXRjaChjKXt9Yj0hMX1yZXR1cm4gYn1jYXRjaChjKXtyZXR1cm4hMX19ZnVuY3Rpb24geWEoKXtpZighZ2xvYmFsVGhpcy5jcnlwdG8pcmV0dXJuIE1hdGgucmFuZG9tKCk7dHJ5e2NvbnN0IGE9bmV3IFVpbnQzMkFycmF5KDEpO2dsb2JhbFRoaXMuY3J5cHRvLmdldFJhbmRvbVZhbHVlcyhhKTtyZXR1cm4gYVswXS82NTUzNi82NTUzNn1jYXRjaChhKXtyZXR1cm4gTWF0aC5yYW5kb20oKX19ZnVuY3Rpb24gSihhLGIpe2lmKGEpZm9yKGNvbnN0IGMgaW4gYSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxjKSZhbXA7JmFtcDtiLmNhbGwodm9pZCAwLGFbY10sYyxhKX1mdW5jdGlvbiBEYShhKXthPXZvaWQgMD09PWE%2FZG9jdW1lbnQ6YTtyZXR1cm4gYS5jcmVhdGVFbGVtZW50KCZxdW90O2ltZyZxdW90Oyl9O2Z1bmN0aW9uIEwoYSxiLGM9bnVsbCl7RWEoYSxiLGMpfWZ1bmN0aW9uIEVhKGEsYixjKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KGEuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzPVtdKTtjb25zdCBkPURhKGEuZG9jdW1lbnQpO2lmKGMpe2NvbnN0IGY9Zz0%2Be2MmYW1wOyZhbXA7YyhnKTtkLnJlbW92ZUV2ZW50TGlzdGVuZXImYW1wOyZhbXA7ZC5yZW1vdmVFdmVudExpc3RlbmVyKCZxdW90O2xvYWQmcXVvdDssZiwhMSk7ZC5yZW1vdmVFdmVudExpc3RlbmVyJmFtcDsmYW1wO2QucmVtb3ZlRXZlbnRMaXN0ZW5lcigmcXVvdDtlcnJvciZxdW90OyxmLCExKX07SChkLCZxdW90O2xvYWQmcXVvdDssZik7SChkLCZxdW90O2Vycm9yJnF1b3Q7LGYpfWQuc3JjPWI7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHMucHVzaChkKX0gdmFyIEdhPSgpPT57bGV0IGE9JnF1b3Q7aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1iYWRwdWJ3aW4mcXVvdDs7Sih7c3RhY2s6RXJyb3IoKS5zdGFjayxhc3dpZnQ6d2luZG93Lmdvb2dsZV9hc3luY19pZnJhbWVfaWR9LChiLGMpPT57YiZhbXA7JmFtcDsoYSs9YCZhbXA7JHtjfT0ke2VuY29kZVVSSUNvbXBvbmVudChiKX1gKX0pO0ZhKGEpfSxGYT1hPT57dmFyIGI9d2luZG93O2IuZmV0Y2g%2FYi5mZXRjaChhLHtrZWVwYWxpdmU6ITAsY3JlZGVudGlhbHM6JnF1b3Q7aW5jbHVkZSZxdW90OyxyZWRpcmVjdDomcXVvdDtmb2xsb3cmcXVvdDssbWV0aG9kOiZxdW90O2dldCZxdW90Oyxtb2RlOiZxdW90O25vLWNvcnMmcXVvdDt9KTpMKGIsYSl9O2xldCBNPTA7ZnVuY3Rpb24gSGEoYSxiPW51bGwpe3JldHVybiBiJmFtcDsmYW1wO2IuZ2V0QXR0cmlidXRlKCZxdW90O2RhdGEtamMmcXVvdDspPT09U3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7JnF1b3Q7ZGF0YS1qYyZxdW90O309JnF1b3Q7JHthfSZxdW90O11gKX07ZnVuY3Rpb24gSWEoYSl7Tnx8KE49bmV3IEphKTtjb25zdCBiPU4uZ1thLmtleV07aWYoYSBpbnN0YW5jZW9mIEYpcmV0dXJuJnF1b3Q7Ym9vbGVhbiZxdW90Oz09PXR5cGVvZiBiP2I6YS5kZWZhdWx0VmFsdWU7dGhyb3cgRXJyb3IoKTt9dmFyIEthPWNsYXNze2NvbnN0cnVjdG9yKCl7dGhpcy5nPXt9fX07dmFyIEphPWNsYXNzIGV4dGVuZHMgS2F7Y29uc3RydWN0b3IoKXtzdXBlcigpO3ZhciBhPUhhKE0sZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7YT1hJmFtcDsmYW1wO2EuZ2V0QXR0cmlidXRlKCZxdW90O2RhdGEtamMtZmxhZ3MmcXVvdDspfHwmcXVvdDsmcXVvdDs7dHJ5e2NvbnN0IGI9SlNPTi5wYXJzZShhKVswXTthPSZxdW90OyZxdW90Oztmb3IobGV0IGM9MDtjPGIubGVuZ3RoO2MrKylhKz1TdHJpbmcuZnJvbUNoYXJDb2RlKGIuY2hhckNvZGVBdChjKV4mcXVvdDtcXHUwMDAzXFx1MDAwN1xcdTAwMDNcXHUwMDA3XFxiXFx1MDAwNFxcdTAwMDRcXHUwMDA2XFx1MDAwNVxcdTAwMDMmcXVvdDsuY2hhckNvZGVBdChjJTEwKSk7dGhpcy5nPUpTT04ucGFyc2UoYSl9Y2F0Y2goYil7fX19LE47dmFyIExhPWRvY3VtZW50LE1hPXdpbmRvdzt2YXIgTmE9ISF3aW5kb3cuZ29vZ2xlX2FzeW5jX2lmcmFtZV9pZDtsZXQgTz1OYSZhbXA7JmFtcDt3aW5kb3cucGFyZW50fHx3aW5kb3c7Y2xhc3MgT2F7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fCZxdW90OyZxdW90Ozt0aGlzLmlkPWIuaWR8fCZxdW90O2pzZXJyb3ImcXVvdDs7dGhpcy5tZXRhPXt9fX07Y29uc3QgUGE9UmVnRXhwKCZxdW90O15odHRwcz86Ly8oXFxcXHd8LSkrXFxcXC5jZG5cXFxcLmFtcHByb2plY3RcXFxcLihuZXR8b3JnKShcXFxcP3wvfCQpJnF1b3Q7KTt2YXIgUWE9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn19LFJhPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLm09ISFiO3RoaXMuZGVwdGg9bnVsbH19O2Z1bmN0aW9uIFAoYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gU2EoYSxiLGMsZCxmKXtjb25zdCBnPVtdO0ooYSxmdW5jdGlvbihlLGspeyhlPVRhKGUsYixjLGQsZikpJmFtcDsmYW1wO2cucHVzaChrKyZxdW90Oz0mcXVvdDsrZSl9KTtyZXR1cm4gZy5qb2luKGIpfSBmdW5jdGlvbiBUYShhLGIsYyxkLGYpe2lmKG51bGw9PWEpcmV0dXJuJnF1b3Q7JnF1b3Q7O2I9Ynx8JnF1b3Q7JmFtcDsmcXVvdDs7Yz1jfHwmcXVvdDssJCZxdW90OzsmcXVvdDtzdHJpbmcmcXVvdDs9PXR5cGVvZiBjJmFtcDsmYW1wOyhjPWMuc3BsaXQoJnF1b3Q7JnF1b3Q7KSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Y29uc3QgZz1bXTtmb3IobGV0IGU9MDtlPGEubGVuZ3RoO2UrKylnLnB1c2goVGEoYVtlXSxiLGMsZCsxLGYpKTtyZXR1cm4gZy5qb2luKGNbZF0pfX1lbHNlIGlmKCZxdW90O29iamVjdCZxdW90Oz09dHlwZW9mIGEpcmV0dXJuIGY9Znx8MCwyPmY%2FZW5jb2RlVVJJQ29tcG9uZW50KFNhKGEsYixjLGQsZisxKSk6JnF1b3Q7Li4uJnF1b3Q7O3JldHVybiBlbmNvZGVVUklDb21wb25lbnQoU3RyaW5nKGEpKX1mdW5jdGlvbiBVYShhKXtsZXQgYj0xO2Zvcihjb25zdCBjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX0gZnVuY3Rpb24gVmEoYSxiLGMpe2I9YismcXVvdDsvL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tJnF1b3Q7K2M7bGV0IGQ9VWEoYSktYy5sZW5ndGg7aWYoMD5kKXJldHVybiZxdW90OyZxdW90OzthLmcuc29ydChmdW5jdGlvbihnLGUpe3JldHVybiBnLWV9KTtjPW51bGw7bGV0IGY9JnF1b3Q7JnF1b3Q7O2ZvcihsZXQgZz0wO2c8YS5nLmxlbmd0aDtnKyspe2NvbnN0IGU9YS5nW2ddLGs9YS5oW2VdO2ZvcihsZXQgaD0wO2g8ay5sZW5ndGg7aCsrKXtpZighZCl7Yz1udWxsPT1jP2U6YzticmVha31sZXQgbD1TYShrW2hdLGEuaSwmcXVvdDssJCZxdW90Oyk7aWYobCl7bD1mK2w7aWYoZD49bC5sZW5ndGgpe2QtPWwubGVuZ3RoO2IrPWw7Zj1hLmk7YnJlYWt9Yz1udWxsPT1jP2U6Y319fWE9JnF1b3Q7JnF1b3Q7O251bGwhPWMmYW1wOyZhbXA7KGE9ZismcXVvdDt0cm49JnF1b3Q7K2MpO3JldHVybiBiK2F9Y2xhc3MgUXtjb25zdHJ1Y3Rvcigpe3RoaXMuaT0mcXVvdDsmYW1wOyZxdW90Ozt0aGlzLmg9e307dGhpcy5qPTA7dGhpcy5nPVtdfX07ZnVuY3Rpb24gV2EoKXt2YXIgYT1SLGI9Uy5nb29nbGVfc3J0OzA8PWImYW1wOyZhbXA7MT49YiZhbXA7JmFtcDsoYS5nPWIpfWZ1bmN0aW9uIFQoYSxiLGMsZCxmLGcpe2lmKChkP2EuZzpNYXRoLnJhbmRvbSgpKTwoZnx8LjAxKSl0cnl7bGV0IGU7YyBpbnN0YW5jZW9mIFE%2FZT1jOihlPW5ldyBRLEooYywoaCxsKT0%2Be3ZhciBtPWUsbj1tLmorKztoPVAobCxoKTttLmcucHVzaChuKTttLmhbbl09aH0pKTtjb25zdCBrPVZhKGUsYS5oLCZxdW90Oy9wYWdlYWQvZ2VuXzIwND9pZD0mcXVvdDsrYismcXVvdDsmYW1wOyZxdW90Oyk7ayZhbXA7JmFtcDsoJnF1b3Q7dW5kZWZpbmVkJnF1b3Q7IT09dHlwZW9mIGc%2FTChyLGssZyk6TChyLGspKX1jYXRjaChlKXt9fWNsYXNzIFhhe2NvbnN0cnVjdG9yKCl7dmFyIGE9dm9pZCAwPT09YT9NYTphO3RoaXMuaD0mcXVvdDtodHRwOiZxdW90Oz09PWEubG9jYXRpb24ucHJvdG9jb2w%2FJnF1b3Q7aHR0cDomcXVvdDs6JnF1b3Q7aHR0cHM6JnF1b3Q7O3RoaXMuZz1NYXRoLnJhbmRvbSgpfX07bGV0IFU9bnVsbDt2YXIgWWE9KCk9Pntjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmYW1wOyZhbXA7YS5ub3cmYW1wOyZhbXA7YS50aW1pbmc%2FTWF0aC5mbG9vcihhLm5vdygpK2EudGltaW5nLm5hdmlnYXRpb25TdGFydCk6RGF0ZS5ub3coKX0sWmE9KCk9Pntjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmYW1wOyZhbXA7YS5ub3c%2FYS5ub3coKTpudWxsfTtjbGFzcyAkYXtjb25zdHJ1Y3RvcihhLGIpe3ZhciBjPVphKCl8fFlhKCk7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1i&i=6-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
TUcQt_7yG3dCaxCjp4hUNoXcLrgIyGZY6Eby9UR5x3IcnpVrV97TLQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=O3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPTA7dGhpcy51bmlxdWVJZD1NYXRoLnJhbmRvbSgpO3RoaXMuc2xvdElkPXZvaWQgMH19O2NvbnN0IFY9ci5wZXJmb3JtYW5jZSxhYj0hIShWJmFtcDsmYW1wO1YubWFyayZhbXA7JmFtcDtWLm1lYXN1cmUmYW1wOyZhbXA7Vi5jbGVhck1hcmtzKSxXPWZ1bmN0aW9uKGEpe2xldCBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX0oKCk9Pnt2YXIgYTtpZihhPWFiKXt2YXIgYjtpZihudWxsPT09VSl7VT0mcXVvdDsmcXVvdDs7dHJ5e2E9JnF1b3Q7JnF1b3Q7O3RyeXthPXIudG9wLmxvY2F0aW9uLmhhc2h9Y2F0Y2goYyl7YT1yLmxvY2F0aW9uLmhhc2h9YSZhbXA7JmFtcDsoVT0oYj1hLm1hdGNoKC9cXGJkZWlkPShbXFxkLF0rKS8pKT9iWzFdOiZxdW90OyZxdW90Oyl9Y2F0Y2goYyl7fX1iPVU7YT0hIWIuaW5kZXhPZiZhbXA7JmFtcDswPD1iLmluZGV4T2YoJnF1b3Q7MTMzNyZxdW90Oyl9cmV0dXJuIGF9KTtmdW5jdGlvbiBiYihhKXthJmFtcDsmYW1wO1YmYW1wOyZhbXA7VygpJmFtcDsmYW1wOyhWLmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YCksVi5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgKSl9IGNsYXNzIGNie2NvbnN0cnVjdG9yKCl7dmFyIGE9Uzt0aGlzLmg9W107dGhpcy5pPWF8fHI7bGV0IGI9bnVsbDthJmFtcDsmYW1wOyhhLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWU9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlfHxbXSx0aGlzLmg9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlLGI9YS5nb29nbGVfbWVhc3VyZV9qc190aW1pbmcpO3RoaXMuZz1XKCl8fChudWxsIT1iP2I6MT5NYXRoLnJhbmRvbSgpKX1zdGFydChhLGIpe2lmKCF0aGlzLmcpcmV0dXJuIG51bGw7YT1uZXcgJGEoYSxiKTtiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGA7ViZhbXA7JmFtcDtXKCkmYW1wOyZhbXA7Vi5tYXJrKGIpO3JldHVybiBhfWVuZChhKXtpZih0aGlzLmcmYW1wOyZhbXA7JnF1b3Q7bnVtYmVyJnF1b3Q7PT09dHlwZW9mIGEudmFsdWUpe2EuZHVyYXRpb249KFphKCl8fFlhKCkpLWEudmFsdWU7dmFyIGI9YGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X2VuZGA7ViZhbXA7JmFtcDtXKCkmYW1wOyZhbXA7Vi5tYXJrKGIpOyF0aGlzLmd8fDIwNDg8dGhpcy5oLmxlbmd0aHx8IHRoaXMuaC5wdXNoKGEpfX19O2Z1bmN0aW9uIFgoYSl7bGV0IGI9YS50b1N0cmluZygpO2EubmFtZSZhbXA7JmFtcDstMT09Yi5pbmRleE9mKGEubmFtZSkmYW1wOyZhbXA7KGIrPSZxdW90OzogJnF1b3Q7K2EubmFtZSk7YS5tZXNzYWdlJmFtcDsmYW1wOy0xPT1iLmluZGV4T2YoYS5tZXNzYWdlKSZhbXA7JmFtcDsoYis9JnF1b3Q7OiAmcXVvdDsrYS5tZXNzYWdlKTtpZihhLnN0YWNrKXthPWEuc3RhY2s7dHJ5ey0xPT1hLmluZGV4T2YoYikmYW1wOyZhbXA7KGE9YismcXVvdDtcXG4mcXVvdDsrYSk7bGV0IGM7Zm9yKDthIT1jOyljPWEsYT1hLnJlcGxhY2UoLygoaHR0cHM%2FOlxcLy4uKlxcLylbXlxcLzpdKjpcXGQrKD86LnxcXG4pKilcXDIvLCZxdW90OyQxJnF1b3Q7KTtiPWEucmVwbGFjZSgvXFxuICovZywmcXVvdDtcXG4mcXVvdDspfWNhdGNoKGMpe319cmV0dXJuIGJ9IGZ1bmN0aW9uIGRiKGEsYil7bGV0IGMsZDt0cnl7YS5nJmFtcDsmYW1wO2EuZy5nPyhkPWEuZy5zdGFydCgoOTAzKS50b1N0cmluZygpLDMpLGM9YigpLGEuZy5lbmQoZCkpOmM9YigpfWNhdGNoKGYpe2I9ITA7dHJ5e2JiKGQpLGI9YS5zKDkwMyxuZXcgT2EoZix7bWVzc2FnZTpYKGYpfSksdm9pZCAwLHZvaWQgMCl9Y2F0Y2goZyl7YS5vKDIxNyxnKX1pZihiKXtsZXQgZyxlO251bGw9PShnPXdpbmRvdy5jb25zb2xlKXx8bnVsbD09KGU9Zy5lcnJvcil8fGUuY2FsbChnLGYpfWVsc2UgdGhyb3cgZjt9cmV0dXJuIGN9ZnVuY3Rpb24gZWIoYSl7dmFyIGI9WTtyZXR1cm4oLi4uYyk9PmRiKGIsKCk9PmEuYXBwbHkodm9pZCAwLGMpKX0gY2xhc3MgZmJ7Y29uc3RydWN0b3IoKXt2YXIgYT1aO3RoaXMuaT1SO3RoaXMuaD1udWxsO3RoaXMucz10aGlzLm87dGhpcy5nPXZvaWQgMD09PWE%2FbnVsbDphO3RoaXMuaj0hMX1waW5nZXIoKXtyZXR1cm4gdGhpcy5pfW8oYSxiLGMsZCxmKXtmPWZ8fCZxdW90O2pzZXJyb3ImcXVvdDs7bGV0IGc7dHJ5e2NvbnN0IHY9bmV3IFE7dmFyIGU9djtlLmcucHVzaCgxKTtlLmhbMV09UCgmcXVvdDtjb250ZXh0JnF1b3Q7LGEpO2IuZXJyb3ImYW1wOyZhbXA7Yi5tZXRhJmFtcDsmYW1wO2IuaWR8fChiPW5ldyBPYShiLHttZXNzYWdlOlgoYil9KSk7aWYoYi5tc2cpe2U9djt2YXIgaz1iLm1zZy5zdWJzdHJpbmcoMCw1MTIpO2UuZy5wdXNoKDIpO2UuaFsyXT1QKCZxdW90O21zZyZxdW90OyxrKX12YXIgaD1iLm1ldGF8fHt9O2I9aDtpZih0aGlzLmgpdHJ5e3RoaXMuaChiKX1jYXRjaCh5KXt9aWYoZCl0cnl7ZChiKX1jYXRjaCh5KXt9ZD12O2g9W2hdO2QuZy5wdXNoKDMpO2QuaFszXT1oO2Q9cjtoPVtdO2I9bnVsbDtkb3t2YXIgbD1kO2lmKEkobCkpe3ZhciBtPWwubG9jYXRpb24uaHJlZjsgYj1sLmRvY3VtZW50JmFtcDsmYW1wO2wuZG9jdW1lbnQucmVmZXJyZXJ8fG51bGx9ZWxzZSBtPWIsYj1udWxsO2gucHVzaChuZXcgUmEobXx8JnF1b3Q7JnF1b3Q7KSk7dHJ5e2Q9bC5wYXJlbnR9Y2F0Y2goeSl7ZD1udWxsfX13aGlsZShkJmFtcDsmYW1wO2whPWQpO2ZvcihsZXQgeT0wLHphPWgubGVuZ3RoLTE7eTw9emE7Kyt5KWhbeV0uZGVwdGg9emEteTtsPXI7aWYobC5sb2NhdGlvbiZhbXA7JmFtcDtsLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyZhbXA7JmFtcDtsLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucy5sZW5ndGg9PWgubGVuZ3RoLTEpZm9yKG09MTttPGgubGVuZ3RoOysrbSl7dmFyIG49aFttXTtuLnVybHx8KG4udXJsPWwubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW20tMV18fCZxdW90OyZxdW90OyxuLm09ITApfXZhciB1PWg7bGV0IEs9bmV3IFJhKHIubG9jYXRpb24uaHJlZiwhMSk7bD1udWxsO2NvbnN0IGFhPXUubGVuZ3RoLTE7Zm9yKG49YWE7MDw9bjstLW4pe3ZhciBwPXVbbl07IWwmYW1wOyZhbXA7UGEudGVzdChwLnVybCkmYW1wOyZhbXA7KGw9cCk7aWYocC51cmwmYW1wOyZhbXA7IXAubSl7Sz0gcDticmVha319cD1udWxsO2NvbnN0IGpiPXUubGVuZ3RoJmFtcDsmYW1wO3VbYWFdLnVybDswIT1LLmRlcHRoJmFtcDsmYW1wO2piJmFtcDsmYW1wOyhwPXVbYWFdKTtnPW5ldyBRYShLLHApO2lmKGcuaCl7dT12O3ZhciBxPWcuaC51cmx8fCZxdW90OyZxdW90Ozt1LmcucHVzaCg0KTt1LmhbNF09UCgmcXVvdDt0b3AmcXVvdDsscSl9dmFyIGJhPXt1cmw6Zy5nLnVybHx8JnF1b3Q7JnF1b3Q7fTtpZihnLmcudXJsKXt2YXIgY2E9Zy5nLnVybC5tYXRjaCh4YSksQz1jYVsxXSxBYT1jYVszXSxCYT1jYVs0XTtxPSZxdW90OyZxdW90OztDJmFtcDsmYW1wOyhxKz1DKyZxdW90OzomcXVvdDspO0FhJmFtcDsmYW1wOyhxKz0mcXVvdDsvLyZxdW90OyxxKz1BYSxCYSZhbXA7JmFtcDsocSs9JnF1b3Q7OiZxdW90OytCYSkpO3ZhciBDYT1xfWVsc2UgQ2E9JnF1b3Q7JnF1b3Q7O0M9djtiYT1bYmEse3VybDpDYX1dO0MuZy5wdXNoKDUpO0MuaFs1XT1iYTtUKHRoaXMuaSxmLHYsdGhpcy5qLGMpfWNhdGNoKHYpe3RyeXtUKHRoaXMuaSxmLHtjb250ZXh0OiZxdW90O2VjbXNlcnImcXVvdDsscmN0eDphLG1zZzpYKHYpLHVybDpnJmFtcDsmYW1wO2cuZy51cmx9LHRoaXMuaixjKX1jYXRjaChLKXt9fXJldHVybiEwfX07Y2xhc3MgZ2J7fTtsZXQgUixZO2lmKE5hJmFtcDsmYW1wOyFJKE8pKXtsZXQgYT0mcXVvdDsuJnF1b3Q7K0xhLmRvbWFpbjt0cnl7Zm9yKDsyPGEuc3BsaXQoJnF1b3Q7LiZxdW90OykubGVuZ3RoJmFtcDsmYW1wOyFJKE8pOylMYS5kb21haW49YT1hLnN1YnN0cihhLmluZGV4T2YoJnF1b3Q7LiZxdW90OykrMSksTz13aW5kb3cucGFyZW50fWNhdGNoKGIpe31JKE8pfHwoTz13aW5kb3cpfU8hPT13aW5kb3cmYW1wOyZhbXA7LjAxPk1hdGgucmFuZG9tKCkmYW1wOyZhbXA7R2EoKTtjb25zdCBTPU8sWj1uZXcgY2I7dmFyIGhiPSgpPT57aWYoIVMuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nKXt2YXIgYT1aO2EuZz0hMTthLmghPWEuaS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlJmFtcDsmYW1wOyhXKCkmYW1wOyZhbXA7QXJyYXkucHJvdG90eXBlLmZvckVhY2guY2FsbChhLmgsYmIsdm9pZCAwKSxhLmgubGVuZ3RoPTApfX07IChhPT57Uj1udWxsIT1hP2E6bmV3IFhhOyZxdW90O251bWJlciZxdW90OyE9PXR5cGVvZiBTLmdvb2dsZV9zcnQmYW1wOyZhbXA7KFMuZ29vZ2xlX3NydD1NYXRoLnJhbmRvbSgpKTtXYSgpO1k9bmV3IGZiO1kuaD1iPT57dmFyIGM9TTswIT09YyZhbXA7JmFtcDsoYi5qYz1TdHJpbmcoYyksYz0oYz1IYShjLGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpKSZhbXA7JmFtcDtjLmdldEF0dHJpYnV0ZSgmcXVvdDtkYXRhLWpjLXZlcnNpb24mcXVvdDspfHwmcXVvdDt1bmtub3duJnF1b3Q7LGIuc2h2PWMpfTtZLmo9ITA7JnF1b3Q7Y29tcGxldGUmcXVvdDs9PVMuZG9jdW1lbnQucmVhZHlTdGF0ZT9oYigpOlouZyZhbXA7JmFtcDtIKFMsJnF1b3Q7bG9hZCZxdW90OywoKT0%2Be2hiKCl9KX0pKCk7ZnVuY3Rpb24gaWIoKXt2YXIgYSxiO2NvbnN0IGM9d2luZG93O2lmKGMuZ21hU2RrfHwobnVsbD09PShhPWMud2Via2l0KXx8dm9pZCAwPT09YT8wOmEubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSlyZXR1cm4gYzt0cnl7Y29uc3QgZD13aW5kb3cucGFyZW50O2lmKGQuZ21hU2RrfHwobnVsbD09PShiPWQud2Via2l0KXx8dm9pZCAwPT09Yj8wOmIubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSlyZXR1cm4gZH1jYXRjaChkKXt9cmV0dXJuIG51bGx9IGZ1bmN0aW9uIGtiKGEsYj17fSxjPSgpPT57fSxkPSgpPT57fSl7Y29uc3QgZj1TdHJpbmcoTWF0aC5mbG9vcigyMTQ3NDgzNjQ3KnlhKCkpKTtsZXQgZz0wO2NvbnN0IGU9az0%2Be3RyeXt2YXIgaD0mcXVvdDtvYmplY3QmcXVvdDs9PT10eXBlb2Ygay5kYXRhP2suZGF0YTpKU09OLnBhcnNlKGsuZGF0YSk7Zj09PWgucGF3X2lkJmFtcDsmYW1wOyh3aW5kb3cuY2xlYXJUaW1lb3V0KGcpLHdpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKCZxdW90O21lc3NhZ2UmcXVvdDssZSksaC5zaWduYWw%2FYyhoLnNpZ25hbCk6aC5lcnJvciZhbXA7JmFtcDtkKGguZXJyb3IpKX1jYXRjaChtKXtrPXttc2c6JnF1b3Q7cG9zdG1lc3NhZ2VFcnJvciZxdW90OyxlcnI6bSBpbnN0YW5jZW9mIEVycm9yP20ubWVzc2FnZTomcXVvdDtub25FcnJvciZxdW90OyxkYXRhOm51bGw9PWsuZGF0YT8mcXVvdDtudWxsJnF1b3Q7OjUwMDxrLmRhdGEubGVuZ3RoP2suZGF0YS5zdWJzdHJpbmcoMCw1MDApOmsuZGF0YX07aD1nYjt2YXIgbD0mcXVvdDtsJnF1b3Q7O2gubCZhbXA7JmFtcDtoLmhhc093blByb3BlcnR5KGwpfHwobD1uZXcgaCxoLmw9bCk7aD1bXTshay5laWQmYW1wOyZhbXA7IGgubGVuZ3RoJmFtcDsmYW1wOyhrLmVpZD1oLnRvU3RyaW5nKCkpO1QoUiwmcXVvdDtwYXdfc2lncyZxdW90OyxrLCEwLHZvaWQgMCx2b2lkIDApfX07d2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJnF1b3Q7bWVzc2FnZSZxdW90OyxlYihrPT57ZShrKX0pKTthLnBvc3RNZXNzYWdlKE9iamVjdC5hc3NpZ24oe3Bhd19pZDpmfSxiKSk7Zz13aW5kb3cuc2V0VGltZW91dCgoKT0%2Be3dpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKCZxdW90O21lc3NhZ2UmcXVvdDssZSk7ZCgmcXVvdDtQQVcgR01BIHBvc3RtZXNzYWdlIHRpbWVkIG91dC4mcXVvdDspfSwyMDApfTt2YXIgbGI9Y2xhc3MgZXh0ZW5kcyBEe30scWE9WzZdO2NvbnN0IG1iPSZxdW90O3BsYXRmb3JtIHBsYXRmb3JtVmVyc2lvbiBhcmNoaXRlY3R1cmUgbW9kZWwgdWFGdWxsVmVyc2lvbiBiaXRuZXNzJnF1b3Q7LnNwbGl0KCZxdW90OyAmcXVvdDsp&i=7-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
jcSHq-mN1XO9oy-hE6ms-iHrjjg-qkGZxdszPn-WqtORHSD7ABxr6w==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=O3ZhciBuYj0oKT0%2Be3ZhciBhPXdpbmRvdztyZXR1cm4gYS5uYXZpZ2F0b3ImYW1wOyZhbXA7YS5uYXZpZ2F0b3IudXNlckFnZW50RGF0YSZhbXA7JmFtcDsmcXVvdDtmdW5jdGlvbiZxdW90Oz09PXR5cGVvZiBhLm5hdmlnYXRvci51c2VyQWdlbnREYXRhLmdldEhpZ2hFbnRyb3B5VmFsdWVzP2EubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXMobWIpLnRoZW4oYj0%2Be3ZhciBjPW5ldyBsYjtjPUUoYywxLGIucGxhdGZvcm0pO2M9RShjLDIsYi5wbGF0Zm9ybVZlcnNpb24pO2M9RShjLDMsYi5hcmNoaXRlY3R1cmUpO2M9RShjLDQsYi5tb2RlbCk7Yz1FKGMsNSxiLnVhRnVsbFZlcnNpb24pO3JldHVybiBFKGMsOSxiLmJpdG5lc3MpfSk6bnVsbH07Y2xhc3Mgb2J7Y29uc3RydWN0b3IoKXt0aGlzLnByb21pc2U9bmV3IFByb21pc2UoYT0%2Be3RoaXMuZz1hfSl9fTt3aW5kb3cudmlld1JlcT1bXTtjb25zdCBwYj1hPT57Y29uc3QgYj1uZXcgSW1hZ2U7Yi5zcmM9YS5yZXBsYWNlKCZxdW90OyZhbXA7YW1wOyZxdW90OywmcXVvdDsmYW1wOyZxdW90Oyk7d2luZG93LnZpZXdSZXEucHVzaChiKX0scWI9YT0%2Be2ZldGNoKGEse2tlZXBhbGl2ZTohMCxjcmVkZW50aWFsczomcXVvdDtpbmNsdWRlJnF1b3Q7LHJlZGlyZWN0OiZxdW90O2ZvbGxvdyZxdW90OyxtZXRob2Q6JnF1b3Q7Z2V0JnF1b3Q7LG1vZGU6JnF1b3Q7bm8tY29ycyZxdW90O30pLmNhdGNoKCgpPT57cGIoYSl9KX0scmI9YT0%2Be3dpbmRvdy5mZXRjaD9xYihhKTpwYihhKX07TT00Mjsgd2luZG93LnZ1PWE9Pnt2YXIgYixjLGQsZjtjb25zdCBnPUlhKHZhKSxlPWliKCk7ZyZhbXA7JmFtcDtudWxsIT0obnVsbD09PShiPW51bGw9PT1lfHx2b2lkIDA9PT1lP3ZvaWQgMDplLmdtYVNkayl8fHZvaWQgMD09PWI%2Fdm9pZCAwOmIuZ2V0Vmlld1NpZ25hbHMpJmFtcDsmYW1wOyhiPW51bGw9PT0oYz1udWxsPT09ZXx8dm9pZCAwPT09ZT92b2lkIDA6ZS5nbWFTZGspfHx2b2lkIDA9PT1jP3ZvaWQgMDpjLmdldFZpZXdTaWduYWxzKCkpJmFtcDsmYW1wOyhhPUcoYSwmcXVvdDsmYW1wO21zPSZxdW90OytiKSk7Y29uc3Qgaz1bXTtjPSgpPT57Y29uc3QgaD1uZXcgb2I7ay5wdXNoKGgucHJvbWlzZSk7cmV0dXJuIGguZ307aWYoYj1JYSh3YSkpe2NvbnN0IGg9bmIoKTtpZihudWxsIT1oKXtjb25zdCBsPWMoKTtoLnRoZW4obT0%2Be2E6e0E9ITA7dHJ5e3ZhciBuPUpTT04uc3RyaW5naWZ5KG0udG9KU09OKCksdGEpO2JyZWFrIGF9ZmluYWxseXtBPSExfW49dm9pZCAwfW09bjtuPVtdO2Zvcih2YXIgdT0wLHA9MDtwPG0ubGVuZ3RoO3ArKyl7dmFyIHE9IG0uY2hhckNvZGVBdChwKTsyNTU8cSZhbXA7JmFtcDsoblt1KytdPXEmYW1wOzI1NSxxPj49OCk7blt1KytdPXF9bT1qYShuLDMpOzA8bS5sZW5ndGgmYW1wOyZhbXA7KGE9RyhhLCZxdW90OyZhbXA7dWFjaD0mcXVvdDsrbSkpO2woKX0pfX1pZihnJmFtcDsmYW1wO251bGwhPShudWxsPT09KGQ9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUud2Via2l0KXx8dm9pZCAwPT09ZD92b2lkIDA6ZC5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMpKXtjb25zdCBoPWMoKTtrYihudWxsPT09KGY9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUud2Via2l0KXx8dm9pZCAwPT09Zj92b2lkIDA6Zi5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMse30sbD0%2Be2E9RyhhLCZxdW90OyZhbXA7JnF1b3Q7K2wpO2goKX0sKCk9PntoKCl9KX1ifHxnP1Byb21pc2UuYWxsKGspLnRoZW4oKCk9PntyYihhKX0pOnJiKGEpfTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQ%2BdnUoJnF1b3Q7aHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haVxceDNkQ0FjMFpnNXk4WVpub0pNanIzd08xX1lISUE2eWQ0cTVtdWRDdXlwWVB3STIzQVJBQklBQmdsYktoZ3JBSGdnRVhZMkV0Y0hWaUxUUXhNVE0yT0RFNE9ESXpNVEUwTlRYSUFRbmdBZ0NvQXdHcUJLVUNUOUNLZWpwZkNzZkJ2UWNNUlpUYkVFUjduaGNzWk9xbmRpN2IzR1YxdEIteXN0MXZPRGFWSlc5YUFDTFFFcTZraEt4dUM4cURyeks2R3VfNWZFSHRRQjFsRFdJaGZBNXZaNkRjSXNlZEFrVDFPdUhaT3I3anc0ci1yYXZESE4tTlF6dk82QXF3YXpUNmIzODZ5bjZHNHZOOGIxYzUtWmNHaHpOSU9mcVlNNjViemdfZEozZUFNYnAtYjhjNUVZQ0lCYk1ueHJ1WVZkdDhIa1dsbVJtUFFYc3JyMWwzdklmMVlDZXk5WVUxR1JnWnpBdVlJd2dCMlVKMTVzZEF5b1NaeVhub2pLTDZXeVlzNExib1BFSDlRdHJjYkZHQlRqUHBEMllUMzFnTUtIWE50REFfSkZyMDU3N09DakRzVnBxVGpyNHJhcHVhMkhkY250RnhaeDZyMjB6VDBjNjVod1dHTnJzUmFuMHZEWThDU2hTbF9rb0Z0SllqYUpoaUU2VmFMaDlraU1mZ0JBR0FCcDZIamJlTS1fV1ZKcUFHSWFnSHByNGJxQWVXMkJ1b0I2cWJzUUtvQjktZnNRTFlCd0RTQ0FVSWlHRVFBWUFLQV9vTEFnZ0JnQXdCMEJVQmdCY0JzaGNjQ2hvU0ZIQjFZaTAwTVRFek5qZ3hPRGd5TXpFeE5EVTFHSVRiZXdcXHgyNnNpZ2hcXHgzZFlPMVhKNTZVcXlZXFx4MjZ1YWNoX21cXHgzZFtVQUNIXVxceDI2Y2lkXFx4M2RDQVFTUHdDTklyTE00VU16OHZIZFVvZFcwbmJfNTdNeGJlVGk2bTJuMkJBcTJ1WWtyZ0xrSm1KZ3FiNnZJZGkzbU9FYW1DcXc0dWl3ckJES1ZzZkxSdGNtSkJnQiZxdW90Oyk8L3NjcmlwdD48c2NyaXB0PnZ1KCZxdW90O2h0dHBzOi8vZy5hbGdiaWQuYXBwL3J0aW1wP3NpZFxceDNkNjNjMTQ5MDAtNWY0NC0xMWVjLWEzN2ItZjZkMzJlMGJhNzk0XFx4MjZkXFx4M2R0aHJlYXRwb3N0LmNvbVxceDI2Y3JcXHgzZGdyZF9nZW4xMV8yXFx4MjZhXFx4M2RpbXBcXHgyNnBcXHgzZFlieWNnd0FKTkJrS2RfWElBQUItdFlPUEtORU93Z2FRWTVyN25RXFx4MjZpbVxceDNkTWs5SDBJTHZLSGNoUGhqbzZSX2JZV2Y1Ql8zdWVyWno1ZUl0LWY0d0tmQWtKOUNsNHlaMGNCbEVHa1lXOEduRzVHbVo5aGc2RXhDaHRXN2ozQVNDei1xSWpzUHRFTlRNNEJrQkFzUmxZT0lTV2FxYmRVNjlBNFdHUDNSMWh0SkhmTEQ4WHZlMmhYd3VjSk1QNmVfelVpUktkaEdVTnliTGcxVDQ5dEVNM1dtbWFQVXZFOXFCV2J4ai1IZWFUdGNzRHZRbmVyeWw4dGMtaXF1NmJXdnBEV1lHTjFLTTdDb0pfMGhpVllfbTQ2a3dWZ0VLaHJobmQ3OFhtZWhTeUZzcDRJN0hwWnotVER3SGI2QUZQNXFHLVpBeFJIVkh4NXlPS1ZDSERtR1IzODRJMWpzX0IyS043dHF5OFd5a2RFNXYmcXVvdDspPC9zY3JpcHQ%2BPGRpdiBjbGFzcz0mcXVvdDtHb29nbGVBY3RpdmVWaWV3SW5uZXJDb250YWluZXImcXVvdDtzdHlsZT0mcXVvdDtsZWZ0OjBweDt0b3A6MHB4O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7cG9zaXRpb246Zml4ZWQ7cG9pbnRlci1ldmVudHM6bm9uZTt6LWluZGV4Oi05OTk5OyZxdW90Oz48L2Rpdj48ZGl2IHN0eWxlPSZxdW90O2Rpc3BsYXk6aW5saW5lJnF1b3Q7Y2xhc3M9JnF1b3Q7R29vZ2xlQWN0aXZlVmlld0VsZW1lbnQmcXVvdDtkYXRhLWdvb2dsZS1hdi1jeG49JnF1b3Q7aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzczJ5bEZQbFZ0NVhraElvTzctRDgtbjZ6ZmRGRzlnQVlvYW42Yjd3RFVTNGtqZ3gyT2hDTkFPRlQwVGRVc1E4ZnZSaTZ3eXJHazNIcDNSbTlzVG1vcUVxQSZhbXA7YW1wO3NpZz1DZzBBcktKU3pKU0VKUVd6R0xXNUVBRSZxdW90O2RhdGEtZ29vZ2xlLWF2LWFkaz0mcXVvdDs0MTY2NzIzOTkxJnF1b3Q7ZGF0YS1nb29nbGUtYXYtbWV0YWRhdGE9JnF1b3Q7bGE9MSZhbXA7YW1wO3hkaT0wJmFtcDthbXA7JnF1b3Q7ZGF0YS1nb29nbGUtYXYtb3ZlcnJpZGU9JnF1b3Q7LTEmcXVvdDtkYXRhLWdvb2dsZS1hdi1kbT0mcXVvdDsyJnF1b3Q7ZGF0YS1nb29nbGUtYXYtaW1tZWRpYXRlIGRhdGEtZ29vZ2xlLWF2LWFpZD0mcXVvdDswJnF1b3Q7ZGF0YS1nb29nbGUtYXYtbmFpZD0mcXVvdDsxJnF1b3Q7ZGF0YS1nb29nbGUtYXYtc2xpZnQ9JnF1b3Q7JnF1b3Q7ZGF0YS1nb29nbGUtYXYtY3BtYXY9JnF1b3Q7JnF1b3Q7ZGF0YS1nb29nbGUtYXYtYnRyPSZxdW90OyZxdW90O2RhdGEtZ29vZ2xlLWF2LWl0cGw9JnF1b3Q7MjAmcXVvdDtkYXRhLWdvb2dsZS1hdi1ycz0mcXVvdDs0JnF1b3Q7ZGF0YS1nb29nbGUtYXYtZmxhZ3M9JnF1b3Q7WyZhbXA7cXVvdDt4JTI3ODQ0MCZhbXA7IzM5OzllZm90bSgmYW1wO2FtcDs3NTMzNzQlMmJlanZmLyUyNzg0NCZhbXA7Z3Q7JmFtcDsjMzk7OXd1dmIkJmFtcDthbXA7NTY1MzMmYW1wO2d0OyE9fHZxYykhMjczNzk0JmFtcDthbXA7JmFtcDtsdDtxcXZiLyUmYW1wO2x0OzE3MzUwMjAhPW5laHVgLyEzNjQ9NTA1MSE5YWJre2EoJDE2MDIxMDozJmFtcDthbXA7JmFtcDtsdDtjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJmFtcDsjMzk7NzY0NjM7MjEkP2Via3BiJCZhbXA7YW1wOzAzNjY3MTcmYW1wO2d0OyomYW1wO2d0O2JnaXBmKyEzPTcxMjM2MyU5YWlod2MpITcyMDImYW1wO2x0OzIxNyZhbXA7IzM5OzllZm90bSgmYW1wO2FtcDsyMDA2MTs0OCZhbXA7YW1wOyZhbXA7Z3Q7YGRvcGIvJSZhbXA7bHQ7MTcwNzIwMCE9OCgmYW1wO2FtcDsyMDA1NTc1PyZhbXA7YW1wOyZhbXA7Z3Q7YGRvcGIvJSZhbXA7bHQ7MTcwNjoyMSE9bmVodWB%2BJmFtcDtxdW90O10mcXVvdDs%2BPCFET0NUWVBFIGh0bWw%2BPGh0bWwgbGFuZz0mcXVvdDtlbiZxdW90Oz4gPGhlYWQ%2BIDxtZXRhIGNoYXJzZXQ9JnF1b3Q7VVRGLTgmcXVvdDsvPiA8bWV0YSBuYW1lPSZxdW90O3ZpZXdwb3J0JnF1b3Q7IGNvbnRlbnQ9JnF1b3Q7d2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEuMCZxdW90Oy8%2BIDxtZXRhIGh0dHAtZXF1aXY9JnF1b3Q7WC1VQS1Db21wYXRpYmxlJnF1b3Q7IGNvbnRlbnQ9JnF1b3Q7aWU9ZWRnZSZxdW90Oy8%2BIDxtZXRhIG5hbWU9JnF1b3Q7cmVmZXJyZXImcXVvdDsgY29udGVudD0mcXVvdDtuby1yZWZlcnJlciZxdW90Oy8%2BIDx0aXRsZT5Eb2N1bWVudDwvdGl0bGU%2BIDxsaW5rIGhyZWY9JnF1b3Q7aHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M%2FZmFtaWx5PVJvYm90bzo0MDAsNzAwJmFtcDtkaXNwbGF5PXN3YXAmcXVvdDsgcmVsPSZxdW90O3N0eWxlc2hlZXQmcXVvdDsvPiA8bGluayBocmVmPSZxdW90O2h0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzP2ZhbWlseT1TZWN1bGFyK09uZSZhbXA7ZGlzcGxheT1zd2FwJnF1b3Q7IHJlbD0mcXVvdDtzdHlsZXNoZWV0JnF1b3Q7Lz4gPHN0eWxlPi8qIHJlc2V0ICovIGFiYnIsIGFkZHJlc3MsIGFydGljbGUsIGFzaWRlLCBhdWRpbywgYiwgYmxvY2txdW90ZSwgYm9keSwgY2FudmFzLCBjYXB0aW9uLCBjaXRlLCBjb2RlLCBkZCwgZGVsLCBkZXRhaWxzLCBkZm4sIGRpdiwgZGwsIGR0LCBlbSwgZmllbGRzZXQsIGZpZ2NhcHRpb24sIGZpZ3VyZSwgZm9vdGVyLCBmb3JtLCBoMSwgaDIsIGgzLCBoNCwgaDUsIGg2LCBoZWFkZXIsIGhncm91cCwgaHRtbCwgaSwgaWZyYW1lLCBpbWcsIGlucywga2JkLCBsYWJlbCwgbGVnZW5kLCBsaSwgbWFyaywgbWVudSwgbmF2LCBvYmplY3QsIG9sLCBwLCBwcmUsIHEsIHNhbXAsIHNlY3Rpb24sIHNtYWxsLCBzcGFuLCBzdHJvbmcsIHN1Yiwgc3VtbWFyeSwgc3VwLCB0YWJsZSwgdGJvZHksIHRkLCB0Zm9vdCwgdGgsIHRoZWFkLCB0aW1lLCB0ciwgdWwsIHZhciwgdmlkZW97bWFyZ2luOiAwOyBwYWRkaW5nOiAwOyBib3JkZXI6IDA7IG91dGxpbmU6IDA7IGZvbnQtc2l6ZTogMTAwJTsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBiYWNrZ3JvdW5kOiAwIDA7fWJvZHl7bGluZS1oZWlnaHQ6IDE7fWFydGljbGUsIGFzaWRlLCBkZXRhaWxzLCBmaWdjYXB0aW9uLCBmaWd1cmUsIGZvb3RlciwgaGVhZGVyLCBoZ3JvdXAsIG1lbnUsIG5hdiwgc2VjdGlvbntkaXNwbGF5OiBibG9jazt9bmF2IHVse2xpc3Qtc3R5bGU6IG5vbmU7fWJsb2NrcXVvdGUsIHF7cXVvdGVzOiBub2&i=8-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
lS-J5AiygdssLkU8g9cH2xrSwAfZU0jLOWecNI_FbE4AZl0NwsXeGg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=5lO31ibG9ja3F1b3RlOmFmdGVyLCBibG9ja3F1b3RlOmJlZm9yZSwgcTphZnRlciwgcTpiZWZvcmV7Y29udGVudDogJnF1b3Q7JnF1b3Q7OyBjb250ZW50OiBub25lO31he21hcmdpbjogMDsgcGFkZGluZzogMDsgZm9udC1zaXplOiAxMDAlOyB2ZXJ0aWNhbC1hbGlnbjogYmFzZWxpbmU7IGJhY2tncm91bmQ6IDAgMDt9aW5ze2JhY2tncm91bmQtY29sb3I6ICNmZjk7IGNvbG9yOiAjMDAwOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7fW1hcmt7YmFja2dyb3VuZC1jb2xvcjogI2ZmOTsgY29sb3I6ICMwMDA7IGZvbnQtc3R5bGU6IGl0YWxpYzsgZm9udC13ZWlnaHQ6IDcwMDt9ZGVse3RleHQtZGVjb3JhdGlvbjogbGluZS10aHJvdWdoO31hYmJyW3RpdGxlXSwgZGZuW3RpdGxlXXtib3JkZXItYm90dG9tOiAxcHggZG90dGVkOyBjdXJzb3I6IGhlbHA7fXRhYmxle2JvcmRlci1jb2xsYXBzZTogY29sbGFwc2U7IGJvcmRlci1zcGFjaW5nOiAwO31ocntkaXNwbGF5OiBibG9jazsgaGVpZ2h0OiAxcHg7IGJvcmRlcjogMDsgYm9yZGVyLXRvcDogMXB4IHNvbGlkICNjY2M7IG1hcmdpbjogMWVtIDA7IHBhZGRpbmc6IDA7fWlucHV0LCBzZWxlY3R7dmVydGljYWwtYWxpZ246IG1pZGRsZTt9PC9zdHlsZT4gPHN0eWxlPmh0bWx7Ym94LXNpemluZzogYm9yZGVyLWJveDt9Ym9keXtmb250LWZhbWlseTogJnF1b3Q7Um9ib3RvJnF1b3Q7LCBzYW5zLXNlcmlmO31he3RleHQtZGVjb3JhdGlvbjogbm9uZTsgY29sb3I6ICMwMDAwMDA7fXVsIGxpe2Rpc3BsYXk6IGJsb2NrOyBwYWRkaW5nOiAwOyBtYXJnaW46IDA7fS5jb250YWluZXJfX2lubmVye3dpZHRoOiBjYWxjKDEwMHZ3IC0gMTBweCk7IGhlaWdodDogY2FsYygxMDB2aCAtIDEwcHgpOyBtYXJnaW46IDVweCA1cHggNXB4IDVweDsgZGlzcGxheTogZmxleDsgYWxpZ24taXRlbXM6IGNlbnRlcjsganVzdGlmeS1jb250ZW50OiBzcGFjZS1hcm91bmQ7IGJhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyBjdXJzb3I6IGRlZmF1bHQ7fS5zdGFydF9fYnRue21pbi13aWR0aDogMjA3cHg7IGN1cnNvcjogcG9pbnRlcjsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KCB0byBib3R0b20sIHJnYmEoMCwgMTkyLCAxNiwgMSkgMCUsIHJnYmEoMCwgMTQ3LCA5LCAxKSAxMDAlICk7IGZvbnQtZmFtaWx5OiAmcXVvdDtTZWN1bGFyIE9uZSZxdW90Oywgc2Fucy1zZXJpZjsgZGlzcGxheTogaW5saW5lLWJsb2NrOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiB1cHBlcmNhc2U7IGNvbG9yOiAjZmZmOyBmb250LXdlaWdodDogYm9sZDsgYmFja2dyb3VuZC1jb2xvcjogIzAwYmEwZDsgcGFkZGluZzogMThweCA0NXB4OyBsZXR0ZXItc3BhY2luZzogMC4xZW07IHRleHQtc2hhZG93OiAxcHggMXB4IDJweCByZ2JhKDAsIDAsIDAsIDAuNzYpOyBib3JkZXI6IDFweCBzb2xpZCAjMDE0ZjA0OTQ7IGJvcmRlci1yYWRpdXM6IDEwcHg7IGJveC1zaGFkb3c6IDNweCAzcHggMHB4ICMwMTRmMDQ5NCwgMHB4IDNweCAxNXB4IHJnYmEoMCwgMCwgMCwgMC40KSwgaW5zZXQgMHB4IDFweCAwcHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjMpLCBpbnNldCAwcHggMHB4IDNweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNSk7IHRyYW5zaXRpb246IGJveC1zaGFkb3cgMjAwbXM7IHdpZHRoOiBjbGFtcCgyMDBweCwgNDB2dywgMzAwcHgpOyBwYWRkaW5nOiAxNHB4IDI1cHg7IGZvbnQtc2l6ZTogMjBweDsgZm9udC1zaXplOiBjbGFtcCgyMHB4LCA2dncsIDM4cHgpO30ubG9uZy10ZXh0e3dpZHRoOiBjbGFtcCgyMDBweCwgNDV2dywgMzUwcHgpO30uc3RhcnRfX2J0bjpmb2N1c3tvdXRsaW5lOiBub25lO30uc3RhcnRfX3dyYXBwZXJ7YWxpZ24taXRlbXM6IGNlbnRlcjsgZGlzcGxheTogZmxleDt9LmluZm97ZGlzcGxheTogZmxleDsgYWxpZ24taXRlbXM6IGZsZXgtZW5kO30uaW5mbyBoNHtmb250LXNpemU6IDE3cHg7IGxpbmUtaGVpZ2h0OiAyMXB4OyBmb250LXdlaWdodDogNzAwO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMThweDt9LmluZm9fX3N0ZXBzIHNwYW57Zm9udC13ZWlnaHQ6IDcwMDt9LmxvZ297bWFyZ2luLXRvcDogNjBweDsgbWluLXdpZHRoOiA3MHB4O30udGl0bGUtY29udGFpbmVye2Rpc3BsYXk6IGZsZXg7IGp1c3RpZnktY29udGVudDogY2VudGVyOyBmbGV4LWRpcmVjdGlvbjogY29sdW1uO30udGl0bGV7ZGlzcGxheTogYmxvY2s7IGZvbnQtc2l6ZTogY2xhbXAoMzBweCwgNHZ3LCA4MHB4KTsgdGV4dC1hbGlnbjogY2VudGVyOyBsaW5lLWhlaWdodDogMS4yOyBmb250LWZhbWlseTogYXV0bzt9LnRpdGxlLWFkZGl0aW9ue2ZvbnQtd2VpZ2h0OiA2MDA7fS5oaWRle2Rpc3BsYXk6IG5vbmU7fS5oYWxmLUltZy1BcnRpY2xlLW1haW57d2lkdGg6IDg4dnc7IGZvbnQtc2l6ZTogMTMuNXB4OyBsaW5lLWhlaWdodDogMS4yO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHR7bWFyZ2luLXRvcDogM3ZoO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHQ6ZW1wdHl7ZGlzcGxheTogbm9uZTt9LnByZXNzLWRvd246YWN0aXZlLCAucHJlc3MtZG93bjpmb2N1cywgLnByZXNzLWRvd246dmlzaXRlZHt0cmFuc2Zvcm06IHRyYW5zbGF0ZVkoMXB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNzI5cHgpey5zdGFydF9fYnRue21pbi13aWR0aDogMjA3cHg7IHBhZGRpbmc6IDE2cHggMTBweDsgd2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzMDBweCk7IGZvbnQtc2l6ZTogNC43dnc7fS5sb25nLXRleHR7d2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzNTBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNTAwcHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogOTZ2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMjBweCl7LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiA4OXZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEwMHB4KXtoNHtkaXNwbGF5OiBub25lO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDc5cHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogODR2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDU5NnB4KXsuY29udGFpbmVyX19vdXRlcntoZWlnaHQ6IDEwMHZoOyAvKiBiYWNrZ3JvdW5kLWNvbG9yOiBncmV5OyAqLyBkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjt9LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiAxMDAlO30uaW5mb3toZWlnaHQ6IDEwMHZoO30uaW5mb19fd3JhcHBlcntkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBoZWlnaHQ6IDEwMCU7IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNTk2cHgpey5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgxODBweCwgNTB2dywgMjUwcHgpOyBtaW4td2lkdGg6IDE3NXB4OyBtaW4taGVpZ2h0OiA1MHB4OyBwYWRkaW5nOiA5cHggMTNweDsgZm9udC1zaXplOiAxNnB4OyBmb250LXNpemU6IGNsYW1wKDE2cHgsIDV2dywgMzBweCk7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMTRweDsgbGluZS1oZWlnaHQ6IDE4cHg7fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAxNHB4O30ubG9nb3tmb250LXNpemU6IDEycHg7IG1hcmdpbi10b3A6IDQ1cHg7IG1pbi13aWR0aDogNTBweDt9fS5saW5rcy10cnktYWdhaW57ZmxleC1kaXJlY3Rpb246IHJvdy1yZXZlcnNlO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA0NThweCl7LmNvbnRhaW5lcl9faW5uZXJ7ZmxleC1kaXJlY3Rpb246IGNvbHVtbjt9Lmxpbmtze2ZsZXgtZGlyZWN0aW9uOiBpbmhlcml0O30ubGlua3MtdHJ5LWFnYWlue2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTt9LmluZm97bWFyZ2luLXRvcDogNnZtaW47IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGFsaWduLWl0ZW1zOiBjZW50ZXI7fS5sb2dve2ZvbnQtc2l6ZTogMTVweDsgbWFyZ2luLXRvcDogNnZtaW47IG1hcmdpbi1sZWZ0OiA3NSU7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMThweDsgbGluZS1oZWlnaHQ6IDEuM2VtO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMS4yZW07fS5zdGFydF9fYnRuey8qIHdpZHRoOiAyMzBweDsgKi8gLyogcGFkZGluZzogMThweCA0MHB4OyAqLyAvKiBmb250LXNpemU6IDIwcHg7ICovIHdpZHRoOiA5NHZ3OyBwYWRkaW5nOiAyNHB4IDE0cHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTJ2dywgNDBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyODBweCl7LnN0YXJ0X19idG57d2lkdGg6IDk1dnc7IG1pbi13aWR0aDogMTA2cHg7IHBhZGRpbmc6IDIwcHggNHB4OyBmb250LXNpemU6IDE4cHg7IGZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMjFweCk7fS5sb25nLXRleHR7Zm9udC1zaXplOiBjbGFtcCgxM3B4LCAxM3Z3LCAxOHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDIwMHB4KXsubG9uZy10ZXh0e2ZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMTVweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAxNTBweCl7LmxvbmctdGV4dHtmb250LXNpemU6IGNsYW1wKDEzcHgsIDEzdncsIDEzcHgpO319LmxvZ297Zm9udC1zaXplOiAxM3B4OyBtYXJnaW4tbGVmdDogNjAlO30uaW5mbyBoNHtmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAyZW07fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAyZW07fS8qIFJFU1BPTlNJVkUgKi8gLnN0YXJ0X19hcnJvdywgLmxvZ297ZGlzcGxheTogbm9uZTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogMTYwcHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LmxvZ297ZGlzcGxheTogYmxvY2s7fX0uY29udGFpbmVyX19pbm5lcntoZWlnaHQ6IDEwMHZoOyBoZWlnaHQ6IGNhbGMoMTAwdmggLSAxMHB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogNTAwcHgpIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fS5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgyMDBweCwgNTB2dywgNTAwcHgpOyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDZ2dywgNjBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5pbmZvX19zdGVwc3tkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWV2ZW5seTsgbGluZS1oZWlnaHQ6IGluaGVyaXQ7IGZvbnQtc2l6ZTogY2xhbXAoMTVweCwgNS41dncsIDE4cHgpO30uaW5mb19fd3JhcHBlcnsvKiBoZWlnaHQ6IDEwMCU7ICovIGRpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogY2VudGVyOyBtYXgtd2lkdGg6IDEwMHZ3OyBtYXgtd2lkdGg6IGNhbGMoMTAwdncgLSAxMHB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fS5pbmZve2ZsZXg6IDU1JTt9LnN0YXJ0e2ZsZXg6IDM1JTsgZGlzcGxheTogZmxleDsgZmxleDogdW5zZXQ7fS5sb2dve2Rpc3BsYXk6IGZsZXg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMzUwcHgpey5pbmZvX193cmFwcGVye2xpbmUtaGVpZ2h0OiA3dmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNDlweCl7LmluZm9fX3N0ZXBze2Rpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5OyAvKiBsaW5lLWhlaWdodDogMjB2aDsgKi8gbGluZS1oZWlnaHQ6IDIwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MD&i=9-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
NrutI8FEDGdmZNaL7-xFOVMffufVn-ctJZugWG_AG2qOnt-owdkH2A==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=BweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDEuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDJ2aCwgMjJweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogNTAwcHgpIGFuZCAobWluLXdpZHRoOiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDMuNXZoLCAyMnB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDIuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7LmxvZ297d2lkdGg6IDEwMHZ3O319LmxpbmtfdGV4dHtjb2xvcjogIzFhMGRhYjsgZm9udC1zaXplOiAxOXB4OyBmb250LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7IGN1cnNvcjogcG9pbnRlcjt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDIwMHB4KXsubGlua190ZXh0e3RyYW5zZm9ybTogdHJhbnNsYXRlWSgtNXB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxNjBweCl7LmxpbmtfdGV4dHtmb250LXNpemU6IDE4cHg7fS5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEyNXB4KXsubGlua190ZXh0e2Rpc3BsYXk6IG5vbmU7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTEwcHgpey5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4OyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDEwdncsIDQwcHgpOyBsaW5lLWhlaWdodDogMS4yO30uYWR2X25hbWV7LyogZGlzcGxheTogbm9uZTsgKi99LmNvbnRhaW5lcl9faW5uZXJ7LyoganVzdGlmeS1jb250ZW50OiBjZW50ZXI7ICovfX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNzRweCl7LnN0YXJ0X19idG57cGFkZGluZzogNnB4IDEzcHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgOXZ3LCA0MHB4KTsgbGluZS1oZWlnaHQ6IDE7IG1pbi1oZWlnaHQ6IHVuc2V0OyB3aWR0aDogODV2dzt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiA2MHB4KXsuc3RhcnRfX2J0bntwYWRkaW5nOiAxNXB4IDVweDsgbGluZS1oZWlnaHQ6IDAuMzsgZm9udC1zaXplOiBjbGFtcCgxMnB4LCA0LjV2dywgNDBweCk7IHdpZHRoOiA0MHZ3OyBtaW4taGVpZ2h0OiB1bnNldDsgbWluLXdpZHRoOiBtYXgtY29udGVudDt9LmxvbmctdGV4dHt3aWR0aDogNzV2dzsgcGFkZGluZzogMTZweCAwcHg7fS5saW5rc3tmbGV4LWRpcmVjdGlvbjogcm93O30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiBjbGFtcCg5cHgsIDE4dmgsIDEycHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDYwcHgpIGFuZCAobWF4LXdpZHRoOiAyODBweCl7LmluZm9fX3N0ZXBze2ZvbnQtc2l6ZTogY2xhbXAoOHB4LCAxNHZoLCAxMnB4KTt9LnN0YXJ0e21hcmdpbi1yaWdodDogMTBweDt9fS5saW5rX3RleHQ6aG92ZXJ7dGV4dC1kZWNvcmF0aW9uOiB1bmRlcmxpbmU7fS5hZHZfbmFtZXsvKiBwb3NpdGlvbjogYWJzb2x1dGU7ICovIC8qIGJvdHRvbTogMDsgcmlnaHQ6IDA7ICovIC8qIGZvbnQtc2l6ZTogMTRweDsgZm9udC1zaXplOiBjbGFtcCgxMnB4LCAxLjZ2dywgMTRweCk7ICovIGRpc3BsYXk6IGlubGluZTt9LnN0YXJ0X19idG57dHJhbnNpdGlvbjogYWxsIDAuMnMgZWFzZS1pbi1vdXQ7fS5nb2xkZW4tdGV4dC1zaGFkb3d7dGV4dC1zaGFkb3c6IHJnYigxNjgsIDk5LCA1OSkgMXB4IDFweCA2cHgsIHJnYigxNjgsIDk5LCA1OSkgLTFweCAtMXB4IDBweCwgcmdiKDE2OCwgOTksIDU5KSAxcHggLTFweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgLTFweCAxcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDFweCAxcHggMHB4O31AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LmdvbGRlbi10ZXh0LXNoYWRvd3t0ZXh0LXNoYWRvdzogcmdiKDE2OCwgOTksIDU5KSAxLjVweCAxLjVweCA2cHgsIHJnYigxNjgsIDk5LCA1OSkgLTEuNXB4IC0xLjVweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMS41cHggLTEuNXB4IDBweCwgcmdiKDE2OCwgOTksIDU5KSAtMS41cHggMS41cHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDEuNXB4IDEuNXB4IDBweDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDcwMHB4KXsuZ29sZGVuLXRleHQtc2hhZG93e3RleHQtc2hhZG93OiByZ2IoMTY4LCA5OSwgNTkpIDJweCAycHggNnB4LCByZ2IoMTY4LCA5OSwgNTkpIC0ycHggLTJweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMnB4IC0ycHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIC0ycHggMnB4IDBweCwgcmdiKDE2OCwgOTksIDU5KSAycHggMnB4IDBweDt9fS5idG4tc2NhbGUtaG92ZXI6aG92ZXJ7dHJhbnNmb3JtOiBzY2FsZSgxLjIpO30uZXh0ZXJuYWwtaG92ZXItYnRuLXNjYWxlOmhvdmVyIC5zdGFydF9fYnRue3RyYW5zZm9ybTogc2NhbGUoMS4yKTt9Lmxpbmtze2Rpc3BsYXk6IGluaGVyaXQ7IGp1c3RpZnktY29udGVudDogaW5oZXJpdDsgYWxpZ24taXRlbXM6IGluaGVyaXQ7IHdpZHRoOiBpbmhlcml0OyBoZWlnaHQ6IGluaGVyaXQ7fS5saW5rcy1sb25nLXRpdGxle2Rpc3BsYXk6IGZsZXg7IGFsaWduLWl0ZW1zOiBjZW50ZXI7IHdpZHRoOiAxMDB2dzsganVzdGlmeS1jb250ZW50OiBjZW50ZXI7IGhlaWdodDogdW5zZXQ7fS5idG4tbG9uZy10aXRsZXtwYWRkaW5nOiAwOyBtYXJnaW4tdG9wOiAydmg7fS5maXhlZC10aXRsZXtmb250LXNpemU6IGNsYW1wKDE4cHgsIDR2dywgODBweCk7fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMTBweCl7LmJ0bi1sb25nLXRpdGxle2ZvbnQtc2l6ZTogY2xhbXAoMjVweCwgM3Z3LCA0MHB4KTsgd2lkdGg6IHVuc2V0OyBtYXJnaW4tdG9wOiA1dmg7IHBhZGRpbmc6IDN2aCAwO319QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDQwMHB4KXsuYnRuLWxvbmctdGl0bGV7Zm9udC1zaXplOiBjbGFtcCgyNXB4LCAzdncsIDQwcHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNDU4cHgpey5idG4tbG9uZy10aXRsZXt3aWR0aDogdW5zZXQ7IGZvbnQtc2l6ZTogY2xhbXAoMjVweCwgMTB2dywgNDBweCk7IHBhZGRpbmc6IDJ2aCA0dnc7IG1hcmdpbi10b3A6IDR2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiAzMDBweCksIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogMzAwcHgpey5idG4tbG9uZy10aXRsZXttYXJnaW4tdG9wOiA1dmg7IHdpZHRoOiB1bnNldDsgcGFkZGluZzogMS41dmggMy41dnc7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTB2dywgNDBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTgwcHgpey50aXRsZS1jb250YWluZXJ7ZmxleC1kaXJlY3Rpb246IHJvdzt9LnRpdGxlLWFkZGl0aW9ue3BhZGRpbmctbGVmdDogOHB4O30uYnRuLWxvbmctdGl0bGV7bWFyZ2luLXRvcDogMXZoO30uZml4ZWQtdGl0bGV7ZGlzcGxheTogbm9uZTt9fS5zZWNvbmQtYWQtd3JhcHBlciAubGlua3N7anVzdGlmeS1jb250ZW50OiBjZW50ZXI7fS5zZWNvbmQtYWQtd3JhcHBlciAuY29udGFpbmVyX19pbm5lcntwYWRkaW5nOiAwO30uc2Vjb25kLWFke2Rpc3BsYXk6IG5vbmU7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGJhY2tncm91bmQtY29sb3I6ICNmZmY7IGJvcmRlcjogMXB4IHNvbGlkICNjZmNmY2Y7IHdpZHRoOiAxMDB2dzsgcG9zaXRpb246IGFic29sdXRlOyBib3R0b206IDA7IGxlZnQ6IDA7IHJpZ2h0OiAwOyBib3gtc2l6aW5nOiBib3JkZXItYm94O30uc2Vjb25kLWFkLXdyYXBwZXIgLnNlY29uZC1hZC10b3B7Y29sb3I6ICM1NDU0NTQ7IGZvbnQtd2VpZ2h0OiA0MDA7IHBhZGRpbmc6IDR2aCA1dnc7IGJvcmRlci1ib3R0b206IDFweCBzb2xpZCAjY2ZjZmNmOyBtYXJnaW4tYm90dG9tOiAxdmg7IGZvbnQtc2l6ZTogMTZweDt9LnNlY29uZC1hZC1jb250YWluZXJ7ZGlzcGxheTogZmxleDsganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOyBhbGlnbi1pdGVtczogY2VudGVyOyBwYWRkaW5nOiA0dmggNXZ3OyBmb250LXNpemU6IDE0cHg7fS5zZWNvbmQtYWQtd3JhcHBlciBwe2NvbG9yOiAjYjliOGI4O30uc2Vjb25kLWFkLXdyYXBwZXIgLnNlY29uZC1hZC1jdGF7YmFja2dyb3VuZC1jb2xvcjogIzI5YmFkNjsgY29sb3I6ICNmZmY7IHBhZGRpbmc6IDJ2aCAydnc7IGJvcmRlci1yYWRpdXM6IDZweDsgZm9udC1zaXplOiAxMnB4O31AbWVkaWEgKG1pbi1hc3BlY3QtcmF0aW86IDIvMjApLCAobWluLWFzcGVjdC1yYXRpbzogOS8yMCl7QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDE4MHB4KXsuc2Vjb25kLWFkLXdyYXBwZXJ7LypiYWNrZ3JvdW5kLWNvbG9yOiAjQ0ZDRkNGOyovfS5zZWNvbmQtYWR7ZGlzcGxheTogZmxleDt9LnNlY29uZC1hZC13cmFwcGVyIC5saW5rc3tqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWFyb3VuZDt9LmxpbmtfdGV4dHt0cmFuc2Zvcm06IHVuc2V0O30uc2Vjb25kLWFkLXdyYXBwZXIgLmxpbmtze2p1c3RpZnktY29udGVudDogY2VudGVyOyBtYXJnaW4tYm90dG9tOiAzMHZoO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyMDBweCl7LnNlY29uZC1hZC13cmFwcGVyIC5zZWNvbmQtYWQtdG9we2ZvbnQtc2l6ZTogMTNweDt9LnNlY29uZC1hZC13cmFwcGVyIHB7Zm9udC1zaXplOiAxMnB4O30uc2Vjb25kLWFkLXdyYXBwZXIgLnNlY29uZC1hZC1jdGF7cGFkZGluZzogMS4ydmggNHZ3O30uc2Vjb25kLWFke2xpbmUtaGVpZ2h0OiAxLjM7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyNTBweCl7LnNlY29uZC1hZC13cmFwcGVyIC5saW5rc3ttYXJnaW4tYm90dG9tOiA0MHZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNDU4cHgpey5zdGFydF9fYnRue3BhZGRpbmc6IDF2aCAzdnc7IGZvbnQtc2l6ZTogY2xhbXAoMTVweCwgMTB2dywgNDBweCk7IHdpZHRoOiA4NXZ3O319fX1AbWVkaWEgKG1pbi1hc3BlY3QtcmF0aW86IDMvMSl7QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDgwcHgpIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LnNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLnNlY29uZC1hZHtwb3NpdGlvbjogdW5zZXQ7IGRpc3BsYXk6IGZsZXg7IGhlaWdodDogMTAwdmg7IHBvc2l0aW9uOiBhYnNvbHV0ZTsgcmlnaHQ6IDA7IGxlZnQ6IHVuc2V0OyB3aWR0aDogNDB2dzt9LmZsaXAtc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAuc2Vjb25kLWFke2xlZnQ6IDA7fS5zZWNvbmQtYWQtaG9yaXpvbnRhbC13cmFwcGVyICNjdGF7d2lkdGg6IDYwdnc7IGRpc3BsYXk6IGZsZXg7IGp1c3RpZnktY29udGVudDogY2VudGVyO30uc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAubGlua3N7bWFyZ2luOiAwOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWJldHdlZW47fS5mbGlwLXNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLmxpbmtze2ZsZXgtZGlyZWN0aW9uOiByb3ctcmV2ZXJzZTt9LnNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLmxpbmtfdGV4dHt0cmFuc2Zvcm06IHVuc2V0OyBkaXNwbGF5OiBmbGV4O30uc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAuc2Vjb25kLWFkLXRvcHtmb250LXNpemU6IDE3cHg7IGhlaWdodDogNTAlOyBwYWRkaW5nOiAwOyBkaXNwbGF5OiBmbGV4OyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgYWxpZ24taXRlbXM6IGNlbnRlcjsgbWFyZ2luOiAwO30uc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAuc2Vjb25kLWFkLWN0YXtwYWRkaW5nOiAzdmggMi41dnc7IGZvbnQtc2l6ZTogMTRweDt9LnNlY29uZC&i=10-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
VQx4720OKnqKO0BRZ2vaECVL-gAeZ7_Y6P_pBSoMMCBzDVomgW6Fdw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=1hZC1ob3Jpem9udGFsLXdyYXBwZXIgcHtmb250LXNpemU6IDE1cHg7fS5zZWNvbmQtYWQtaG9yaXpvbnRhbC13cmFwcGVyIC5zZWNvbmQtYWQtY29udGFpbmVye3BhZGRpbmc6IDA7IGp1c3RpZnktY29udGVudDogc3BhY2UtYXJvdW5kOyBoZWlnaHQ6IDUwJTt9LnNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLmxpbmtfdGV4dDpob3Zlcnt0ZXh0LWRlY29yYXRpb246IG5vbmU7fX19PC9zdHlsZT4gPHNjcmlwdD52YXIgY2xpY2tlZD1mYWxzZTsgd2luZG93LmxpbmtUYXJnZXQ9JnF1b3Q7X2JsYW5rJnF1b3Q7OyBmdW5jdGlvbiBuZXYoYSl7dmFyIHRpbWV6b25lT2Zmc2V0PW5ldyBEYXRlKCkuZ2V0VGltZXpvbmVPZmZzZXQoKTsgdmFyIHRpbWV6b25lPW51bGw7IGlmIChhPT0mcXVvdDtjbGsmcXVvdDspe3dpbmRvdy5lZT10cnVlOyBpZiAoY2xpY2tlZCl7bmV2KCZxdW90O2Nsa19hZ24mcXVvdDspO31pZiAoaXNUcnVlKHBhcmFtcy50cnlBZ2Fpbikpe3RyeUFnYWluSGFuZGxlcigpO31jbGlja2VkPXRydWU7IGlmIChpc1RydWUocGFyYW1zLm9wZW5Jbk5ld1dpbmRvdykpe2xldCBuZXdXaW5kb3dQYXJhbXM9YHdpZHRoPSR7d2luZG93Lm91dGVyV2lkdGh9LGhlaWdodD0ke3dpbmRvdy5vdXRlckhlaWdodH0sbGVmdD0wLHRvcD0wLHRvb2xiYXI9MCxzdGF0dXM9MCxtZW51YmFyPTAsc2Nyb2xsYmFycz0wLHJlc2l6YWJsZT0wYDsgd2luZG93Lm9wZW4oICZxdW90O2h0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYW1wO2FpPUNITDJBZzV5OFlabm9KTWpyM3dPMV9ZSElBNnlkNHE1bXVkQ3V5cFlQd0kyM0FSQUJJQUJnbGJLaGdyQUhnZ0VYWTJFdGNIVmlMVFF4TVRNMk9ERTRPREl6TVRFME5UWElBUW5nQWdDb0F3R3FCS2dDVDlDS2VqcGZDc2ZCdlFjTVJaVGJFRVI3bmhjc1pPcW5kaTdiM0dWMXRCLXlzdDF2T0RhVkpXOWFBQ0xRRXE2a2hLeHVDOHFEcnpLNkd1XzVmRUh0UUIxbERXSWhmQTV2WjZEY0lzZWRBa1QxT3VIWk9yN2p3NHItcmF2REhOLU5RenZPNkFxd2F6VDZiMzg2eW42RzR2TjhiMWM1LVpjR2h6TklPZnFZTTY1YnpnX2RKM2VBTWJwLWI4YzVFWUNJQmJNbnhydVlWZHQ4SGtXbG1SbVBRWHNycjFsM3ZJZjFZQ2V5OVlVMUdSZ1p6QXVZSXdnQjJVSjE1c2RBeW9TWnlYbm9qS0w2V3lZczRMYm9QRUg5UXRyY2JGR0JUalBwRDJZVDMxZ01LSFhOdERBX0pGcjA1NzdPQ2pEc1ZwcVRqcjRyYXB1YTJIZGNudEZ4Wng2cm1VN3lRMVo5YmdGMTMtMnBuUU9mMHU4ZlFNS3MwRkxOSEhsZDJFM1VCNGxDdFA2VmpEVC1BcFhnQkFHQUJwNkhqYmVNLV9XVkpxQUdJYWdIcHI0YnFBZVcyQnVvQjZxYnNRS29COS1mc1FMWUJ3RFNDQVVJaUdFUUFmb0xBZ2dCZ0F3QjBCVUJnQmNCJmFtcDtudW09MSZhbXA7c2lnPUFPRDY0XzNiTkFKMUxJODg2dWRLLXIyUkVIajktZ0lxYVEmYW1wO2NsaWVudD1jYS1wdWItNDExMzY4MTg4MjMxMTQ1NSZhbXA7YWR1cmw9aHR0cHMlM0ElMkYlMkZwcm90ZWN0aW9uLmJ5Z3VhcmRpby5jb20lMkYlM0ZjbGljayUzRDYzYzE0OTAwLTVmNDQtMTFlYy1hMzdiLWY2ZDMyZTBiYTc5NCUyNnV0bV9zb3VyY2UlM0RhZHhfZ3JkX2dlbjExXzIlMjZtaWQlM0Q2M2MxNDkwMC01ZjQ0LTExZWMtYTM3Yi1mNmQzMmUwYmE3OTQlMjZ1dG1fdGVzdCUzRGFmZnNjYW4lMjZhZmZfaWQlM0Q2MTEmcXVvdDssICZxdW90O2xwJnF1b3Q7LCBuZXdXaW5kb3dQYXJhbXMgKTt9ZWxzZXt3aW5kb3cub3BlbiggJnF1b3Q7aHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9TCZhbXA7YWk9Q0hMMkFnNXk4WVpub0pNanIzd08xX1lISUE2eWQ0cTVtdWRDdXlwWVB3STIzQVJBQklBQmdsYktoZ3JBSGdnRVhZMkV0Y0hWaUxUUXhNVE0yT0RFNE9ESXpNVEUwTlRYSUFRbmdBZ0NvQXdHcUJLZ0NUOUNLZWpwZkNzZkJ2UWNNUlpUYkVFUjduaGNzWk9xbmRpN2IzR1YxdEIteXN0MXZPRGFWSlc5YUFDTFFFcTZraEt4dUM4cURyeks2R3VfNWZFSHRRQjFsRFdJaGZBNXZaNkRjSXNlZEFrVDFPdUhaT3I3anc0ci1yYXZESE4tTlF6dk82QXF3YXpUNmIzODZ5bjZHNHZOOGIxYzUtWmNHaHpOSU9mcVlNNjViemdfZEozZUFNYnAtYjhjNUVZQ0lCYk1ueHJ1WVZkdDhIa1dsbVJtUFFYc3JyMWwzdklmMVlDZXk5WVUxR1JnWnpBdVlJd2dCMlVKMTVzZEF5b1NaeVhub2pLTDZXeVlzNExib1BFSDlRdHJjYkZHQlRqUHBEMllUMzFnTUtIWE50REFfSkZyMDU3N09DakRzVnBxVGpyNHJhcHVhMkhkY250RnhaeDZybVU3eVExWjliZ0YxMy0ycG5RT2YwdThmUU1LczBGTE5ISGxkMkUzVUI0bEN0UDZWakRULUFwWGdCQUdBQnA2SGpiZU0tX1dWSnFBR0lhZ0hwcjRicUFlVzJCdW9CNnFic1FLb0I5LWZzUUxZQndEU0NBVUlpR0VRQWZvTEFnZ0JnQXdCMEJVQmdCY0ImYW1wO251bT0xJmFtcDtzaWc9QU9ENjRfM2JOQUoxTEk4ODZ1ZEstcjJSRUhqOS1nSXFhUSZhbXA7Y2xpZW50PWNhLXB1Yi00MTEzNjgxODgyMzExNDU1JmFtcDthZHVybD1odHRwcyUzQSUyRiUyRnByb3RlY3Rpb24uYnlndWFyZGlvLmNvbSUyRiUzRmNsaWNrJTNENjNjMTQ5MDAtNWY0NC0xMWVjLWEzN2ItZjZkMzJlMGJhNzk0JTI2dXRtX3NvdXJjZSUzRGFkeF9ncmRfZ2VuMTFfMiUyNm1pZCUzRDYzYzE0OTAwLTVmNDQtMTFlYy1hMzdiLWY2ZDMyZTBiYTc5NCUyNnV0bV90ZXN0JTNEYWZmc2NhbiUyNmFmZl9pZCUzRDYxMSZxdW90Oywgd2luZG93LmxpbmtUYXJnZXQgKTt9fXRyeXt0aW1lem9uZT1JbnRsLkRhdGVUaW1lRm9ybWF0KCkucmVzb2x2ZWRPcHRpb25zKCkudGltZVpvbmU7fWNhdGNoe312YXIgdXJsPSZxdW90O2h0dHBzOi8vZy5hbGdiaWQuYXBwL3J0aW1wP3NpZD02M2MxNDkwMC01ZjQ0LTExZWMtYTM3Yi1mNmQzMmUwYmE3OTQmYW1wO2Q9dGhyZWF0cG9zdC5jb20mYW1wO2NyPWdyZF9nZW4xMV8yJmFtcDtnaWQ9JmFtcDthPSZxdW90OyArIGEgKyAmcXVvdDsmYW1wO3A9WWJ5Y2d3QUpOQmtLZF9YSUFBQi10WU9QS05FT3dnYVFZNXI3blEmYW1wO3I9NjcyNzA3ODQyJmFtcDtvdz0mcXVvdDsgKyB3aW5kb3cub3V0ZXJXaWR0aCArICZxdW90OyZhbXA7b2g9JnF1b3Q7ICsgd2luZG93Lm91dGVySGVpZ2h0ICsgJnF1b3Q7JmFtcDt0em9mPSZxdW90OyArIHRpbWV6b25lT2Zmc2V0ICsgJnF1b3Q7JmFtcDt0ej0mcXVvdDsgKyB0aW1lem9uZSArICZxdW90OyZhbXA7cHhyPSZxdW90OyArIHdpbmRvdy5kZXZpY2VQaXhlbFJhdGlvOyBuZXcgSW1hZ2UoKS5zcmM9dXJsO312YXIgdnc9ZmFsc2U7IGZ1bmN0aW9uIGhhbmRsZU0oZSl7aWYgKCF2dyAmYW1wOyZhbXA7IGUuZGF0YSAmYW1wOyZhbXA7IGUuZGF0YS5pbmRleE9mKCZxdW90Ozc9MSZxdW90OykgPiAtMSl7dnc9dHJ1ZTsgbmV2KCZxdW90O3Z3JnF1b3Q7KTsgd2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoJnF1b3Q7bWVzc2FnZSZxdW90OywgaGFuZGxlTSk7fX13aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcigmcXVvdDttZXNzYWdlJnF1b3Q7LCBoYW5kbGVNKTsgPC9zY3JpcHQ%2BIDwvaGVhZD4gPGJvZHkgb25sb2FkPSZxdW90O25ldignaW1sb2FkJyk7JnF1b3Q7IHN0eWxlPSZxdW90O2Rpc3BsYXk6IG5vbmUmcXVvdDs%2BIDxkaXYgc3R5bGU9JnF1b3Q7b3ZlcmZsb3c6aGlkZGVuO3Bvc2l0aW9uOnJlbGF0aXZlOyB3aWR0aDoxMDAlOyZxdW90Oz4gPHNlY3Rpb24gY2xhc3M9JnF1b3Q7bWFpbiZxdW90Oz4gPGRpdiBjbGFzcz0mcXVvdDtjb250YWluZXIgY29udGFpbmVyX19vdXRlciZxdW90Oz4gPGRpdiBjbGFzcz0mcXVvdDtjb250YWluZXJfX2lubmVyIG9wZW5fbGluayZxdW90OyBvbmNsaWNrPSZxdW90O2V2ZW50LnN0b3BQcm9wYWdhdGlvbigpOyBuZXYoJ2NsaycpOyBuZXYoJ3dyYXBwZXJjbGsnKTsmcXVvdDsgb25tb3VzZW92ZXI9JnF1b3Q7bmV2KCd3cmFwaG92Jyk7JnF1b3Q7IGlkPSZxdW90O3dyYXBwZXImcXVvdDsgPiA8ZGl2IGNsYXNzPSZxdW90O2xpbmtzJnF1b3Q7PiA8YSBjbGFzcz0mcXVvdDtvcGVuX2xpbmsmcXVvdDsgaHJlZj0mcXVvdDsjJnF1b3Q7IG9uY2xpY2s9JnF1b3Q7ZXZlbnQuc3RvcFByb3BhZ2F0aW9uKCk7IG5ldignY2xrJyk7IG5ldignY3RhY2xrJyk7JnF1b3Q7IG9ubW91c2VvdmVyPSZxdW90O25ldignaG92Jyk7JnF1b3Q7IG9udG91Y2hzdGFydD0mcXVvdDtuZXYoJ2N0YXRvdWNoJyk7JnF1b3Q7IGlkPSZxdW90O2N0YSZxdW90OyA%2BIDxkaXYgY2xhc3M9JnF1b3Q7c3RhcnQmcXVvdDs%2BIDxkaXYgY2xhc3M9JnF1b3Q7c3RhcnRfX3dyYXBwZXImcXVvdDs%2BIDxidXR0b24gY2xhc3M9JnF1b3Q7c3RhcnRfX2J0biZxdW90Oz4gU3RhcnQgTm93IDwvYnV0dG9uPiA8L2Rpdj48L2Rpdj48L2E%2BIDxhIGNsYXNzPSZxdW90O29wZW5fbGluayZxdW90OyBocmVmPSZxdW90OyMmcXVvdDsgb25jbGljaz0mcXVvdDtldmVudC5zdG9wUHJvcGFnYXRpb24oKTsgbmV2KCdjbGsnKTsgbmV2KCd0eHRjbGsnKTsmcXVvdDsgb25tb3VzZW92ZXI9JnF1b3Q7bmV2KCd0eHRob3YnKTsmcXVvdDsgb250b3VjaHN0YXJ0PSZxdW90O25ldigndHh0dG91Y2gnKTsmcXVvdDsgaWQ9JnF1b3Q7YXR4dCZxdW90OyA%2BIDxkaXYgY2xhc3M9JnF1b3Q7aW5mb19fd3JhcHBlciZxdW90Oz4gPGg0PjwvaDQ%2BIDx1bCBjbGFzcz0mcXVvdDtpbmZvX19zdGVwcyZxdW90Oz4gPGxpPiAxLiA8c3Bhbj5DbGljazwvc3Bhbj4gJnF1b3Q7U3RhcnQgTm93JnF1b3Q7IDwvbGk%2BPGxpPiAyLiA8c3Bhbj5Db250aW51ZTwvc3Bhbj4gb24gb3VyIHdlYnNpdGUgPC9saT48bGk%2BIDMuIDxzcGFuPkdldDwvc3Bhbj4gPHNwYW4%2BIDxkaXYgY2xhc3M9JnF1b3Q7YWR2X25hbWUmcXVvdDs%2BIEd1YXJkaW8gPC9kaXY%2BPC9zcGFuPiBmb3IgQ2hyb21lIDwvbGk%2BPC91bD4gPC9kaXY%2BPC9hPiA8L2Rpdj48L2Rpdj48L2Rpdj48L3NlY3Rpb24%2BIDwvZGl2PjxzY3JpcHQ%2BZnVuY3Rpb24gaW5qZWN0Q3NzKGNzcyl7dmFyIHN0eWxlPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJnF1b3Q7c3R5bGUmcXVvdDspOyBkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKHN0eWxlKTsgc3R5bGUudHlwZT0mcXVvdDt0ZXh0L2NzcyZxdW90OzsgaWYgKHN0eWxlLnN0eWxlU2hlZXQpe3N0eWxlLnN0eWxlU2hlZXQuY3NzVGV4dD1jc3M7fWVsc2V7c3R5bGUuYXBwZW5kQ2hpbGQoZG9jdW1lbnQuY3JlYXRlVGV4dE5vZGUoY3NzKSk7fX12YXIgY29sb3JzPXtncmVlbjp7YmFja2dyb3VuZDogJnF1b3Q7bGluZWFyLWdyYWRpZW50KHRvIGJvdHRvbSwgIzAwYzAxMCAwJSwgIzAwOTMwOSAxMDAlKSZxdW90Oywgc2hhZG93Q29sb3I6ICZxdW90OyMwMTRGMDQ5NCZxdW90O30sIGJsdWU6e2JhY2tncm91bmQ6ICZxdW90O2xpbmVhci1ncmFkaWVudCgxODBkZWcsICMyMTk2ZjMgMCUsICMxOTc2ZDIgMTAwJSkmcXVvdDssIHNoYWRvd0NvbG9yOiAmcXVvdDsjMTk3NmQyJnF1b3Q7fSwgcmVkOntiYWNrZ3JvdW5kOiAmcXVvdDtsaW5lYXItZ3JhZGllbnQoMTgwZGVnLCAjZjQ0MzM2IDAlLCAjZDMyZjJmIDEwMCUpJnF1b3Q7LCBzaGFkb3dDb2xvcjogJnF1b3Q7I2M2MjgyOCZxdW90O30sIGdvbGQ6e2JhY2tncm91bmQ6ICZxdW90O2xpbmVhci1ncmFkaWVudCgxODBkZWcsICNmZmJmMDAgMCUsICNmZmNmNDAgMTAwJSkmcXVvdDssIHNoYWRvd0NvbG9yOiAmcXVvdDsjYmY5YjMwJnF1b3Q7fX07IGZ1bmN0aW9uIGlzVHJ1ZShwYXJhbSl7cmV0dXJuICggcGFyYW0gIT09dW5kZWZpbmVkICZhbXA7JmFtcDsgKHBhcmFtPT09dHJ1ZSB8fCBwYXJhbT09PSZxdW90O3RydWUmcXVvdDspICk7fWZ1bmN0aW9uIGlzRmFsc2UocGFyYW0pe3JldHVybiAoIHBhcmFtICE9PXVuZGVmaW5lZCAmYW1wOyZhbXA7IChwYXJhbT09PWZhbHNlIHx8IHBhcmFtPT09JnF1b3Q7ZmFsc2UmcXVvdDspICk7fXdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdiZWZvcmV1bmxvYWQnLCBmdW5jdGlvbigpe2lmICghd2luZG93LmVlKXtuZXYoJ3VubG9hZCcpO319KTsgdHJ5e3ZhciBwYXJhbXM9e307IHZhciBtYXliZVBhcmFtcz0mcXVvdDtleUp6ZEdWd1QyNWxWR1&i=11-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
fzhuitD73f-PR4EQ9LH1l3cX8PGc5JsJ6_ZHA-Lr7zEt52mVE6ATrA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=Y0ZENJNklqeHNhVDR4TGlCRGJHbGpheUE4YzNCaGJpQnpkSGxzWlQwblkyOXNiM0k2SUNNeU1UazJSak1uUGx3aVUzUmhjblFnVG05M1hDSThYQzl6Y0dGdVBqeGNMMnhwUGlJc0luTjBaWEJVYUhKbFpWUmxlSFFpT2lJOGJHaytNeTRnVTJOaGJpQlpiM1Z5SUVKeWIzZHpaWEk4WEM5c2FUNGlMQ0p6ZEdWd1ZIZHZWR1Y0ZENJNklqeHNhU0J6ZEhsc1pUMG5aR2x6Y0d4aGVUb2dabXhsZURzZ1lXeHBaMjR0YVhSbGJYTTZJR05sYm5SbGNqdG1iR1Y0TFdac2IzYzZkM0poY0RzblBqSXVJRUZrWkNCSGRXRnlaR2x2SUR4cGJXY2djM1I1YkdVOUoyMWhlQzFvWldsbmFIUTZJRE13ZG1nN0lEdHdZV1JrYVc1bkxXeGxablE2TlhCNE95Y2djM0pqUFNkb2RIUndjenBjTDF3dlkyUnVMbkowWW5KaGFXNHVZWEJ3WEM5bmNtUmNMMmxqYjI0eE5TNXdibWNuSUZ3dlBqeGNMMnhwUGlJc0luTjBaWEJ6VkdsMGJHVWlPaUl6SUVWaGMza2dVM1JsY0hNNkluMD0mcXVvdDs7IGlmICghbWF5YmVQYXJhbXMuc3RhcnRzV2l0aCgmcXVvdDskJnF1b3Q7KSl7dmFyIHJlbVBhcmFtcz1KU09OLnBhcnNlKHdpbmRvdy5hdG9iKG1heWJlUGFyYW1zKSk7IHBhcmFtcz1PYmplY3QuYXNzaWduKHBhcmFtcywgcmVtUGFyYW1zKTt9d2luZG93LnBhcmFtcz1wYXJhbXM7IGZ1bmN0aW9uIHRyeUFnYWluSGFuZGxlcigpe3NldFRpbWVvdXQoZnVuY3Rpb24oKXtpZiAocGFyYW1zLmJ0blN0eWxlVHJ5QWdhaW4pe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspLnN0eWxlPXBhcmFtcy5idG5TdHlsZVRyeUFnYWluO31pZiAocGFyYW1zLmN0YVRleHRUcnlBZ2Fpbil7dmFyIGJ0bj0oZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZSggJnF1b3Q7c3RhcnRfX2J0biZxdW90OyApWzBdLmlubmVyVGV4dD1wYXJhbXMuY3RhVGV4dFRyeUFnYWluKTt9aWYgKHBhcmFtcy5pbm5lclRyeUFnYWluKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90OykuaW5uZXJIVE1MPXBhcmFtcy5pbm5lclRyeUFnYWluO31pZiAocGFyYW1zLmxpbmtUZXh0VHJ5QWdhaW4pe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtfdGV4dCZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy5saW5rVGV4dFRyeUFnYWluO31pZiAocGFyYW1zLmxpbmtUZXh0TGlua1N0eWxlVHJ5QWdhaW4pe2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCZxdW90O2F0eHQmcXVvdDspLnN0eWxlPXBhcmFtcy5saW5rVGV4dExpbmtTdHlsZVRyeUFnYWluO31pZiAocGFyYW1zLmxpbmtUZXh0SW5uZXJTdHlsZVRyeUFnYWluKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rX3RleHQmcXVvdDspLnN0eWxlPXBhcmFtcy5saW5rVGV4dElubmVyU3R5bGVUcnlBZ2Fpbjt9aWYgKGlzVHJ1ZShwYXJhbXMuZmxpcE9yZGVyVHJ5QWdhaW4pKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2xpbmtzLXRyeS1hZ2FpbiZxdW90Oyk7fWlmIChwYXJhbXMudHJ5QWdhaW5MaW5rc1N0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90Oykuc3R5bGU9cGFyYW1zLnRyeUFnYWluTGlua3NTdHlsZTt9aWYgKHBhcmFtcy5ib2R5VHJ5QWdhaW5TdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9cGFyYW1zLmJvZHlTdHlsZTt9fSwgcGFyYW1zLnRyeUFnYWluRGVsYXkpO31pZiAoIGlzVHJ1ZShwYXJhbXMuc21hbGxBZExheW91dCkgJmFtcDsmYW1wOyB3aW5kb3cuc2NyZWVuLndpZHRoPT09MzIwICZhbXA7JmFtcDsgd2luZG93LnNjcmVlbi5oZWlnaHQ9PT01MCApe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspLnN0eWxlPSZxdW90O2ZvbnQtc2l6ZTogMjBweDtwYWRkaW5nOiA1cHggMTRweDtoZWlnaHQ6IHVuc2V0O3dpZHRoOiB1bnNldDtsaW5lLWhlaWdodDogdW5zZXQ7bWluLXdpZHRoOiB1bnNldDt0ZXh0LXNoYWRvdzogcmdiYSgwLCAwLCAwLCAwLjc2KSAxLjVweCAxLjVweCAyLjVweDtib3JkZXItcmFkaXVzOiA1MHB4O2JveC1zaGFkb3c6IHJnYigxNjgsIDk5LCA1OSkgMHB4IDFweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDJweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDNweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDRweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDVweCAwcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggNnB4IDFweCwgcmdiYSgwLCAwLCAwLCAwLjEpIDBweCAwcHggNXB4LCByZ2JhKDAsIDAsIDAsIDAuMykgMHB4IDFweCAzcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggM3B4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjI1KSAwcHggNXB4IDEwcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggMTBweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMTUpIDBweCAyMHB4IDIwcHg7Ym9yZGVyOiAxcHggc29saWQgcmdiKDE5MSwgMTU1LCA0OCk7YmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KDBkZWcsIHJnYigyMzcsIDE3MCwgNSkgMCUsIHJnYigyNTUsIDIzNSwgMTM4KSAxMDAlKTsmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjpyb3ctcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1hcm91bmQ7IHdpZHRoOiBjYWxjKDEwMCUgKyA0cHgpOyZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua190ZXh0JnF1b3Q7KS5zdHlsZT0mcXVvdDtkaXNwbGF5OmZsZXg7IHRyYW5zZm9ybTogbm9uZTsgZm9udC1mYW1pbHk6ICdTZWN1bGFyIE9uZSc7Y29sb3I6ICMxYjc0ZTU7bWFyZ2luLXRvcDogNHB4OyZxdW90OzsgaWYgKHBhcmFtcy5zbWFsbEFkVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua190ZXh0JnF1b3Q7KS5pbm5lclRleHQ9cGFyYW1zLnNtYWxsQWRUZXh0O31pZiAocGFyYW1zLnNtYWxsQWRUZXh0U3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtfdGV4dCZxdW90Oykuc3R5bGU9cGFyYW1zLnNtYWxsQWRUZXh0U3R5bGU7fWlmIChwYXJhbXMuc21hbGxBZEN0YVRleHQpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspLmlubmVyVGV4dD1wYXJhbXMuc21hbGxBZEN0YVRleHQ7fWlmIChwYXJhbXMuc21hbGxBZFN0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy5zbWFsbEFkQ3RhVGV4dDt9aWYgKHBhcmFtcy5zbWFsbEFkSW1nKXt2YXIgaW1nPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJnF1b3Q7aW1nJnF1b3Q7KTsgaW1nLmNsYXNzTGlzdC5hZGQoJnF1b3Q7YWQtaW1nJnF1b3Q7KTsgaW1nLnNyYz1wYXJhbXMuc21hbGxBZEltZzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspLmFwcGVuZENoaWxkKGltZyk7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjpyb3ctcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOyB3aWR0aDogY2FsYygxMDAlICsgNHB4KTsmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFkLWltZyZxdW90Oykuc3R5bGU9JnF1b3Q7aGVpZ2h0OiA5MCU7JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDtmb250LXNpemU6IDE2cHg7cGFkZGluZzogNXB4IDEwcHg7aGVpZ2h0OiB1bnNldDt3aWR0aDogdW5zZXQ7bGluZS1oZWlnaHQ6IHVuc2V0O21pbi13aWR0aDogdW5zZXQ7dGV4dC1zaGFkb3c6IHJnYmEoMCwgMCwgMCwgMC43NikgMS41cHggMS41cHggMi41cHg7Ym9yZGVyLXJhZGl1czogNTBweDtib3gtc2hhZG93OiByZ2IoMTY4LCA5OSwgNTkpIDBweCAxcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAycHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAzcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA0cHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA1cHggMHB4LCByZ2JhKDAsIDAsIDAsIDAuMSkgMHB4IDZweCAxcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggMHB4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjMpIDBweCAxcHggM3B4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDNweCA1cHgsIHJnYmEoMCwgMCwgMCwgMC4yNSkgMHB4IDVweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDEwcHggMTBweCwgcmdiYSgwLCAwLCAwLCAwLjE1KSAwcHggMjBweCAyMHB4O2JvcmRlcjogMXB4IHNvbGlkIHJnYigxOTEsIDE1NSwgNDgpO2JhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCgwZGVnLCByZ2IoMjM3LCAxNzAsIDUpIDAlLCByZ2IoMjU1LCAyMzUsIDEzOCkgMTAwJSk7JnF1b3Q7O31pZiAoaXNUcnVlKHBhcmFtcy5hbmltYXRlQWQpKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2FuaW1hdGVkJnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuYW5pbWF0ZWQgLnN0YXJ0JnF1b3Q7KS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBmbGV4O3dpZHRoOiAxMDB2dztqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsmcXVvdDs7IGRvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hbmltYXRlZCZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2hvdy1idG4mcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hZC1pbWcmcXVvdDspICZhbXA7JmFtcDsgKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoICZxdW90Oy5zaG93LWJ0biBpbWcmcXVvdDsgKS5zdHlsZS5oZWlnaHQ9JnF1b3Q7OTUlJnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGUuZm9udFNpemU9JnF1b3Q7MjBweCZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGUucGFkZGluZz0mcXVvdDs1cHggMjBweCZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvciggJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDsgKS5zdHlsZS5tYXJnaW5Cb3R0b209JnF1b3Q7MXB4JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rX3RleHQmcXVvdDspLnN0eWxlLmZvbnRTaXplPSZxdW90OzIwcHgmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjpyb3ctcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOyB3aWR0aDogY2FsYygxMDAlICsgNHB4KTsmcXVvdDs7IGxldCBhbmltYXRlZEludGVydmFsPXNldEludGVydmFsKGZ1bmN0aW9uKCl7aWYgKCBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hbmltYXRlZCAuc3RhcnQmcXVvdDspLnN0eWxlIC5kaXNwbGF5PT09JnF1b3Q7ZmxleCZxdW90OyApe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoICZxdW90Oy5hbmltYXRlZCAuc3RhcnQmcXVvdDsgKS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBub25lJnF1b3Q7OyBkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuYW5pbWF0ZWQmcXVvdDspIC5jbGFzc0xpc3QucmVtb3ZlKCZxdW90O3Nob3ctYnRuJnF1b3Q7KTsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFuaW1hdGVkJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtzaG93LW90aGVyJnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvciggJnF1b3Q7LmxpbmtzJnF1b3Q7ICkuc3R5bGUuanVzdGlmeUNvbnRlbnQ9JnF1b3Q7Y2VudGVyJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCAmcXVvdDsubGlua190ZXh0JnF1b3Q7ICkuc3R5bGUubWFyZ2luTGVmdD0mcXVvdDszMH&i=12-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
sktmCurno6J93uCOyh2IO9p4zR1RlPavTQoINyE41EB7kws1gNpzlw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=B4JnF1b3Q7O31lbHNle2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoICZxdW90Oy5hbmltYXRlZCAuc3RhcnQmcXVvdDsgKS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBmbGV4O3dpZHRoOiAxMDB2dztqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsmcXVvdDs7IGRvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hbmltYXRlZCZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2hvdy1idG4mcXVvdDspOyBkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuYW5pbWF0ZWQmcXVvdDspIC5jbGFzc0xpc3QucmVtb3ZlKCZxdW90O3Nob3ctb3RoZXImcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCAmcXVvdDsubGlua3MmcXVvdDsgKS5zdHlsZS5qdXN0aWZ5Q29udGVudD0mcXVvdDtzcGFjZS1iZXR3ZWVuJnF1b3Q7O319LCBwYXJhbXMuYW5pbWF0ZUFkSW50ZXJ2YWwpOyBmdW5jdGlvbiBzdG9wQW5pbWF0ZWRJbnRlcnZhbCgpe2NsZWFySW50ZXJ2YWwoYW5pbWF0ZWRJbnRlcnZhbCk7fWlmIChwYXJhbXMuYW5pbWF0ZUFkVGltZSl7c2V0VGltZW91dCggc3RvcEFuaW1hdGVkSW50ZXJ2YWwsIHBhcmFtcy5hbmltYXRlQWRUaW1lICk7fX19aWYgKGlzVHJ1ZShwYXJhbXMuaGFsZkltZ0xheW91dCkpe2xldCBjb250YWluZXI9ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oyk7IGxldCBpbWFnZT1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCZxdW90O2ltZyZxdW90Oyk7IGltYWdlLnNyYz1wYXJhbXMuYmFja2dyb3VuZEltYWdlTGluazsgaW1hZ2Uuc3R5bGU9JnF1b3Q7aGVpZ2h0OjU1dmg7IHdpZHRoOiA5N3Z3OyBoZWlnaHQ6IDU1dmg7cGFkZGluZy10b3A6IDJ2dzsmcXVvdDs7IGltYWdlLmNsYXNzTGlzdC5hZGQoJnF1b3Q7bWFpbi1pbWFnZSZxdW90Oyk7IGNvbnRhaW5lci5hcHBlbmRDaGlsZChpbWFnZSk7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmNvbnRhaW5lcl9faW5uZXImcXVvdDspLnN0eWxlPSZxdW90O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTtwYWRkaW5nOjAmcXVvdDs7IGZ1bmN0aW9uIHN0b3BWaWQoKXtkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgmcXVvdDt2aWRfbG9vcCZxdW90OykucGF1c2UoKTt9aWYgKHBhcmFtcy5oYWxmSW1nQXJ0aWNsZSl7aWYgKHBhcmFtcy5oYWxmSW1nVmlkZW9BcnRpY2xlKXtpbWFnZS5vdXRlckhUTUw9YCA8dmlkZW8gaWQ9JnF1b3Q7dmlkX2xvb3AmcXVvdDsgYXV0b3BsYXkgbG9vcCBtdXRlZCBzdHlsZT0mcXVvdDt3aWR0aDogMTAwdnc7IGhlaWdodDogYXV0byZxdW90Oz4gPHNvdXJjZSBzcmM9JnF1b3Q7JHtwYXJhbXMudmlkZW9MaW5rfSZxdW90OyB0eXBlPSZxdW90O3ZpZGVvL21wNCZxdW90Oz4gPC92aWRlb3M%2BIGA7fXNldFRpbWVvdXQoc3RvcFZpZCwgMjkwMDApOyBpbWFnZS5zdHlsZT0mcXVvdDt3aWR0aDogMTAwdnc7IGhlaWdodDogNjV2aDsmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3JBbGwoJnF1b3Q7Lm9wZW5fbGluayZxdW90OylbMl0uaW5uZXJIVE1MPWAgPGRpdiBjbGFzcz0mcXVvdDtoYWxmLUltZy1BcnRpY2xlLW1haW4mcXVvdDs%2BIDxwIHN0eWxlPSZxdW90OyR7cGFyYW1zLmhhbGZJbWdMYXlvdXRUaXRsZVN0eWxlID8gcGFyYW1zLmhhbGZJbWdMYXlvdXRUaXRsZVN0eWxlIDogJnF1b3Q7OyZxdW90O30mcXVvdDsgY2xhc3M9JnF1b3Q7aGFsZi1JbWctQXJ0aWNsZS10ZXh0JnF1b3Q7ID4ke3BhcmFtcy5oYWxmSW1nTGF5b3V0VGl0bGV9PC9wPjxwIHN0eWxlPSZxdW90OyR7cGFyYW1zLmhhbGZJbWdBcnRpY2xlQWRkaXRpb25hbFN0eWxlID8gcGFyYW1zLmhhbGZJbWdBcnRpY2xlQWRkaXRpb25hbFN0eWxlIDogJnF1b3Q7OyZxdW90O30mcXVvdDsgY2xhc3M9JnF1b3Q7aGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHQmcXVvdDs%2BJHtwYXJhbXMuaGFsZkltZ0FydGljbGVBZGRpdGlvbmFsVGV4dH08L3A%2BPC9kaXY%2BYDsgZG9jdW1lbnQucXVlcnlTZWxlY3RvckFsbCggJnF1b3Q7Lm9wZW5fbGluayZxdW90OyApWzFdLnN0eWxlLmRpc3BsYXk9JnF1b3Q7bm9uZSZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuYWR2X25hbWUmcXVvdDspLnN0eWxlLmZvbnRTaXplPSZxdW90OzExcHgmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFkdl9uYW1lJnF1b3Q7KS5zdHlsZS5jb2xvcj0mcXVvdDsjODI4MjgyJnF1b3Q7O31lbHNlIGlmIChwYXJhbXMudmlkZW9BZCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubWFpbi1pbWFnZSZxdW90Oykub3V0ZXJIVE1MPWAgPHZpZGVvIGlkPSZxdW90O3ZpZF9sb29wJnF1b3Q7IGF1dG9wbGF5IGxvb3AgbXV0ZWQgc3R5bGU9JnF1b3Q7d2lkdGg6IDEwMHZ3OyBoZWlnaHQ6IGF1dG8mcXVvdDs%2BIDxzb3VyY2Ugc3JjPSZxdW90OyR7cGFyYW1zLnZpZGVvTGlua30mcXVvdDsgdHlwZT0mcXVvdDt2aWRlby9tcDQmcXVvdDs%2BIDwvdmlkZW9zPiBgOyBzZXRUaW1lb3V0KHN0b3BWaWQsIDI5MDAwKTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsjYXR4dCZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtub25lJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hZHZfbmFtZSZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtub25lJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5vcGVuX2xpbmsgYnV0dG9uJnF1b3Q7KS5zdHlsZT0mcXVvdDt0ZXh0LXNoYWRvdzogcmdiKDAgMCAwIC8gNzYlKSAxLjVweCAxLjVweCAyLjVweDtib3JkZXItcmFkaXVzOiA1MHB4O2JveC1zaGFkb3c6IHJnYigxNjggOTkgNTkpIDBweCAxcHggMHB4LCByZ2IoMTY4IDk5IDU5KSAwcHggMnB4IDBweCwgcmdiKDE2OCA5OSA1OSkgMHB4IDNweCAwcHgsIHJnYigxNjggOTkgNTkpIDBweCA0cHggMHB4LCByZ2IoMTY4IDk5IDU5KSAwcHggNXB4IDBweCwgcmdiKDAgMCAwIC8gMTAlKSAwcHggNnB4IDFweCwgcmdiKDAgMCAwIC8gMTAlKSAwcHggMHB4IDVweCwgcmdiKDAgMCAwIC8gMzAlKSAwcHggMXB4IDNweCwgcmdiKDAgMCAwIC8gMjAlKSAwcHggM3B4IDVweCwgcmdiKDAgMCAwIC8gMjUlKSAwcHggNXB4IDEwcHgsIHJnYigwIDAgMCAvIDIwJSkgMHB4IDEwcHggMTBweCwgcmdiKDAgMCAwIC8gMTUlKSAwcHggMjBweCAyMHB4O2JvcmRlcjogMXB4IHNvbGlkIHJnYigxOTEsIDE1NSwgNDgpOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQoMGRlZywgcmdiKDIzNywgMTcwLCA1KSAwJSwgcmdiKDI1NSwgMjM1LCAxMzgpIDEwMCUpOyBwYWRkaW5nOiAwcHg7Zm9udC1zaXplOiBjbGFtcCgyMHB4LCA3dncsIDQwcHgpO3dpZHRoOiA2N3Z3O21hcmdpbi1ib3R0b206MnB4OyZxdW90OzsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7Lm9wZW5fbGluayBidXR0b24mcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O3ByZXNzLWRvd24mcXVvdDspO31lbHNle2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3JBbGwoJnF1b3Q7Lm9wZW5fbGluayZxdW90OylbMl0uaW5uZXJIVE1MPWAgPGRpdiBjbGFzcz0mcXVvdDtoYWxmLWltZy1tYWluJnF1b3Q7PiA8aW1nIGNsYXNzPSZxdW90O2hhbGYtaW1nLWxvZ28gJHshcGFyYW1zLmhhbGZJbWdMYXlvdXRMb2dvTGluayA%2FICZxdW90O2hpZGUmcXVvdDsgOiAmcXVvdDsmcXVvdDt9JnF1b3Q7IHNyYz0ke3BhcmFtcy5oYWxmSW1nTGF5b3V0TG9nb0xpbmt9Lz4gPGgxIGNsYXNzPSZxdW90O2hhbGYtaW1nLXRpdGxlJnF1b3Q7PiR7cGFyYW1zLmhhbGZJbWdMYXlvdXRUaXRsZX08L2gxPiA8L2Rpdj5gOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5oYWxmLWltZy10aXRsZSZxdW90Oykuc3R5bGU9JnF1b3Q7Zm9udC1zaXplOjI4cHg7dGV4dC1hbGlnbjpjZW50ZXI7bWFyZ2luOiBhdXRvIDR2dzsgbGluZS1oZWlnaHQ6IDEuMztjb2xvcjojMWYxZjFmO2ZvbnQtZmFtaWx5OidTZWN1bGFyIE9uZScmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmhhbGYtaW1nLWxvZ28mcXVvdDspLnN0eWxlPSZxdW90O3dpZHRoOiA1MHB4O3Bvc2l0aW9uOiBhYnNvbHV0ZTt0b3A6IDUydmg7bGVmdDogMDtyaWdodDogMDttYXJnaW46IGF1dG87JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90Oykuc3R5bGU9JnF1b3Q7anVzdGlmeS1jb250ZW50OiBzcGFjZS1ldmVubHk7JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDt3aWR0aDogNzB2dzttYXJnaW4tYm90dG9tOiAxMHB4O2ZvbnQtc2l6ZTogY2xhbXAoMTZweCwgNy4ydncsIDQwcHgpO3BhZGRpbmc6IDE1cHggMDsmcXVvdDsgKyBwYXJhbXMuaGFsZkltZ0N0YVN0eWxlO319aWYgKGlzVHJ1ZShwYXJhbXMuc2Vjb25kQWQpKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rX3RleHQmcXVvdDspLmlubmVySFRNTD1gIDxzcGFuIGNsYXNzPSdzZWNvbmQtYWQnPiA8aDMgY2xhc3M9J3NlY29uZC1hZC10b3AnPiR7cGFyYW1zLnNlY29uZEFkVGl0bGVUZXh0fTwvaDM%2BIDxzcGFuIGNsYXNzPSdzZWNvbmQtYWQtY29udGFpbmVyJz4gPHAgY2xhc3M9J3NlY29uZC1hZC10ZXh0Jz4ke3BhcmFtcy5zZWNvbmRBZEJvdHRvbVRpdGxlVGV4dH08L3A%2BPHNwYW4gY2xhc3M9J3NlY29uZC1hZC1jdGEnPiR7cGFyYW1zLnNlY29uZEFkQm90dG9tQ3RhVGV4dH08L3NwYW4%2BIDwvc3Bhbj4gPC9zcGFuPiA8L3NwYW4%2BYDsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmNvbnRhaW5lciZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2Vjb25kLWFkLXdyYXBwZXImcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hZHZfbmFtZSZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtub25lJnF1b3Q7OyBkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuc2Vjb25kLWFkLWN0YSZxdW90OykgLmFkZEV2ZW50TGlzdGVuZXIoJnF1b3Q7Y2xpY2smcXVvdDssIGZ1bmN0aW9uKCl7ZXZlbnQuc3RvcFByb3BhZ2F0aW9uKCk7IG5ldigmcXVvdDtjbGsmcXVvdDspOyBuZXYoJnF1b3Q7c2Vjb25kX2N0YV9jbGsmcXVvdDspOyByZXR1cm4gZmFsc2U7fSk7fWlmIChwYXJhbXMuc2Vjb25kQWRUaXRsZVN0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zZWNvbmQtYWQtdG9wJnF1b3Q7KS5zdHlsZT1wYXJhbXMuc2Vjb25kQWRUaXRsZVN0eWxlO31pZiAocGFyYW1zLnNlY29uZEFkU3VidGl0bGVTdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc2Vjb25kLWFkLXRleHQmcXVvdDspLnN0eWxlPXBhcmFtcy5zZWNvbmRBZFN1YnRpdGxlU3R5bGU7fWlmIChwYXJhbXMuc2Vjb25kQWRCdXR0b25TdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc2Vjb25kLWFkLWN0YSZxdW90Oykuc3R5bGU9cGFyYW1zLnNlY29uZEFkQnV0dG9uU3R5bGU7fWlmIChpc1RydWUocGFyYW1zLnNlY29uZEFkSG9yaXpvbnRhbCkpe2RvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zZWNvbmQtYWQtd3JhcHBlciZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciZxdW90Oyk7fWlmIChpc1RydWUocGFyYW1zLmZsaXBTZWNvbmRBZEhvcml6b250YWwpKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtmbGlwLXNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXImcXVvdDspO31pZiAoaXNUcnVlKHBhcmFtcy5zdG9yZUxheW91dCkpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmNvbnRhaW5lcl9faW5uZXImcXVvdDspLnN0eWxlPSZxdW90O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW47cGFkZGluZzowICZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubWFpbi1pbWFnZSZxdW90Oykuc3R5bGU9JnF1b3Q7d2lkdG&i=13-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
9ZrkPf7BcdMKkCD6Rd2D0H4qfrTTtz4MJ5HZlIHT3uzCiuxNGSoSFg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=g6MTAwdnc7aGVpZ2h0OiA1NXZoOyZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspLnN0eWxlLmZsZXhEaXJlY3Rpb249JnF1b3Q7cm93LXJldmVyc2UmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmhhbGYtaW1nLXRpdGxlJnF1b3Q7KS5zdHlsZT0mcXVvdDtmb250LXNpemU6MjhweDtmb250LXNpemU6Y2xhbXAoMjRweCw3LjV2dywyOHB4KTt0ZXh0LWFsaWduOmNlbnRlcjttYXJnaW46IGF1dG8gNHZ3OyBsaW5lLWhlaWdodDogMS4zO2NvbG9yOiMxZjFmMWY7Zm9udC1mYW1pbHk6J1NlY3VsYXIgT25lJyZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGU9JnF1b3Q7bWluLXdpZHRoOiB1bnNldDt3aWR0aDogbWF4LWNvbnRlbnQ7bWFyZ2luLWJvdHRvbTogNnZ3O2ZvbnQtc2l6ZTogY2xhbXAoMjBweCwgNHZ3LCA0MHB4KTsgcGFkZGluZzogMTBweCAzNXB4O21pbi1oZWlnaHQ6IHVuc2V0OyZxdW90OyArIHBhcmFtcy5zdG9yZUN0YVN0eWxlOyBsZXQgT2xkTG9nbz1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5oYWxmLWltZy1sb2dvJnF1b3Q7KTsgT2xkTG9nby5yZW1vdmUoKTsgbGV0IHN0b3JlV3JhcHBlcj1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCZxdW90O2RpdiZxdW90Oyk7IGxldCBsaW5rcz1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90Oyk7IGxpbmtzLnN0eWxlPSZxdW90O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1ldmVubHk7YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhOyZxdW90OzsgbGlua3MuYXBwZW5kKHN0b3JlV3JhcHBlcik7IHN0b3JlV3JhcHBlci5vdXRlckhUTUw9YCA8ZGl2IGNsYXNzPSZxdW90O3N0b3JlLXdyYXBwZXImcXVvdDsgc3R5bGU9JnF1b3Q7ZGlzcGxheTogZmxleDttYXJnaW4tcmlnaHQ6IGF1dG87bWFyZ2luLWxlZnQ6IDEwdnc7bWFyZ2luLXRvcDo2dncmcXVvdDs%2BIDxpbWcgc3R5bGU9JnF1b3Q7d2lkdGg6IGF1dG87aGVpZ2h0OiA3MHB4OyZxdW90OyBjbGFzcz0mcXVvdDtoYWxmLWltZy1sb2dvJnF1b3Q7IHNyYz0ke3BhcmFtcy5oYWxmSW1nTGF5b3V0TG9nb0xpbmt9Lz4gPGRpdiBzdHlsZT0mcXVvdDtwYWRkaW5nLWxlZnQ6MTVweDsmcXVvdDs%2BIDxoMiBzdHlsZT0mcXVvdDtmb250LXNpemU6IDI1cHg7IHBhZGRpbmctYm90dG9tOiAycHg7IGZvbnQtd2VpZ2h0OiA1MDA7JnF1b3Q7PkJ1YmJsZSBDYXPigKpo4oCsPC9oMj4gPGRpdiBzdHlsZT0mcXVvdDtwYWRkaW5nLWJvdHRvbToycHg7ZGlzcGxheTpmbGV4O2FsaWduLWl0ZW1zOiBjZW50ZXI7aGVpZ2h0OiAyMHB4O3RyYW5zZm9ybTogdHJhbnNsYXRlWCgtNnB4KTsmcXVvdDs%2BIDxpbWcgc3R5bGU9JnF1b3Q7d2lkdGg6MTAwcHgmcXVvdDsgc3JjPSR7cGFyYW1zLnN0b3JlU3RhcnN9Lz4gPHNwYW4gc3R5bGU9JnF1b3Q7Y29sb3I6Izk5OTk5OTsmcXVvdDs%2BKDE4LjlLKTwvc3Bhbj4gPC9kaXY%2BPHNwYW4gc3R5bGU9JnF1b3Q7Zm9udC1zaXplOjE1cHg7ZGlzcGxheTpmbGV4O2FsaWduLWl0ZW1zOmNlbnRlcjsmcXVvdDs%2BIDxzcGFuIHN0eWxlPSZxdW90O2NvbG9yOiM2MzYxNjE7JnF1b3Q7PkZSRUUgb248L3NwYW4%2BIDxpbWcgc3R5bGU9JnF1b3Q7d2lkdGg6MzBweDtwYWRkaW5nOiAwIDNweCAwIDVweDsmcXVvdDsgc3JjPSR7cGFyYW1zLmFwcFN0b3JlfS8%2BIDxzcGFuIHN0eWxlPSZxdW90O2NvbG9yOiM2MzYxNjE7Zm9udC13ZWlnaHQ6IDYwMDsmcXVvdDs%2BQXBwIFN0b3JlPC9zcGFuPiA8L3NwYW4%2BIDwvZGl2PjwvZGl2PmA7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFkdl9uYW1lJnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O25vbmUmcXVvdDs7fWlmIChpc1RydWUocGFyYW1zLmdvbGRlblN0eWxlQSkpe2RvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtnb2xkZW4tdGV4dC1zaGFkb3cmcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDtib3JkZXItcmFkaXVzOjUwcHg7Ym94LXNoYWRvdzpyZ2IoMTY4LCA5OSwgNTkpIDBweCAxcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAycHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAzcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA0cHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA1cHggMHB4LCByZ2JhKDAsIDAsIDAsIDAuMSkgMHB4IDZweCAxcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggMHB4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjMpIDBweCAxcHggM3B4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDNweCA1cHgsIHJnYmEoMCwgMCwgMCwgMC4yNSkgMHB4IDVweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDEwcHggMTBweCwgcmdiYSgwLCAwLCAwLCAwLjE1KSAwcHggMjBweCAyMHB4OyBib3JkZXI6IDFweCBzb2xpZCAjYmY5YjMwOyBiYWNrZ3JvdW5kOiByZ2IoMjQyLDE4NiwyKTsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KDBkZWcsIHJnYigyMzcgMTcwIDUpIDAlLCByZ2JhKDI1NSwyMzUsMTM4LDEpIDEwMCUpOyZxdW90Ozt9aWYgKGlzVHJ1ZShwYXJhbXMuZ29sZGVuU3R5bGVCKSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGU9JnF1b3Q7dGV4dC1zaGFkb3c6IHJnYmEoMCwgMCwgMCwgMC43NikgMS41cHggMS41cHggMi41cHg7IGJvcmRlci1yYWRpdXM6NTBweDtib3gtc2hhZG93OnJnYigxNjgsIDk5LCA1OSkgMHB4IDFweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDJweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDNweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDRweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDVweCAwcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggNnB4IDFweCwgcmdiYSgwLCAwLCAwLCAwLjEpIDBweCAwcHggNXB4LCByZ2JhKDAsIDAsIDAsIDAuMykgMHB4IDFweCAzcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggM3B4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjI1KSAwcHggNXB4IDEwcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggMTBweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMTUpIDBweCAyMHB4IDIwcHg7IGJvcmRlcjogMXB4IHNvbGlkICNiZjliMzA7IGJhY2tncm91bmQ6IHJnYigyNDIsMTg2LDIpOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQoMGRlZywgcmdiKDIzNyAxNzAgNSkgMCUsIHJnYmEoMjU1LDIzNSwxMzgsMSkgMTAwJSk7JnF1b3Q7O31pZiAocGFyYW1zLmxpbmtUYXJnZXQpe3dpbmRvdy5saW5rVGFyZ2V0PXBhcmFtcy5saW5rVGFyZ2V0O31pZiAocGFyYW1zLmNvbG9yKXt2YXIgY29sb3JPYmo9Y29sb3JzW3BhcmFtcy5jb2xvcl07IGlmIChjb2xvck9iail7dmFyIGJ0bj1kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCAmcXVvdDtzdGFydF9fYnRuJnF1b3Q7IClbMF07IHZhciBuZXdDc3M9YCAuc3RhcnRfX2J0bntiYWNrZ3JvdW5kOiAke2NvbG9yT2JqLmJhY2tncm91bmR9OyBib3gtc2hhZG93OiAzcHggM3B4IDBweCAke2NvbG9yT2JqLnNoYWRvd0NvbG9yfSwgMHB4IDNweCAxNXB4IHJnYmEoMCwwLDAsLjQpLCBpbnNldCAwcHggMXB4IDBweCByZ2JhKDI1NSwyNTUsMjU1LC4zKSwgaW5zZXQgMHB4IDBweCAzcHggcmdiYSgyNTUsMjU1LDI1NSwuNSk7IGJvcmRlcjogMXB4IHNvbGlkICR7Y29sb3JPYmouc2hhZG93Q29sb3J9O31gOyBpbmplY3RDc3MobmV3Q3NzKTt9fWlmIChpc1RydWUocGFyYW1zLmxvbmdCdG5UZXh0KSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDtidXR0b24mcXVvdDspLmNsYXNzTGlzdC5hZGQoJnF1b3Q7bG9uZy10ZXh0JnF1b3Q7KTt9aWYgKHBhcmFtcy5jdGFUZXh0KXt2YXIgYnRuPShkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCAmcXVvdDtzdGFydF9fYnRuJnF1b3Q7IClbMF0uaW5uZXJUZXh0PXBhcmFtcy5jdGFUZXh0KTt9aWYgKGlzVHJ1ZShwYXJhbXMuYnJpZ2h0KSl7dmFyIG5ld0Nzcz1gIC5tYWluOmhvdmVyey13ZWJraXQtZmlsdGVyOiBicmlnaHRuZXNzKDExMCUpO31gOyBpbmplY3RDc3MobmV3Q3NzKTt9aWYgKGlzVHJ1ZShwYXJhbXMuc2hhZG93SG92ZXIpKXt2YXIgbmV3Q3NzPWAgLnN0YXJ0X19idG46aG92ZXJ7Ym94LXNoYWRvdzogMHB4IDBweCAwcHg7fWA7IGluamVjdENzcyhuZXdDc3MpO31pZiAoaXNUcnVlKHBhcmFtcy5mbGlwT3JkZXIpKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5jb250YWluZXJfX2lubmVyJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjogcm93LXJldmVyc2UmcXVvdDs7fWlmIChpc1RydWUocGFyYW1zLmN0YVRleHRTaGFkb3cpKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDt0ZXh0LXNoYWRvdzogNHB4IDJweCAycHggcmdiYSgwLCAwLCAwLCAwLjc2KSZxdW90Ozt9aWYgKGlzVHJ1ZShwYXJhbXMuc2NhbGVCdG5PbkhvdmVyKSl7ZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2J0bi1zY2FsZS1ob3ZlciZxdW90Oyk7fWlmIChpc1RydWUocGFyYW1zLnNjYWxlT25FeHRlcm5hbEhvdmVyKSl7ZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7Lm1haW4mcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2V4dGVybmFsLWhvdmVyLWJ0bi1zY2FsZSZxdW90Oyk7fWlmIChwYXJhbXMuYnRuVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy5idG5UZXh0O31pZiAocGFyYW1zLmJ0blN0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT1wYXJhbXMuYnRuU3R5bGU7fWlmIChpc1RydWUocGFyYW1zLnRvcFRpdGxlKSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUtY29udGFpbmVyJnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O2ZsZXgmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnRpdGxlJnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O2Jsb2NrJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy50aXRsZS1hZGRpdGlvbiZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtibG9jayZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9JnF1b3Q7ZmxleC1kaXJlY3Rpb246IGNvbHVtbjsganVzdGlmeS1jb250ZW50OiBjZW50ZXI7ICZxdW90OzsgaWYgKGlzVHJ1ZShwYXJhbXMuY2VudGVyZWRUaXRsZSkpe2RvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7bGlua3MtbG9uZy10aXRsZSZxdW90Oyk7IGRvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtidG4tbG9uZy10aXRsZSZxdW90Oyk7fWVsc2V7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspLnN0eWxlPSZxdW90O3Bvc2l0aW9uOiBhYnNvbHV0ZTsgdG9wOiA0dmg7IGxlZnQ6IDA7IHJpZ2h0OiAwOyZxdW90OzsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnRpdGxlJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtmaXhlZC10aXRsZSZxdW90Oyk7fX1pZiAocGFyYW1zLnRpdGxlU3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnRpdGxlJnF1b3Q7KS5zdHlsZT1wYXJhbXMudGl0bGVTdHlsZTt9aWYgKHBhcmFtcy50aXRsZUFkZGl0aW9uU3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7Ln&i=14-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
NUJ84pVGouFn1Gg9La5BDaae9CvBcVc3CHU0vCcKwujMz7HKNV-8YQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=RpdGxlLWFkZGl0aW9uJnF1b3Q7KS5zdHlsZT1wYXJhbXMudGl0bGVBZGRpdGlvblN0eWxlO31pZiAoaXNUcnVlKHBhcmFtcy5sb25nVGl0bGUpKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2xvbmctdGl0bGUmcXVvdDspO31pZiAocGFyYW1zLmJvZHlTdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9cGFyYW1zLmJvZHlTdHlsZTt9aWYgKGlzVHJ1ZShwYXJhbXMuYm90dG9tVGl0bGUpKXsoZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspLnN0eWxlPSZxdW90O2Rpc3BsYXk6IGJsb2NrOyBmb250LXNpemU6IGNsYW1wKDQwcHgsIDh2dywgODBweCk7dGV4dC1hbGlnbjpjZW50ZXI7JnF1b3Q7KSwgKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBmbGV4O2ZsZXgtZGlyZWN0aW9uOiByb3c7IGFsaWduLWl0ZW1zOiBjZW50ZXI7d2lkdGg6MTAwdnc7IGp1c3RpZnktY29udGVudDpzcGFjZS1hcm91bmQ7bWFyZ2luLWJvdHRvbTogMXZ3OyBtYXJnaW4tYm90dG9tOiA0dnc7JnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9JnF1b3Q7ZmxleC1kaXJlY3Rpb246IGNvbHVtbi1yZXZlcnNlOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgJnF1b3Q7O31pZiAocGFyYW1zLnRpdGxlVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspLmlubmVyVGV4dD1wYXJhbXMudGl0bGVUZXh0O31pZiAocGFyYW1zLnRpdGxlQWRkaXRpb25UZXh0KXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy50aXRsZS1hZGRpdGlvbiZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy50aXRsZUFkZGl0aW9uVGV4dDt9aWYgKHBhcmFtcy5saW5rVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua190ZXh0JnF1b3Q7KS5pbm5lclRleHQ9cGFyYW1zLmxpbmtUZXh0O31pZiAocGFyYW1zLmxpbmtUZXh0U3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtfdGV4dCZxdW90Oykuc3R5bGU9cGFyYW1zLmxpbmtUZXh0U3R5bGU7fWlmIChwYXJhbXMubGlua1RleHRMaW5rU3R5bGUpe2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCZxdW90O2F0eHQmcXVvdDspLnN0eWxlPXBhcmFtcy5saW5rVGV4dExpbmtTdHlsZTt9dmFyIGJyb3dzZXI9KHdpbmRvdy5uYXZpZ2F0b3IudXNlckFnZW50LmluZGV4T2YoJyBFZGcnKSA%2BIC0xKSA%2FICZxdW90O0VkZ2UmcXVvdDsgOiAmcXVvdDtDaHJvbWUmcXVvdDs7IGlmKHBhcmFtcy5zdGVwc1RpdGxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5pbmZvX193cmFwcGVyIGg0JnF1b3Q7KS5pbm5lclRleHQ9cGFyYW1zLnN0ZXBzVGl0bGUucmVwbGFjZSgvXFwkXFwkQlJPV1NFUlxcJFxcJC9nLCBicm93c2VyKTt9aWYocGFyYW1zLnN0ZXBPbmVUZXh0KXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5pbmZvX193cmFwcGVyIGxpOm50aC1vZi10eXBlKDEpJnF1b3Q7KS5pbm5lckhUTUw9cGFyYW1zLnN0ZXBPbmVUZXh0LnJlcGxhY2UoL1xcJFxcJEJST1dTRVJcXCRcXCQvZywgYnJvd3Nlcik7fWlmKHBhcmFtcy5zdGVwVHdvVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuaW5mb19fd3JhcHBlciBsaTpudGgtb2YtdHlwZSgyKSZxdW90OykuaW5uZXJIVE1MPXBhcmFtcy5zdGVwVHdvVGV4dC5yZXBsYWNlKC9cXCRcXCRCUk9XU0VSXFwkXFwkL2csIGJyb3dzZXIpO31pZihwYXJhbXMuc3RlcFRocmVlVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuaW5mb19fd3JhcHBlciBsaTpudGgtb2YtdHlwZSgzKSZxdW90OykuaW5uZXJIVE1MPXBhcmFtcy5zdGVwVGhyZWVUZXh0LnJlcGxhY2UoL1xcJFxcJEJST1dTRVJcXCRcXCQvZywgYnJvd3Nlcik7fX1jYXRjaCAoZXJyKXtuZXYoJnF1b3Q7ZXJyXyZxdW90OyArIGVuY29kZVVSSUNvbXBvbmVudChlcnIudG9TdHJpbmcoKSkpO310cnl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDtib2R5JnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O2Jsb2NrJnF1b3Q7O31jYXRjaCAoZXJyKXt9PC9zY3JpcHQ%2BIDwvYm9keT48L2h0bWw%2BPC9kaXY%2BPHNjcmlwdCBkYXRhLWpjPSZxdW90OzIyJnF1b3Q7IHNyYz0mcXVvdDtodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2pzL3IyMDIxMTIwNy9yMjAxMTA5MTQvY2xpZW50L3dpbmRvd19mb2N1c19meTIwMTkuanMmcXVvdDsgYXN5bmMgZGF0YS1qYy12ZXJzaW9uPSZxdW90O3IyMDIxMTIwNyZxdW90OyBkYXRhLWpjcC11cmw9JnF1b3Q7aHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DSEwyQWc1eThZWm5vSk1qcjN3TzFfWUhJQTZ5ZDRxNW11ZEN1eXBZUHdJMjNBUkFCSUFCZ2xiS2hnckFIZ2dFWFkyRXRjSFZpTFRReE1UTTJPREU0T0RJek1URTBOVFhJQVFuZ0FnQ29Bd0dxQktnQ1Q5Q0tlanBmQ3NmQnZRY01SWlRiRUVSN25oY3NaT3FuZGk3YjNHVjF0Qi15c3Qxdk9EYVZKVzlhQUNMUUVxNmtoS3h1QzhxRHJ6SzZHdV81ZkVIdFFCMWxEV0loZkE1dlo2RGNJc2VkQWtUMU91SFpPcjdqdzRyLXJhdkRITi1OUXp2TzZBcXdhelQ2YjM4NnluNkc0dk44YjFjNS1aY0doek5JT2ZxWU02NWJ6Z19kSjNlQU1icC1iOGM1RVlDSUJiTW54cnVZVmR0OEhrV2xtUm1QUVhzcnIxbDN2SWYxWUNleTlZVTFHUmdaekF1WUl3Z0IyVUoxNXNkQXlvU1p5WG5vaktMNld5WXM0TGJvUEVIOVF0cmNiRkdCVGpQcEQyWVQzMWdNS0hYTnREQV9KRnIwNTc3T0NqRHNWcHFUanI0cmFwdWEySGRjbnRGeFp4NnJtVTd5UTFaOWJnRjEzLTJwblFPZjB1OGZRTUtzMEZMTkhIbGQyRTNVQjRsQ3RQNlZqRFQtQXBYZ0JBR0FCcDZIamJlTS1fV1ZKcUFHSWFnSHByNGJxQWVXMkJ1b0I2cWJzUUtvQjktZnNRTFlCd0RTQ0FVSWlHRVFBZm9MQWdnQmdBd0IwQlVCZ0JjQiZhbXA7YW1wO3NpZ2g9Wm5pSnp2TUFydEkmYW1wO2FtcDtjaWQ9Q0FRU1B3Q05JckxNNFVNejh2SGRVb2RXMG5iXzU3TXhiZVRpNm0ybjJCQXEydVlrcmdMa0ptSmdxYjZ2SWRpM21PRWFtQ3F3NHVpd3JCREtWc2ZMUnRjbUpBJnF1b3Q7IGRhdGEtamNwLWd3cy1pZD0mcXVvdDsmcXVvdDsgZGF0YS1qY3AtcWVtLWlkPSZxdW90O0NObTEzTm1ENl9RQ0ZjajFkd29kdFg0QU9RJnF1b3Q7Pjwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz0mcXVvdDsyMyZxdW90OyBzcmM9JnF1b3Q7aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9yMjAyMTEyMDcvcjIwMTEwOTE0L2NsaWVudC9xc19jbGlja19wcm90ZWN0aW9uX2Z5MjAxOS5qcyZxdW90OyBkYXRhLWpjLXZlcnNpb249JnF1b3Q7cjIwMjExMjA3JnF1b3Q7Pjwvc2NyaXB0PjxzY3JpcHQ%2BZ29vZ3FzY3AuaW5pdChbW1tbbnVsbCw1MDAsOTksMiw5LG51bGwsbnVsbCxudWxsLDFdXV1dKTs8L3NjcmlwdD48aW1nIHNyYz0mcXVvdDsvL3d3dy5nb29nbGUuY29tL2Fkcy9tZWFzdXJlbWVudC9sP2ViY2lkPUFMaDdDYVJKbzZhQ09vbGtucmNSNFVZMkRlX1FTbWhGRkR6UnNoY3N0OHFWWGhlRWF3aWxKWDVMSEl3YlF3RUk0Y3Z4QkVZMHY2c1pGcEYwMFBKMjFZQXhGUEJhWGtfZXNBJnF1b3Q7IHN0eWxlPSZxdW90O2Rpc3BsYXk6bm9uZTsmcXVvdDsgYWx0PSZxdW90OyZxdW90Oz48L2ltZz48c2NyaXB0IHNyYz0mcXVvdDtodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FmZWZyYW1lLzEtMC0zOC9qcy9leHQuanMmcXVvdDs%2BPC9zY3JpcHQ%2BPGRpdiBzdHlsZT0mcXVvdDtib3R0b206MDtyaWdodDowO3dpZHRoOjk3MHB4O2hlaWdodDoyNTBweDtiYWNrZ3JvdW5kOmluaXRpYWwgIWltcG9ydGFudDtwb3NpdGlvbjphYnNvbHV0ZSAhaW1wb3J0YW50O21heC13aWR0aDoxMDAlICFpbXBvcnRhbnQ7bWF4LWhlaWdodDoxMDAlICFpbXBvcnRhbnQ7cG9pbnRlci1ldmVudHM6bm9uZSAhaW1wb3J0YW50O2ltYWdlLXJlbmRlcmluZzpwaXhlbGF0ZWQgIWltcG9ydGFudDt6LWluZGV4OjIxNDc0ODM2NDc7YmFja2dyb3VuZC1pbWFnZTp1cmwoJ2RhdGE6aW1hZ2UvcG5nO2Jhc2U2NCxpVkJPUncwS0dnb0FBQUFOU1VoRVVnQUFBQ3NBQUFBV0JBTUFBQUNybDNpQUFBQUFCbEJNVkVVQUFBRCtBY2lXbVp6V0FBQUFBblJTVGxNQUFwaWRyQlFBQUFCMlNVUkJWQmpUYlpBTERzQXdDRUx4QnR6L3RJcy8xR2F1YVdyNnBBemd2eXdMaGxqVkFZeGIraUxWR1pMVmw1TUJVV2gzb3UybDBUdW5HeWZGbGhPVml4N2ZLTGFjdHpaYldtYmdsMFhHQ1MzTVpXZEczL2V2RHlrbi9aSmJXcnVjSzRVOHlJd1NQSE9UNElwdld5YjFEeXRCWmVQMUFjRDhCTndlaDRIbUFBQUFBRWxGVGtTdVFtQ0MnKSAhaW1wb3J0YW50OyZxdW90Oz48L2Rpdj48c2NyaXB0IGRhdGEtamM9JnF1b3Q7MTAzJnF1b3Q7IGRhdGEtamMtdmVyc2lvbj0mcXVvdDtyMjAyMTEyMDcmcXVvdDsgZGF0YS1qY3AtYmFzZV91cmw9JnF1b3Q7aHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2NvbnZlcnNpb24vP2FpPUNITDJBZzV5OFlabm9KTWpyM3dPMV9ZSElBNnlkNHE1bXVkQ3V5cFlQd0kyM0FSQUJJQUJnbGJLaGdyQUhnZ0VYWTJFdGNIVmlMVFF4TVRNMk9ERTRPREl6TVRFME5UWElBUW5nQWdDb0F3R3FCS2dDVDlDS2VqcGZDc2ZCdlFjTVJaVGJFRVI3bmhjc1pPcW5kaTdiM0dWMXRCLXlzdDF2T0RhVkpXOWFBQ0xRRXE2a2hLeHVDOHFEcnpLNkd1XzVmRUh0UUIxbERXSWhmQTV2WjZEY0lzZWRBa1QxT3VIWk9yN2p3NHItcmF2REhOLU5RenZPNkFxd2F6VDZiMzg2eW42RzR2TjhiMWM1LVpjR2h6TklPZnFZTTY1YnpnX2RKM2VBTWJwLWI4YzVFWUNJQmJNbnhydVlWZHQ4SGtXbG1SbVBRWHNycjFsM3ZJZjFZQ2V5OVlVMUdSZ1p6QXVZSXdnQjJVSjE1c2RBeW9TWnlYbm9qS0w2V3lZczRMYm9QRUg5UXRyY2JGR0JUalBwRDJZVDMxZ01LSFhOdERBX0pGcjA1NzdPQ2pEc1ZwcVRqcjRyYXB1YTJIZGNudEZ4Wng2cm1VN3lRMVo5YmdGMTMtMnBuUU9mMHU4ZlFNS3MwRkxOSEhsZDJFM1VCNGxDdFA2VmpEVC1BcFhnQkFHQUJwNkhqYmVNLV9XVkpxQUdJYWdIcHI0YnFBZVcyQnVvQjZxYnNRS29COS1mc1FMWUJ3RFNDQVVJaUdFUUFmb0xBZ2dCZ0F3QjBCVUJnQmNCJmFtcDthbXA7c2lnaD1abmlKenZNQXJ0SSZxdW90OyBkYXRhLWpjcC1jcHVfbGFiZWw9JnF1b3Q7aGVhdnlfYWRfaW50ZXJ2ZW50aW9uX2NwdSZxdW90OyBkYXRhLWpjcC1uZXRfbGFiZWw9JnF1b3Q7aGVhdnlfYWRfaW50ZXJ2ZW50aW9uX25ldHdvcmsmcXVvdDs%2BKGZ1bmN0aW9uKCl7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovICd1c2Ugc3RyaWN0JzsvKiAgU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gY29uc3QgZD1mdW5jdGlvbihhLGI9bnVsbCl7cmV0dXJuIGImYW1wOyZhbXA7Yi5nZXRBdHRyaWJ1dGUoJnF1b3Q7ZGF0YS1qYyZxdW90Oyk9PT1TdHJpbmcoYSk%2FYjpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKGBbJHsmcXVvdDtkYXRhLWpjJnF1b3Q7fT0mcXVvdDske2F9JnF1b3Q7XWApfSgxMDMsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7aWYobnVsbD09ZCl0aHJvdyBFcnJvcigmcXVvdDtKU0Mgbm90IGZvdW5kIDEwMyZxdW90Oyk7Y29uc3QgZj17fSxrPWQuYXR0cmlidXRlcztmb3IobGV0IGE9ay5sZW5ndGgtMTswPD1hO2EtLSl7Y29uc3QgYj1rW2FdLm5hbWU7MD09PWIuaW5kZXhPZigmcXVvdDtkYXRhLWpjcC0mcXVvdDspJmFtcDsmYW1wOyhmW2Iuc3Vic3RyaW5nKDkpXT1rW2FdLnZhbHVlKX0gKGZ1bmN0aW9uKGEsYixsKXt2YXIgZT13aW5kb3c7YSZhbXA7JmFtcDtiJmFtcDsmYW1wO2wmYW1wOyZhbX&i=15-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
DeECVfugdMvEkjiD1-O1YBGko4GINtwESFDy6PEz9Z55C3IE5l46Ew==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=A7ZS5SZXBvcnRpbmdPYnNlcnZlciZhbXA7JmFtcDtlLmZldGNoJmFtcDsmYW1wOyhuZXcgZS5SZXBvcnRpbmdPYnNlcnZlcigoYyxtKT0%2Be3ZhciBnLGg7Yz1jWzBdOyZxdW90O0hlYXZ5QWRJbnRlcnZlbnRpb24mcXVvdDs9PT0obnVsbD09PShnPW51bGw9PT1jfHx2b2lkIDA9PT1jP3ZvaWQgMDpjLmJvZHkpfHx2b2lkIDA9PT1nP3ZvaWQgMDpnLmlkKSZhbXA7JmFtcDsoYz0wPCgobnVsbD09PShoPWMuYm9keS5tZXNzYWdlKXx8dm9pZCAwPT09aD92b2lkIDA6aC5pbmRleE9mKCZxdW90O25ldHdvcmsmcXVvdDspKXx8MCk%2FbDpiLGUuZmV0Y2goYCR7YX0mYW1wO2xhYmVsPSR7Y31gLHtrZWVwYWxpdmU6ITAsbWV0aG9kOiZxdW90O2dldCZxdW90Oyxtb2RlOiZxdW90O25vLWNvcnMmcXVvdDt9KSxtLmRpc2Nvbm5lY3QoKSl9LHt0eXBlczpbJnF1b3Q7aW50ZXJ2ZW50aW9uJnF1b3Q7XSxidWZmZXJlZDohMH0pKS5vYnNlcnZlKCl9KShmLmJhc2VfdXJsLGYuY3B1X2xhYmVsLGYubmV0X2xhYmVsKTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQgaWQ9JnF1b3Q7Z29vZ2xlQWN0aXZlVmlld0Rpc3BsYXlTY3JpcHQmcXVvdDsgc3JjPSZxdW90O2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ3NlcnZpY2VzLmNvbS9hY3RpdmV2aWV3L2pzL2N1cnJlbnQvcnhfbGlkYXIuanM%2FY2FjaGU9cjIwMTEwOTE0JnF1b3Q7Pjwvc2NyaXB0PjxzY3JpcHQgdHlwZT0mcXVvdDt0ZXh0L2phdmFzY3JpcHQmcXVvdDs%2Bb3NkbGZtKCk7PC9zY3JpcHQ%2BPC9ib2R5PjwvaHRtbD57JnF1b3Q7dWlkJnF1b3Q7OiZxdW90OzEmcXVvdDssJnF1b3Q7aG9zdFBlZXJOYW1lJnF1b3Q7OiZxdW90O2h0dHBzOi8vdGhyZWF0cG9zdC5jb20mcXVvdDssJnF1b3Q7aW5pdGlhbEdlb21ldHJ5JnF1b3Q7OiZxdW90O3tcXCZxdW90O3dpbmRvd0Nvb3Jkc190XFwmcXVvdDs6MCxcXCZxdW90O3dpbmRvd0Nvb3Jkc19yXFwmcXVvdDs6MTYwMCxcXCZxdW90O3dpbmRvd0Nvb3Jkc19iXFwmcXVvdDs6MTIwMCxcXCZxdW90O3dpbmRvd0Nvb3Jkc19sXFwmcXVvdDs6MCxcXCZxdW90O2ZyYW1lQ29vcmRzX3RcXCZxdW90Ozo4LFxcJnF1b3Q7ZnJhbWVDb29yZHNfclxcJnF1b3Q7OjEyODUsXFwmcXVvdDtmcmFtZUNvb3Jkc19iXFwmcXVvdDs6MjU4LFxcJnF1b3Q7ZnJhbWVDb29yZHNfbFxcJnF1b3Q7OjMxNSxcXCZxdW90O3N0eWxlWkluZGV4XFwmcXVvdDs6XFwmcXVvdDthdXRvXFwmcXVvdDssXFwmcXVvdDthbGxvd2VkRXhwYW5zaW9uX3RcXCZxdW90Ozo4LFxcJnF1b3Q7YWxsb3dlZEV4cGFuc2lvbl9yXFwmcXVvdDs6MzE1LFxcJnF1b3Q7YWxsb3dlZEV4cGFuc2lvbl9iXFwmcXVvdDs6OTQyLFxcJnF1b3Q7YWxsb3dlZEV4cGFuc2lvbl9sXFwmcXVvdDs6MzE1LFxcJnF1b3Q7eEluVmlld1xcJnF1b3Q7OjEsXFwmcXVvdDt5SW5WaWV3XFwmcXVvdDs6MX0mcXVvdDssJnF1b3Q7cGVybWlzc2lvbnMmcXVvdDs6JnF1b3Q7e1xcJnF1b3Q7ZXhwYW5kQnlPdmVybGF5XFwmcXVvdDs6ZmFsc2UsXFwmcXVvdDtleHBhbmRCeVB1c2hcXCZxdW90OzpmYWxzZSxcXCZxdW90O3JlYWRDb29raWVcXCZxdW90OzpmYWxzZSxcXCZxdW90O3dyaXRlQ29va2llXFwmcXVvdDs6ZmFsc2V9JnF1b3Q7LCZxdW90O21ldGFkYXRhJnF1b3Q7OiZxdW90O3tcXCZxdW90O3NoYXJlZFxcJnF1b3Q7OntcXCZxdW90O3NmX3ZlclxcJnF1b3Q7OlxcJnF1b3Q7MS0wLTM4XFwmcXVvdDssXFwmcXVvdDtja19vblxcJnF1b3Q7OjEsXFwmcXVvdDtmbGFzaF92ZXJcXCZxdW90OzpcXCZxdW90OzBcXCZxdW90O319JnF1b3Q7LCZxdW90O3JlcG9ydENyZWF0aXZlR2VvbWV0cnkmcXVvdDs6ZmFsc2UsJnF1b3Q7aXNEaWZmZXJlbnRTb3VyY2VXaW5kb3cmcXVvdDs6ZmFsc2UsJnF1b3Q7Z29vZ19zYWZlZnJhbWVfaGx0JnF1b3Q7Ont9LCZxdW90O2VuY3J5cHRpb25Nb2RlJnF1b3Q7Om51bGx9XCIgc2Nyb2xsaW5nPVwibm9cIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgd2lkdGg9XCI5NzBcIiBoZWlnaHQ9XCIyNTBcIiBkYXRhLWlzLXNhZmVmcmFtZT1cInRydWVcIiBzYW5kYm94PVwiYWxsb3ctZm9ybXMgYWxsb3ctcG9wdXBzIGFsbG93LXBvcHVwcy10by1lc2NhcGUtc2FuZGJveCBhbGxvdy1zYW1lLW9yaWdpbiBhbGxvdy1zY3JpcHRzIGFsbG93LXRvcC1uYXZpZ2F0aW9uLWJ5LXVzZXItYWN0aXZhdGlvblwiIGFsbG93PVwiYXR0cmlidXRpb24tcmVwb3J0aW5nXCIgcm9sZT1cInJlZ2lvblwiIGFyaWEtbGFiZWw9XCJBZHZlcnRpc2VtZW50XCIgdGFiaW5kZXg9XCIwXCIgZGF0YS1nb29nbGUtY29udGFpbmVyLWlkPVwiMVwiIHN0eWxlPVwiYm9yZGVyOiAwcHg7IHZlcnRpY2FsLWFsaWduOiBib3R0b207XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tL2pzL2NvcmUvYnJpZGdlMy40OTMuMF9lbi5odG1sI2dvb2dfMTQ3Mjk0ODM5MFwiIGFsbG93ZnVsbHNjcmVlbj1cIlwiIGFsbG93PVwiYXV0b3BsYXk7YXR0cmlidXRpb24tcmVwb3J0aW5nXCIgaWQ9XCJnb29nXzE0NzI5NDgzOTBcIiBzdHlsZT1cImJvcmRlcjogMHB4OyBvcGFjaXR5OiAwOyBtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBwb3NpdGlvbjogcmVsYXRpdmU7IGNvbG9yLXNjaGVtZTogbGlnaHQ7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tL2pzL2NvcmUvYnJpZGdlMy40OTMuMF9lbi5odG1sI2dvb2dfODI1MzUyMDk1XCIgYWxsb3dmdWxsc2NyZWVuPVwiXCIgYWxsb3c9XCJhdXRvcGxheTthdHRyaWJ1dGlvbi1yZXBvcnRpbmdcIiBpZD1cImdvb2dfODI1MzUyMDk1XCIgc3R5bGU9XCJib3JkZXI6IDBweDsgb3BhY2l0eTogMDsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDBweDsgcG9zaXRpb246IHJlbGF0aXZlOyBjb2xvci1zY2hlbWU6IGxpZ2h0O1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBzcmM9XCJodHRwczovL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9jb3JlL2JyaWRnZTMuNDkzLjBfZW4uaHRtbCNnb29nXzIwMTg2OTQ4NDRcIiBhbGxvd2Z1bGxzY3JlZW49XCJcIiBhbGxvdz1cImF1dG9wbGF5O2F0dHJpYnV0aW9uLXJlcG9ydGluZ1wiIGlkPVwiZ29vZ18yMDE4Njk0ODQ0XCIgc3R5bGU9XCJib3JkZXI6IDBweDsgb3BhY2l0eTogMDsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDBweDsgcG9zaXRpb246IHJlbGF0aXZlOyBjb2xvci1zY2hlbWU6IGxpZ2h0O1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBzcmM9XCJodHRwczovL2NhMTQzOTFhODI0ZTQ2NDM4MGYwMWFiNGI2YzAyZDcyLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FmZWZyYW1lLzEtMC0zOC9odG1sL2NvbnRhaW5lci5odG1sXCIgc3R5bGU9XCJ2aXNpYmlsaXR5OiBoaWRkZW47IGRpc3BsYXk6IG5vbmU7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zb2Rhci9zb2RhcjIvMjI1L3J1bm5lci5odG1sXCIgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIHN0eWxlPVwiZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT5cbjxpZnJhbWUgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9yZWNhcHRjaGEvYXBpMi9hZnJhbWVcIiB3aWR0aD1cIjBcIiBoZWlnaHQ9XCIwXCIgc3R5bGU9XCJkaXNwbGF5OiBub25lO1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBpZD1cInBtLTg3XCIgc3JjPVwiaHR0cHM6Ly9hZHMucHVibWF0aWMuY29tL0FkU2VydmVyL2pzL3Nob3dhZC5qcz8jUElYJmFtcDtpdD0yJmFtcDtrZG50dWlkPTEmYW1wO25wPTAmYW1wO3A9MTU2ODU4JmFtcDtzPTYzMDkwNyZhbXA7YT0yNDQ2MDA4XCIgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIHNjcm9sbGluZz1cIm5vXCIgc3R5bGU9XCJoZWlnaHQ6IDBweDsgd2lkdGg6IDBweDsgZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT48L2JvZHk%2BPC9odG1sPiIsImJsYWNrbGlzdERhdGEiOnsiYWN0aW9uIjoxMCwiYWN0aW9uRGV0YWlscyI6ImFsZ2JpZC5hcHAiLCJyZXBvcnRSYXRpbyI6MSwicmVwb3J0TWFya3VwIjp0cnVlLCJpdGVtcyI6W3siaG9zdG5hbWUiOiJhbGdiaWQuYXBwIiwidG9rZW4iOiIiLCJhY3Rpb24iOjEwfSx7Imhvc3RuYW1lIjoiYWxnYmlkLmFwcCIsInRva2VuIjoiIiwiYWN0aW9uIjoxMH1dLCJtYXJrdXAiOiI8IS0tIHRydW5jYXRlZC4uLiAtLT4wXTthPVwiXCI7Zm9yKGxldCBjPTA7YzxiLmxlbmd0aDtjKyspYSs9U3RyaW5nLmZyb21DaGFyQ29kZShiLmNoYXJDb2RlQXQoYyleXCJcXHUwMDAzXFx1MDAwN1xcdTAwMDNcXHUwMDA3XFxiXFx1MDAwNFxcdTAwMDRcXHUwMDA2XFx1MDAwNVxcdTAwMDNcIi5jaGFyQ29kZUF0KGMlMTApKTt0aGlzLmc9SlNPTi5wYXJzZShhKX1jYXRjaChiKXt9fX0sTjt2YXIgTGE9ZG9jdW1lbnQsTWE9d2luZG93O3ZhciBOYT0hIXdpbmRvdy5nb29nbGVfYXN5bmNfaWZyYW1lX2lkO2xldCBPPU5hJiZ3aW5kb3cucGFyZW50fHx3aW5kb3c7Y2xhc3MgT2F7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fFwiXCI7dGhpcy5pZD1iLmlkfHxcImpzZXJyb3JcIjt0aGlzLm1ldGE9e319fTtjb25zdCBQYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKTt2YXIgUWE9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn19LFJhPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLm09ISFiO3RoaXMuZGVwdGg9bnVsbH19O2Z1bmN0aW9uIFAoYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gU2EoYSxiLGMsZCxmKXtjb25zdCBnPVtdO0ooYSxmdW5jdGlvbihlLGspeyhlPVRhKGUsYixjLGQsZikpJiZnLnB1c2goaytcIj1cIitlKX0pO3JldHVybiBnLmpvaW4oYil9IGZ1bmN0aW9uIFRhKGEsYixjLGQsZil7aWYobnVsbD09YSlyZXR1cm5cIlwiO2I9Ynx8XCImXCI7Yz1jfHxcIiwkXCI7XCJzdHJpbmdcIj09dHlwZW9mIGMmJihjPWMuc3BsaXQoXCJcIikpO2lmKGEgaW5zdGFuY2VvZiBBcnJheSl7aWYoZD1kfHwwLGQ8Yy5sZW5ndGgpe2NvbnN0IGc9W107Zm9yKGxldCBlPTA7ZTxhLmxlbmd0aDtlKyspZy5wdXNoKFRhKGFbZV0sYixjLGQrMSxmKSk7cmV0dXJuIGcuam9pbihjW2RdKX19ZWxzZSBpZihcIm9iamVjdFwiPT10eXBlb2YgYSlyZXR1cm4gZj1mfHwwLDI%2BZj9lbmNvZGVVUklDb21wb25lbnQoU2EoYSxiLGMsZCxmKzEpKTpcIi4uLlwiO3JldHVybiBlbmNvZGVVUklDb21wb25lbnQoU3RyaW5nKGEpKX1mdW5jdGlvbiBVYShhKXtsZXQgYj0xO2Zvcihjb25zdCBjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX0gZnVuY3Rpb24gVmEoYSxiLGMpe2I9YitcIi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb21cIitjO2xldCBkPVVhKGEpLWMubGVuZ3RoO2lmKDA%2BZClyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKGcsZSl7cmV0dXJuIGctZX0pO2M9bnVsbDtsZXQgZj1cIlwiO2ZvcihsZXQgZz0wO2c8YS5nLmxlbmd0aDtnKyspe2NvbnN0IGU9YS5nW2ddLGs9YS5oW2VdO2ZvcihsZXQgaD0wO2g8ay5sZW5ndGg7aCsrKXtpZighZCl7Yz1udWxsPT1jP2U6YzticmVha31sZXQgbD1TYShrW2hdLGEuaSxcIiwkXCIpO2lmKGwpe2w9ZitsO2lmKGQ%2BPWwubGVuZ3RoKXtkLT1sLmxlbmd0aDtiKz1sO2Y9YS5pO2JyZWFrfWM9bnVsbD09Yz9lOmN9fX1hPVwiXCI7bnVsbCE9YyYmKGE9ZitcInRybj1cIitjKTtyZXR1cm4gYithfWNsYXNzIFF7Y29uc3RydWN0b3IoKXt0aGlzLmk9XCImXCI7dGhpcy5oPXt9O3RoaXMuaj0wO3RoaXMuZz1bXX19O2Z1bmN0aW9uIFdhKCl7dmFyIGE9UixiPVMuZ29vZ2xlX3NydDswPD1iJiYxPj1iJiYoYS5nPWIpfWZ1bmN0aW9uIFQoYSxiLGMs&i=16-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
EZbCBcMeS7IKoVf1NtCaIrK6wtBcNchYtWGbPlXrcAEL81PdIi9j7g==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=ZCxmLGcpe2lmKChkP2EuZzpNYXRoLnJhbmRvbSgpKTwoZnx8LjAxKSl0cnl7bGV0IGU7YyBpbnN0YW5jZW9mIFE%2FZT1jOihlPW5ldyBRLEooYywoaCxsKT0%2Be3ZhciBtPWUsbj1tLmorKztoPVAobCxoKTttLmcucHVzaChuKTttLmhbbl09aH0pKTtjb25zdCBrPVZhKGUsYS5oLFwiL3BhZ2VhZC9nZW5fMjA0P2lkPVwiK2IrXCImXCIpO2smJihcInVuZGVmaW5lZFwiIT09dHlwZW9mIGc%2FTChyLGssZyk6TChyLGspKX1jYXRjaChlKXt9fWNsYXNzIFhhe2NvbnN0cnVjdG9yKCl7dmFyIGE9dm9pZCAwPT09YT9NYTphO3RoaXMuaD1cImh0dHA6XCI9PT1hLmxvY2F0aW9uLnByb3RvY29sP1wiaHR0cDpcIjpcImh0dHBzOlwiO3RoaXMuZz1NYXRoLnJhbmRvbSgpfX07bGV0IFU9bnVsbDt2YXIgWWE9KCk9Pntjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmJmEubm93JiZhLnRpbWluZz9NYXRoLmZsb29yKGEubm93KCkrYS50aW1pbmcubmF2aWdhdGlvblN0YXJ0KTpEYXRlLm5vdygpfSxaYT0oKT0%2Be2NvbnN0IGE9ci5wZXJmb3JtYW5jZTtyZXR1cm4gYSYmYS5ub3c%2FYS5ub3coKTpudWxsfTtjbGFzcyAkYXtjb25zdHJ1Y3RvcihhLGIpe3ZhciBjPVphKCl8fFlhKCk7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1iO3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPTA7dGhpcy51bmlxdWVJZD1NYXRoLnJhbmRvbSgpO3RoaXMuc2xvdElkPXZvaWQgMH19O2NvbnN0IFY9ci5wZXJmb3JtYW5jZSxhYj0hIShWJiZWLm1hcmsmJlYubWVhc3VyZSYmVi5jbGVhck1hcmtzKSxXPWZ1bmN0aW9uKGEpe2xldCBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX0oKCk9Pnt2YXIgYTtpZihhPWFiKXt2YXIgYjtpZihudWxsPT09VSl7VT1cIlwiO3RyeXthPVwiXCI7dHJ5e2E9ci50b3AubG9jYXRpb24uaGFzaH1jYXRjaChjKXthPXIubG9jYXRpb24uaGFzaH1hJiYoVT0oYj1hLm1hdGNoKC9cXGJkZWlkPShbXFxkLF0rKS8pKT9iWzFdOlwiXCIpfWNhdGNoKGMpe319Yj1VO2E9ISFiLmluZGV4T2YmJjA8PWIuaW5kZXhPZihcIjEzMzdcIil9cmV0dXJuIGF9KTtmdW5jdGlvbiBiYihhKXthJiZWJiZXKCkmJihWLmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YCksVi5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgKSl9IGNsYXNzIGNie2NvbnN0cnVjdG9yKCl7dmFyIGE9Uzt0aGlzLmg9W107dGhpcy5pPWF8fHI7bGV0IGI9bnVsbDthJiYoYS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlPWEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZXx8W10sdGhpcy5oPWEuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZSxiPWEuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nKTt0aGlzLmc9VygpfHwobnVsbCE9Yj9iOjE%2BTWF0aC5yYW5kb20oKSl9c3RhcnQoYSxiKXtpZighdGhpcy5nKXJldHVybiBudWxsO2E9bmV3ICRhKGEsYik7Yj1gZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fc3RhcnRgO1YmJlcoKSYmVi5tYXJrKGIpO3JldHVybiBhfWVuZChhKXtpZih0aGlzLmcmJlwibnVtYmVyXCI9PT10eXBlb2YgYS52YWx1ZSl7YS5kdXJhdGlvbj0oWmEoKXx8WWEoKSktYS52YWx1ZTt2YXIgYj1gZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fZW5kYDtWJiZXKCkmJlYubWFyayhiKTshdGhpcy5nfHwyMDQ4PHRoaXMuaC5sZW5ndGh8fCB0aGlzLmgucHVzaChhKX19fTtmdW5jdGlvbiBYKGEpe2xldCBiPWEudG9TdHJpbmcoKTthLm5hbWUmJi0xPT1iLmluZGV4T2YoYS5uYW1lKSYmKGIrPVwiOiBcIithLm5hbWUpO2EubWVzc2FnZSYmLTE9PWIuaW5kZXhPZihhLm1lc3NhZ2UpJiYoYis9XCI6IFwiK2EubWVzc2FnZSk7aWYoYS5zdGFjayl7YT1hLnN0YWNrO3RyeXstMT09YS5pbmRleE9mKGIpJiYoYT1iK1wiXFxuXCIrYSk7bGV0IGM7Zm9yKDthIT1jOyljPWEsYT1hLnJlcGxhY2UoLygoaHR0cHM%2FOlxcLy4uKlxcLylbXlxcLzpdKjpcXGQrKD86LnxcXG4pKilcXDIvLFwiJDFcIik7Yj1hLnJlcGxhY2UoL1xcbiAqL2csXCJcXG5cIil9Y2F0Y2goYyl7fX1yZXR1cm4gYn0gZnVuY3Rpb24gZGIoYSxiKXtsZXQgYyxkO3RyeXthLmcmJmEuZy5nPyhkPWEuZy5zdGFydCgoOTAzKS50b1N0cmluZygpLDMpLGM9YigpLGEuZy5lbmQoZCkpOmM9YigpfWNhdGNoKGYpe2I9ITA7dHJ5e2JiKGQpLGI9YS5zKDkwMyxuZXcgT2EoZix7bWVzc2FnZTpYKGYpfSksdm9pZCAwLHZvaWQgMCl9Y2F0Y2goZyl7YS5vKDIxNyxnKX1pZihiKXtsZXQgZyxlO251bGw9PShnPXdpbmRvdy5jb25zb2xlKXx8bnVsbD09KGU9Zy5lcnJvcil8fGUuY2FsbChnLGYpfWVsc2UgdGhyb3cgZjt9cmV0dXJuIGN9ZnVuY3Rpb24gZWIoYSl7dmFyIGI9WTtyZXR1cm4oLi4uYyk9PmRiKGIsKCk9PmEuYXBwbHkodm9pZCAwLGMpKX0gY2xhc3MgZmJ7Y29uc3RydWN0b3IoKXt2YXIgYT1aO3RoaXMuaT1SO3RoaXMuaD1udWxsO3RoaXMucz10aGlzLm87dGhpcy5nPXZvaWQgMD09PWE%2FbnVsbDphO3RoaXMuaj0hMX1waW5nZXIoKXtyZXR1cm4gdGhpcy5pfW8oYSxiLGMsZCxmKXtmPWZ8fFwianNlcnJvclwiO2xldCBnO3RyeXtjb25zdCB2PW5ldyBRO3ZhciBlPXY7ZS5nLnB1c2goMSk7ZS5oWzFdPVAoXCJjb250ZXh0XCIsYSk7Yi5lcnJvciYmYi5tZXRhJiZiLmlkfHwoYj1uZXcgT2EoYix7bWVzc2FnZTpYKGIpfSkpO2lmKGIubXNnKXtlPXY7dmFyIGs9Yi5tc2cuc3Vic3RyaW5nKDAsNTEyKTtlLmcucHVzaCgyKTtlLmhbMl09UChcIm1zZ1wiLGspfXZhciBoPWIubWV0YXx8e307Yj1oO2lmKHRoaXMuaCl0cnl7dGhpcy5oKGIpfWNhdGNoKHkpe31pZihkKXRyeXtkKGIpfWNhdGNoKHkpe31kPXY7aD1baF07ZC5nLnB1c2goMyk7ZC5oWzNdPWg7ZD1yO2g9W107Yj1udWxsO2Rve3ZhciBsPWQ7aWYoSShsKSl7dmFyIG09bC5sb2NhdGlvbi5ocmVmOyBiPWwuZG9jdW1lbnQmJmwuZG9jdW1lbnQucmVmZXJyZXJ8fG51bGx9ZWxzZSBtPWIsYj1udWxsO2gucHVzaChuZXcgUmEobXx8XCJcIikpO3RyeXtkPWwucGFyZW50fWNhdGNoKHkpe2Q9bnVsbH19d2hpbGUoZCYmbCE9ZCk7Zm9yKGxldCB5PTAsemE9aC5sZW5ndGgtMTt5PD16YTsrK3kpaFt5XS5kZXB0aD16YS15O2w9cjtpZihsLmxvY2F0aW9uJiZsLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmbC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1oLmxlbmd0aC0xKWZvcihtPTE7bTxoLmxlbmd0aDsrK20pe3ZhciBuPWhbbV07bi51cmx8fChuLnVybD1sLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2luc1ttLTFdfHxcIlwiLG4ubT0hMCl9dmFyIHU9aDtsZXQgSz1uZXcgUmEoci5sb2NhdGlvbi5ocmVmLCExKTtsPW51bGw7Y29uc3QgYWE9dS5sZW5ndGgtMTtmb3Iobj1hYTswPD1uOy0tbil7dmFyIHA9dVtuXTshbCYmUGEudGVzdChwLnVybCkmJihsPXApO2lmKHAudXJsJiYhcC5tKXtLPSBwO2JyZWFrfX1wPW51bGw7Y29uc3QgamI9dS5sZW5ndGgmJnVbYWFdLnVybDswIT1LLmRlcHRoJiZqYiYmKHA9dVthYV0pO2c9bmV3IFFhKEsscCk7aWYoZy5oKXt1PXY7dmFyIHE9Zy5oLnVybHx8XCJcIjt1LmcucHVzaCg0KTt1LmhbNF09UChcInRvcFwiLHEpfXZhciBiYT17dXJsOmcuZy51cmx8fFwiXCJ9O2lmKGcuZy51cmwpe3ZhciBjYT1nLmcudXJsLm1hdGNoKHhhKSxDPWNhWzFdLEFhPWNhWzNdLEJhPWNhWzRdO3E9XCJcIjtDJiYocSs9QytcIjpcIik7QWEmJihxKz1cIi8vXCIscSs9QWEsQmEmJihxKz1cIjpcIitCYSkpO3ZhciBDYT1xfWVsc2UgQ2E9XCJcIjtDPXY7YmE9W2JhLHt1cmw6Q2F9XTtDLmcucHVzaCg1KTtDLmhbNV09YmE7VCh0aGlzLmksZix2LHRoaXMuaixjKX1jYXRjaCh2KXt0cnl7VCh0aGlzLmksZix7Y29udGV4dDpcImVjbXNlcnJcIixyY3R4OmEsbXNnOlgodiksdXJsOmcmJmcuZy51cmx9LHRoaXMuaixjKX1jYXRjaChLKXt9fXJldHVybiEwfX07Y2xhc3MgZ2J7fTtsZXQgUixZO2lmKE5hJiYhSShPKSl7bGV0IGE9XCIuXCIrTGEuZG9tYWluO3RyeXtmb3IoOzI8YS5zcGxpdChcIi5cIikubGVuZ3RoJiYhSShPKTspTGEuZG9tYWluPWE9YS5zdWJzdHIoYS5pbmRleE9mKFwiLlwiKSsxKSxPPXdpbmRvdy5wYXJlbnR9Y2F0Y2goYil7fUkoTyl8fChPPXdpbmRvdyl9TyE9PXdpbmRvdyYmLjAxPk1hdGgucmFuZG9tKCkmJkdhKCk7Y29uc3QgUz1PLFo9bmV3IGNiO3ZhciBoYj0oKT0%2Be2lmKCFTLmdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZyl7dmFyIGE9WjthLmc9ITE7YS5oIT1hLmkuZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZSYmKFcoKSYmQXJyYXkucHJvdG90eXBlLmZvckVhY2guY2FsbChhLmgsYmIsdm9pZCAwKSxhLmgubGVuZ3RoPTApfX07IChhPT57Uj1udWxsIT1hP2E6bmV3IFhhO1wibnVtYmVyXCIhPT10eXBlb2YgUy5nb29nbGVfc3J0JiYoUy5nb29nbGVfc3J0PU1hdGgucmFuZG9tKCkpO1dhKCk7WT1uZXcgZmI7WS5oPWI9Pnt2YXIgYz1NOzAhPT1jJiYoYi5qYz1TdHJpbmcoYyksYz0oYz1IYShjLGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpKSYmYy5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjLXZlcnNpb25cIil8fFwidW5rbm93blwiLGIuc2h2PWMpfTtZLmo9ITA7XCJjb21wbGV0ZVwiPT1TLmRvY3VtZW50LnJlYWR5U3RhdGU%2FaGIoKTpaLmcmJkgoUyxcImxvYWRcIiwoKT0%2Be2hiKCl9KX0pKCk7ZnVuY3Rpb24gaWIoKXt2YXIgYSxiO2NvbnN0IGM9d2luZG93O2lmKGMuZ21hU2RrfHwobnVsbD09PShhPWMud2Via2l0KXx8dm9pZCAwPT09YT8wOmEubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSlyZXR1cm4gYzt0cnl7Y29uc3QgZD13aW5kb3cucGFyZW50O2lmKGQuZ21hU2RrfHwobnVsbD09PShiPWQud2Via2l0KXx8dm9pZCAwPT09Yj8wOmIubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSlyZXR1cm4gZH1jYXRjaChkKXt9cmV0dXJuIG51bGx9IGZ1bmN0aW9uIGtiKGEsYj17fSxjPSgpPT57fSxkPSgpPT57fSl7Y29uc3QgZj1TdHJpbmcoTWF0aC5mbG9vcigyMTQ3NDgzNjQ3KnlhKCkpKTtsZXQgZz0wO2NvbnN0IGU9az0%2Be3RyeXt2YXIgaD1cIm9iamVjdFwiPT09dHlwZW9mIGsuZGF0YT9rLmRhdGE6SlNPTi5wYXJzZShrLmRhdGEpO2Y9PT1oLnBhd19pZCYmKHdpbmRvdy5jbGVhclRpbWVvdXQoZyksd2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsZSksaC5zaWduYWw%2FYyhoLnNpZ25hbCk6aC5lcnJvciYmZChoLmVycm9yKSl9Y2F0Y2gobSl7az17bXNnOlwicG9zdG1lc3NhZ2VFcnJvclwiLGVycjptIGluc3RhbmNlb2YgRXJyb3I%2FbS5tZXNzYWdlOlwibm9uRXJyb3JcIixkYXRhOm51bGw9PWsuZGF0YT9cIm51bGxcIjo1MDA8ay5kYXRhLmxlbmd0aD9rLmRhdGEuc3Vic3RyaW5nKDAsNTAwKTprLmRhdGF9O2g9Z2I7dmFyIGw9XCJsXCI7aC5sJiZoLmhhc093blByb3BlcnR5KGwpfHwobD1uZXcgaCxoLmw9bCk7aD1bXTshay5laWQmJiBoLmxlbmd0aCYmKGsuZWlkPWgudG9TdHJpbmcoKSk7VChSLFwicGF3X3NpZ3NcIixrLCEwLHZvaWQgMCx2b2lkIDApfX07d2luZG93LmFkZEV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsZWIoaz0%2Be2Uoayl9KSk7YS5wb3N0TWVzc2FnZShPYmplY3QuYXNzaWduKHtwYXdfaWQ6Zn0sYikpO2c9d2luZG93LnNldFRpbWVvdXQoKCk9Pnt3aW5kb3cucmVtb3ZlRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixlKTtkKFwiUEFXIEdNQSBwb3N0bWVzc2FnZSB0aW1lZCBvdXQuXCIpfSwyMDApfTt2YXIgbGI9Y2xhc3MgZXh0ZW5kcyBEe30scWE9WzZdO2NvbnN0IG1iPVwicGxhdGZvcm0gcGxhdGZvcm1WZXJzaW9uIGFyY2hpdGVjdHVyZSBtb2RlbCB1YUZ1bGxWZXJzaW9uIGJpdG5lc3NcIi5zcGxpdChcIiBcIik7dmFyIG5iPSgpPT57dmFyIGE9d2luZG93O3JldHVybiBhLm5hdmlnYXRvciYmYS5uYXZpZ2F0b3IudXNlckFnZW50RGF0YSYmXCJmdW5jdGlvblwiPT09dHlwZW9mIGEubmF2aWdhdG9yLnVzZXJBZ2VudE&i=17-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
R-KwqbZcbyvLggtneyqoOxHPJ8r7O0Rl6E7EA-LHJ6itiU8ZRjaLTQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=RhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXM%2FYS5uYXZpZ2F0b3IudXNlckFnZW50RGF0YS5nZXRIaWdoRW50cm9weVZhbHVlcyhtYikudGhlbihiPT57dmFyIGM9bmV3IGxiO2M9RShjLDEsYi5wbGF0Zm9ybSk7Yz1FKGMsMixiLnBsYXRmb3JtVmVyc2lvbik7Yz1FKGMsMyxiLmFyY2hpdGVjdHVyZSk7Yz1FKGMsNCxiLm1vZGVsKTtjPUUoYyw1LGIudWFGdWxsVmVyc2lvbik7cmV0dXJuIEUoYyw5LGIuYml0bmVzcyl9KTpudWxsfTtjbGFzcyBvYntjb25zdHJ1Y3Rvcigpe3RoaXMucHJvbWlzZT1uZXcgUHJvbWlzZShhPT57dGhpcy5nPWF9KX19O3dpbmRvdy52aWV3UmVxPVtdO2NvbnN0IHBiPWE9Pntjb25zdCBiPW5ldyBJbWFnZTtiLnNyYz1hLnJlcGxhY2UoXCImYW1wO1wiLFwiJlwiKTt3aW5kb3cudmlld1JlcS5wdXNoKGIpfSxxYj1hPT57ZmV0Y2goYSx7a2VlcGFsaXZlOiEwLGNyZWRlbnRpYWxzOlwiaW5jbHVkZVwiLHJlZGlyZWN0OlwiZm9sbG93XCIsbWV0aG9kOlwiZ2V0XCIsbW9kZTpcIm5vLWNvcnNcIn0pLmNhdGNoKCgpPT57cGIoYSl9KX0scmI9YT0%2Be3dpbmRvdy5mZXRjaD9xYihhKTpwYihhKX07TT00Mjsgd2luZG93LnZ1PWE9Pnt2YXIgYixjLGQsZjtjb25zdCBnPUlhKHZhKSxlPWliKCk7ZyYmbnVsbCE9KG51bGw9PT0oYj1udWxsPT09ZXx8dm9pZCAwPT09ZT92b2lkIDA6ZS5nbWFTZGspfHx2b2lkIDA9PT1iP3ZvaWQgMDpiLmdldFZpZXdTaWduYWxzKSYmKGI9bnVsbD09PShjPW51bGw9PT1lfHx2b2lkIDA9PT1lP3ZvaWQgMDplLmdtYVNkayl8fHZvaWQgMD09PWM%2Fdm9pZCAwOmMuZ2V0Vmlld1NpZ25hbHMoKSkmJihhPUcoYSxcIiZtcz1cIitiKSk7Y29uc3Qgaz1bXTtjPSgpPT57Y29uc3QgaD1uZXcgb2I7ay5wdXNoKGgucHJvbWlzZSk7cmV0dXJuIGguZ307aWYoYj1JYSh3YSkpe2NvbnN0IGg9bmIoKTtpZihudWxsIT1oKXtjb25zdCBsPWMoKTtoLnRoZW4obT0%2Be2E6e0E9ITA7dHJ5e3ZhciBuPUpTT04uc3RyaW5naWZ5KG0udG9KU09OKCksdGEpO2JyZWFrIGF9ZmluYWxseXtBPSExfW49dm9pZCAwfW09bjtuPVtdO2Zvcih2YXIgdT0wLHA9MDtwPG0ubGVuZ3RoO3ArKyl7dmFyIHE9IG0uY2hhckNvZGVBdChwKTsyNTU8cSYmKG5bdSsrXT1xJjI1NSxxPj49OCk7blt1KytdPXF9bT1qYShuLDMpOzA8bS5sZW5ndGgmJihhPUcoYSxcIiZ1YWNoPVwiK20pKTtsKCl9KX19aWYoZyYmbnVsbCE9KG51bGw9PT0oZD1udWxsPT09ZXx8dm9pZCAwPT09ZT92b2lkIDA6ZS53ZWJraXQpfHx2b2lkIDA9PT1kP3ZvaWQgMDpkLm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscykpe2NvbnN0IGg9YygpO2tiKG51bGw9PT0oZj1udWxsPT09ZXx8dm9pZCAwPT09ZT92b2lkIDA6ZS53ZWJraXQpfHx2b2lkIDA9PT1mP3ZvaWQgMDpmLm1lc3NhZ2VIYW5kbGVycy5nZXRHbWFWaWV3U2lnbmFscyx7fSxsPT57YT1HKGEsXCImXCIrbCk7aCgpfSwoKT0%2Be2goKX0pfWJ8fGc%2FUHJvbWlzZS5hbGwoaykudGhlbigoKT0%2Be3JiKGEpfSk6cmIoYSl9O30pLmNhbGwodGhpcyk7PC9zY3JpcHQ%2BPHNjcmlwdD52dShcImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc%2FYWlcXHgzZENod0F6ZzV5OFlacm9KTWpyM3dPMV9ZSElBNnlkNHE1bXVkQ3V5cFlQd0kyM0FSQUJJQUJnbGJLaGdyQUhnZ0VYWTJFdGNIVmlMVFF4TVRNMk9ERTRPREl6TVRFME5UWElBUW5nQWdDb0F3R3FCS2dDVDlDZklQWDlqZEJqTlJ0UHRzTGJkcVc2R1E0LUxhWG1oXzg4REVXbkhNS2UzaFpCV2RqalNRUGtWVzk3M2o0SXhldnBsZlkzQ2ZsOUZmZFFiLUd4djB2VTF4U1UtYUtORnJuanh3TjJxcmhpb3BiaEJyRlUxdkJkNEdUVlFfTnMydi1tNVhpRHZoWmd2T25HUmo0Q1N6MzB5SHMweHN4RU42VzNvT2tDQTBtVzZLUG1PQXlWMW40empJdUFoSEt6OW1pMmM5a2dKTlN0ek9FVE1sWkhtQkhodnI3aFlWRS1XejRpT1lQcWtYbU9jTEc0S3ZxYThFVUVyd2I2REs3UmZQOW4wa25BQ0tQdTRxWjZjZ2hkMUpURG9TUUxfamN5VzE1U1ltWlk5TGQ2bWdRdk1ZbU01X2YxS2RyVXJ3YXEzbkMyLU9JX1RYX01HWVd6TjNGbkUzQzFvMTg4NXZqZG85R2YzUFlHTVBhNHd2M0kzU3h1TWFOS3k0TjV6dkpDQVdaSHM1N01TSDdnQkFHQUJ1Nlh3OVA5al9HdjFRR2dCaUdvQjZhLUc2Z0hsdGdicUFlcW03RUNxQWZmbjdFQzJBY0EwZ2dGQ0loaEVBR0FDZ1A2Q3dJSUFZQU1BZEFWQVlBWEFiSVhIQW9hRWhSd2RXSXROREV4TXpZNE1UZzRNak14TVRRMU5SaUUyM3NcXHgyNnNpZ2hcXHgzZDlYSnB5LTJ2WGJJXFx4MjZ1YWNoX21cXHgzZFtVQUNIXVxceDI2Y2lkXFx4M2RDQVFTUHdDTklyTE00VU16OHZIZFVvZFcwbmJfNTdNeGJlVGk2bTJuMkJBcTJ1WWtyZ0xrSm1KZ3FiNnZJZGkzbU9FYW1DcXc0dWl3ckJES1ZzZkxSdGNtSkJnQlwiKTwvc2NyaXB0PjxzY3JpcHQ%2BdnUoXCJodHRwczovL2cuYWxnYmlkLmFwcC9ydGltcD9zaWRcXHgzZDYzYzJkZGJhLTVmNDQtMTFlYy04MzA3LTZhNzQ5YmU4ZWY5ZVxceDI2ZFxceDNkdGhyZWF0cG9zdC5jb21cXHgyNmNyXFx4M2RncmRfZ2VuMTFfMl9fMFxceDI2YVxceDNkaW1wXFx4MjZwXFx4M2RZYnljZ3dBSk5Cb0tkX1hJQUFCLXRZMDQwYi16Y2JWcVAtSGswUVxceDI2aW1cXHgzZHFkMk5IWFRoX2RMSy13aFlsbFlRTS03QUJwUWQ3N1BUZ1hZOGNiUTFVSVRuQl9OS0pSeFdFVXU4eGhfbnozSDhDSWttREY2blRGZnJRNDB1U0plRW1kNXl6aTdjMGpuRFQxbVV0clZ0V3I4WHhxOXBIWWc4Q2F5ZTQ1M0k2cnJJSkRQbEpTZGFNcGVXODZYc1RtQXA3MUxla1JTd015NHJHemxoQVB2SWVVY1FsaXNnY1B2TWs1WlpRQUZ0eGdpa3lRd3lUWlNEVW9aRnFXMFU4VC1tVFF2akJ2MGZrU3AzTUJBUmE5ZzRjSVBfbTZteEV1WUpmX2c5QVlyTGFuM24yTTMyeFd6ckVXaHNvMzRzVWlzZ2dqYl9UYnEtYXc3MTVBdlVJQTRpVXRRYjdPREY2NzA4ZklDTjNxdUUtOUt6XCIpPC9zY3JpcHQ%2BPGRpdiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdJbm5lckNvbnRhaW5lclwic3R5bGU9XCJsZWZ0OjBweDt0b3A6MHB4O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7cG9zaXRpb246Zml4ZWQ7cG9pbnRlci1ldmVudHM6bm9uZTt6LWluZGV4Oi05OTk5O1wiPjwvZGl2PjxkaXYgc3R5bGU9XCJkaXNwbGF5OmlubGluZVwiY2xhc3M9XCJHb29nbGVBY3RpdmVWaWV3RWxlbWVudFwiZGF0YS1nb29nbGUtYXYtY3huPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdmhHMTFTMF9UYW9qcmtFS29rT2hfV2phVS0wejFJNjZCeVdSMzJvbEMzREZKcVJXLWNGQ2FYMmZub2FzQTRSeVJETFZRYkdaTkFiczhaS3NJa0o5am9sQSZhbXA7c2lnPUNnMEFyS0pTekRaUzM5Ri1tc3FURUFFXCJkYXRhLWdvb2dsZS1hdi1hZGs9XCIxNDE0NTA1MDg0XCJkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YT1cImxhPTAmYW1wO3hkaT0wJmFtcDtcImRhdGEtZ29vZ2xlLWF2LW92ZXJyaWRlPVwiLTFcImRhdGEtZ29vZ2xlLWF2LWRtPVwiMlwiZGF0YS1nb29nbGUtYXYtaW1tZWRpYXRlIGRhdGEtZ29vZ2xlLWF2LWFpZD1cIjBcImRhdGEtZ29vZ2xlLWF2LW5haWQ9XCIxXCJkYXRhLWdvb2dsZS1hdi1zbGlmdD1cIlwiZGF0YS1nb29nbGUtYXYtY3BtYXY9XCJcImRhdGEtZ29vZ2xlLWF2LWJ0cj1cIlwiZGF0YS1nb29nbGUtYXYtaXRwbD1cIjIwXCJkYXRhLWdvb2dsZS1hdi1ycz1cIjRcImRhdGEtZ29vZ2xlLWF2LWZsYWdzPVwiWyZxdW90O3glMjc4NDQwJiMzOTs5ZWZvdG0oJmFtcDs3NTMzNzQlMmJlanZmLyUyNzg0NCZndDsmIzM5Ozl3dXZiJCZhbXA7NTY1MzMmZ3Q7IT18dnFjKSEyNzM3OTQmYW1wOyZsdDtxcXZiLyUmbHQ7MTczNTAyMCE9bmVodWAvITM2ND01MDUxITlhYmt7YSgkMTYwMjEwOjMmYW1wOyZsdDtjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJiMzOTs3NjQ2MzsyMSQ%2FZWJrcGIkJmFtcDswMzY2NzE3Jmd0OyomZ3Q7YmdpcGYrITM9NzEyMzYzJTlhaWh3YykhNzIwMiZsdDsyMTcmIzM5OzllZm90bSgmYW1wOzIwMDYxOzQ4JmFtcDsmZ3Q7YGRvcGIvJSZsdDsxNzA3MjAwIT04KCZhbXA7MjAwNTU3NT8mYW1wOyZndDtgZG9wYi8lJmx0OzE3MDY6MjEhPW5laHVgfiZxdW90O11cIj48IURPQ1RZUEUgaHRtbD48aHRtbCBsYW5nPVwiZW5cIj4gPGhlYWQ%2BIDxtZXRhIGNoYXJzZXQ9XCJVVEYtOFwiLz4gPG1ldGEgbmFtZT1cInZpZXdwb3J0XCIgY29udGVudD1cIndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjBcIi8%2BIDxtZXRhIGh0dHAtZXF1aXY9XCJYLVVBLUNvbXBhdGlibGVcIiBjb250ZW50PVwiaWU9ZWRnZVwiLz4gPG1ldGEgbmFtZT1cInJlZmVycmVyXCIgY29udGVudD1cIm5vLXJlZmVycmVyXCIvPiA8dGl0bGU%2BRG9jdW1lbnQ8L3RpdGxlPiA8bGluayBocmVmPVwiaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M%2FZmFtaWx5PVJvYm90bzo0MDAsNzAwJmRpc3BsYXk9c3dhcFwiIHJlbD1cInN0eWxlc2hlZXRcIi8%2BIDxsaW5rIGhyZWY9XCJodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9U2VjdWxhcitPbmUmZGlzcGxheT1zd2FwXCIgcmVsPVwic3R5bGVzaGVldFwiLz4gPHN0eWxlPi8qIHJlc2V0ICovIGFiYnIsIGFkZHJlc3MsIGFydGljbGUsIGFzaWRlLCBhdWRpbywgYiwgYmxvY2txdW90ZSwgYm9keSwgY2FudmFzLCBjYXB0aW9uLCBjaXRlLCBjb2RlLCBkZCwgZGVsLCBkZXRhaWxzLCBkZm4sIGRpdiwgZGwsIGR0LCBlbSwgZmllbGRzZXQsIGZpZ2NhcHRpb24sIGZpZ3VyZSwgZm9vdGVyLCBmb3JtLCBoMSwgaDIsIGgzLCBoNCwgaDUsIGg2LCBoZWFkZXIsIGhncm91cCwgaHRtbCwgaSwgaWZyYW1lLCBpbWcsIGlucywga2JkLCBsYWJlbCwgbGVnZW5kLCBsaSwgbWFyaywgbWVudSwgbmF2LCBvYmplY3QsIG9sLCBwLCBwcmUsIHEsIHNhbXAsIHNlY3Rpb24sIHNtYWxsLCBzcGFuLCBzdHJvbmcsIHN1Yiwgc3VtbWFyeSwgc3VwLCB0YWJsZSwgdGJvZHksIHRkLCB0Zm9vdCwgdGgsIHRoZWFkLCB0aW1lLCB0ciwgdWwsIHZhciwgdmlkZW97bWFyZ2luOiAwOyBwYWRkaW5nOiAwOyBib3JkZXI6IDA7IG91dGxpbmU6IDA7IGZvbnQtc2l6ZTogMTAwJTsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBiYWNrZ3JvdW5kOiAwIDA7fWJvZHl7bGluZS1oZWlnaHQ6IDE7fWFydGljbGUsIGFzaWRlLCBkZXRhaWxzLCBmaWdjYXB0aW9uLCBmaWd1cmUsIGZvb3RlciwgaGVhZGVyLCBoZ3JvdXAsIG1lbnUsIG5hdiwgc2VjdGlvbntkaXNwbGF5OiBibG9jazt9bmF2IHVse2xpc3Qtc3R5bGU6IG5vbmU7fWJsb2NrcXVvdGUsIHF7cXVvdGVzOiBub25lO31ibG9ja3F1b3RlOmFmdGVyLCBibG9ja3F1b3RlOmJlZm9yZSwgcTphZnRlciwgcTpiZWZvcmV7Y29udGVudDogXCJcIjsgY29udGVudDogbm9uZTt9YXttYXJnaW46IDA7IHBhZGRpbmc6IDA7IGZvbnQtc2l6ZTogMTAwJTsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBiYWNrZ3JvdW5kOiAwIDA7fWluc3tiYWNrZ3JvdW5kLWNvbG9yOiAjZmY5OyBjb2xvcjogIzAwMDsgdGV4dC1kZWNvcmF0aW9uOiBub25lO31tYXJre2JhY2tncm91bmQtY29sb3I6ICNmZjk7IGNvbG9yOiAjMDAwOyBmb250LXN0eWxlOiBpdGFsaWM7IGZvbnQtd2VpZ2h0OiA3MDA7fWRlbHt0ZXh0LWRlY29yYXRpb246IGxpbmUtdGhyb3VnaDt9YWJiclt0aXRsZV0sIGRmblt0aXRsZV17Ym9yZGVyLWJvdHRvbTogMXB4IGRvdHRlZDsgY3Vyc29yOiBoZWxwO310YWJsZXtib3JkZXItY29sbGFwc2U6IGNvbGxhcHNlOyBib3JkZXItc3BhY2luZzogMDt9aHJ7ZGlzcGxheTogYmxvY2s7IGhlaWdodDogMXB4OyBib3JkZXI6IDA7IGJvcmRlci10b3A6IDFweCBzb2xpZCAjY2NjOyBtYXJnaW46IDFlbSAwOyBwYWRkaW5nOiAwO31pbnB1dCwgc2VsZWN0e3ZlcnRpY2FsLWFsaWduOiBtaWRkbGU7fTwvc3R5bGU%2BIDxzdHlsZT5odG1se2JveC1zaXppbmc6IGJvcmRlci1ib3g7fWJvZHl7Zm&i=18-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
R6We4PSxuBnAOuPjQnwwpnum9RcWF4unhyDT5dE98pxpCxWDxVR5Og==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=9udC1mYW1pbHk6IFwiUm9ib3RvXCIsIHNhbnMtc2VyaWY7fWF7dGV4dC1kZWNvcmF0aW9uOiBub25lOyBjb2xvcjogIzAwMDAwMDt9dWwgbGl7ZGlzcGxheTogYmxvY2s7IHBhZGRpbmc6IDA7IG1hcmdpbjogMDt9LmNvbnRhaW5lcl9faW5uZXJ7d2lkdGg6IGNhbGMoMTAwdncgLSAxMHB4KTsgaGVpZ2h0OiBjYWxjKDEwMHZoIC0gMTBweCk7IG1hcmdpbjogNXB4IDVweCA1cHggNXB4OyBkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWFyb3VuZDsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGN1cnNvcjogZGVmYXVsdDt9LnN0YXJ0X19idG57bWluLXdpZHRoOiAyMDdweDsgY3Vyc29yOiBwb2ludGVyOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQoIHRvIGJvdHRvbSwgcmdiYSgwLCAxOTIsIDE2LCAxKSAwJSwgcmdiYSgwLCAxNDcsIDksIDEpIDEwMCUgKTsgZm9udC1mYW1pbHk6IFwiU2VjdWxhciBPbmVcIiwgc2Fucy1zZXJpZjsgZGlzcGxheTogaW5saW5lLWJsb2NrOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiB1cHBlcmNhc2U7IGNvbG9yOiAjZmZmOyBmb250LXdlaWdodDogYm9sZDsgYmFja2dyb3VuZC1jb2xvcjogIzAwYmEwZDsgcGFkZGluZzogMThweCA0NXB4OyBsZXR0ZXItc3BhY2luZzogMC4xZW07IHRleHQtc2hhZG93OiAxcHggMXB4IDJweCByZ2JhKDAsIDAsIDAsIDAuNzYpOyBib3JkZXI6IDFweCBzb2xpZCAjMDE0ZjA0OTQ7IGJvcmRlci1yYWRpdXM6IDEwcHg7IGJveC1zaGFkb3c6IDNweCAzcHggMHB4ICMwMTRmMDQ5NCwgMHB4IDNweCAxNXB4IHJnYmEoMCwgMCwgMCwgMC40KSwgaW5zZXQgMHB4IDFweCAwcHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjMpLCBpbnNldCAwcHggMHB4IDNweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNSk7IHRyYW5zaXRpb246IGJveC1zaGFkb3cgMjAwbXM7IHdpZHRoOiBjbGFtcCgyMDBweCwgNDB2dywgMzAwcHgpOyBwYWRkaW5nOiAxNHB4IDI1cHg7IGZvbnQtc2l6ZTogMjBweDsgZm9udC1zaXplOiBjbGFtcCgyMHB4LCA2dncsIDM4cHgpO30ubG9uZy10ZXh0e3dpZHRoOiBjbGFtcCgyMDBweCwgNDV2dywgMzUwcHgpO30uc3RhcnRfX2J0bjpmb2N1c3tvdXRsaW5lOiBub25lO30uc3RhcnRfX3dyYXBwZXJ7YWxpZ24taXRlbXM6IGNlbnRlcjsgZGlzcGxheTogZmxleDt9LmluZm97ZGlzcGxheTogZmxleDsgYWxpZ24taXRlbXM6IGZsZXgtZW5kO30uaW5mbyBoNHtmb250LXNpemU6IDE3cHg7IGxpbmUtaGVpZ2h0OiAyMXB4OyBmb250LXdlaWdodDogNzAwO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMThweDt9LmluZm9fX3N0ZXBzIHNwYW57Zm9udC13ZWlnaHQ6IDcwMDt9LmxvZ297bWFyZ2luLXRvcDogNjBweDsgbWluLXdpZHRoOiA3MHB4O30udGl0bGUtY29udGFpbmVye2Rpc3BsYXk6IGZsZXg7IGp1c3RpZnktY29udGVudDogY2VudGVyOyBmbGV4LWRpcmVjdGlvbjogY29sdW1uO30udGl0bGV7ZGlzcGxheTogYmxvY2s7IGZvbnQtc2l6ZTogY2xhbXAoMzBweCwgNHZ3LCA4MHB4KTsgdGV4dC1hbGlnbjogY2VudGVyOyBsaW5lLWhlaWdodDogMS4yOyBmb250LWZhbWlseTogYXV0bzt9LnRpdGxlLWFkZGl0aW9ue2ZvbnQtd2VpZ2h0OiA2MDA7fS5oaWRle2Rpc3BsYXk6IG5vbmU7fS5oYWxmLUltZy1BcnRpY2xlLW1haW57d2lkdGg6IDg4dnc7IGZvbnQtc2l6ZTogMTMuNXB4OyBsaW5lLWhlaWdodDogMS4yO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHR7bWFyZ2luLXRvcDogM3ZoO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHQ6ZW1wdHl7ZGlzcGxheTogbm9uZTt9LnByZXNzLWRvd246YWN0aXZlLCAucHJlc3MtZG93bjpmb2N1cywgLnByZXNzLWRvd246dmlzaXRlZHt0cmFuc2Zvcm06IHRyYW5zbGF0ZVkoMXB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNzI5cHgpey5zdGFydF9fYnRue21pbi13aWR0aDogMjA3cHg7IHBhZGRpbmc6IDE2cHggMTBweDsgd2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzMDBweCk7IGZvbnQtc2l6ZTogNC43dnc7fS5sb25nLXRleHR7d2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzNTBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNTAwcHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogOTZ2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMjBweCl7LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiA4OXZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEwMHB4KXtoNHtkaXNwbGF5OiBub25lO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDc5cHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogODR2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDU5NnB4KXsuY29udGFpbmVyX19vdXRlcntoZWlnaHQ6IDEwMHZoOyAvKiBiYWNrZ3JvdW5kLWNvbG9yOiBncmV5OyAqLyBkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjt9LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiAxMDAlO30uaW5mb3toZWlnaHQ6IDEwMHZoO30uaW5mb19fd3JhcHBlcntkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBoZWlnaHQ6IDEwMCU7IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNTk2cHgpey5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgxODBweCwgNTB2dywgMjUwcHgpOyBtaW4td2lkdGg6IDE3NXB4OyBtaW4taGVpZ2h0OiA1MHB4OyBwYWRkaW5nOiA5cHggMTNweDsgZm9udC1zaXplOiAxNnB4OyBmb250LXNpemU6IGNsYW1wKDE2cHgsIDV2dywgMzBweCk7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMTRweDsgbGluZS1oZWlnaHQ6IDE4cHg7fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAxNHB4O30ubG9nb3tmb250LXNpemU6IDEycHg7IG1hcmdpbi10b3A6IDQ1cHg7IG1pbi13aWR0aDogNTBweDt9fS5saW5rcy10cnktYWdhaW57ZmxleC1kaXJlY3Rpb246IHJvdy1yZXZlcnNlO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA0NThweCl7LmNvbnRhaW5lcl9faW5uZXJ7ZmxleC1kaXJlY3Rpb246IGNvbHVtbjt9Lmxpbmtze2ZsZXgtZGlyZWN0aW9uOiBpbmhlcml0O30ubGlua3MtdHJ5LWFnYWlue2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTt9LmluZm97bWFyZ2luLXRvcDogNnZtaW47IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGFsaWduLWl0ZW1zOiBjZW50ZXI7fS5sb2dve2ZvbnQtc2l6ZTogMTVweDsgbWFyZ2luLXRvcDogNnZtaW47IG1hcmdpbi1sZWZ0OiA3NSU7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMThweDsgbGluZS1oZWlnaHQ6IDEuM2VtO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMS4yZW07fS5zdGFydF9fYnRuey8qIHdpZHRoOiAyMzBweDsgKi8gLyogcGFkZGluZzogMThweCA0MHB4OyAqLyAvKiBmb250LXNpemU6IDIwcHg7ICovIHdpZHRoOiA5NHZ3OyBwYWRkaW5nOiAyNHB4IDE0cHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTJ2dywgNDBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyODBweCl7LnN0YXJ0X19idG57d2lkdGg6IDk1dnc7IG1pbi13aWR0aDogMTA2cHg7IHBhZGRpbmc6IDIwcHggNHB4OyBmb250LXNpemU6IDE4cHg7IGZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMjFweCk7fS5sb25nLXRleHR7Zm9udC1zaXplOiBjbGFtcCgxM3B4LCAxM3Z3LCAxOHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDIwMHB4KXsubG9uZy10ZXh0e2ZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMTVweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAxNTBweCl7LmxvbmctdGV4dHtmb250LXNpemU6IGNsYW1wKDEzcHgsIDEzdncsIDEzcHgpO319LmxvZ297Zm9udC1zaXplOiAxM3B4OyBtYXJnaW4tbGVmdDogNjAlO30uaW5mbyBoNHtmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAyZW07fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAyZW07fS8qIFJFU1BPTlNJVkUgKi8gLnN0YXJ0X19hcnJvdywgLmxvZ297ZGlzcGxheTogbm9uZTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogMTYwcHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LmxvZ297ZGlzcGxheTogYmxvY2s7fX0uY29udGFpbmVyX19pbm5lcntoZWlnaHQ6IDEwMHZoOyBoZWlnaHQ6IGNhbGMoMTAwdmggLSAxMHB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogNTAwcHgpIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fS5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgyMDBweCwgNTB2dywgNTAwcHgpOyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDZ2dywgNjBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5pbmZvX19zdGVwc3tkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWV2ZW5seTsgbGluZS1oZWlnaHQ6IGluaGVyaXQ7IGZvbnQtc2l6ZTogY2xhbXAoMTVweCwgNS41dncsIDE4cHgpO30uaW5mb19fd3JhcHBlcnsvKiBoZWlnaHQ6IDEwMCU7ICovIGRpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogY2VudGVyOyBtYXgtd2lkdGg6IDEwMHZ3OyBtYXgtd2lkdGg6IGNhbGMoMTAwdncgLSAxMHB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fS5pbmZve2ZsZXg6IDU1JTt9LnN0YXJ0e2ZsZXg6IDM1JTsgZGlzcGxheTogZmxleDsgZmxleDogdW5zZXQ7fS5sb2dve2Rpc3BsYXk6IGZsZXg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMzUwcHgpey5pbmZvX193cmFwcGVye2xpbmUtaGVpZ2h0OiA3dmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNDlweCl7LmluZm9fX3N0ZXBze2Rpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5OyAvKiBsaW5lLWhlaWdodDogMjB2aDsgKi8gbGluZS1oZWlnaHQ6IDIwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDEuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDJ2aCwgMjJweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogNTAwcHgpIGFuZCAobWluLXdpZHRoOiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDMuNXZoLCAyMnB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDIuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7LmxvZ297d2lkdGg6IDEwMHZ3O319LmxpbmtfdGV4dHtjb2xvcjogIzFhMGRhYjsgZm9udC1zaXplOiAxOXB4OyBmb250LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7IGN1cnNvcjogcG9pbnRlcjt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDIwMHB4KXsubGlua190ZXh0e3RyYW5zZm9ybTogdHJhbnNsYX&i=19-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
_ip4U79qxkGT-ILfXOcRUbf4Q_9OKEb2juu6dQHZK2IY9zqBoVMTLQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=RlWSgtNXB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxNjBweCl7LmxpbmtfdGV4dHtmb250LXNpemU6IDE4cHg7fS5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEyNXB4KXsubGlua190ZXh0e2Rpc3BsYXk6IG5vbmU7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTEwcHgpey5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4OyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDEwdncsIDQwcHgpOyBsaW5lLWhlaWdodDogMS4yO30uYWR2X25hbWV7LyogZGlzcGxheTogbm9uZTsgKi99LmNvbnRhaW5lcl9faW5uZXJ7LyoganVzdGlmeS1jb250ZW50OiBjZW50ZXI7ICovfX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNzRweCl7LnN0YXJ0X19idG57cGFkZGluZzogNnB4IDEzcHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgOXZ3LCA0MHB4KTsgbGluZS1oZWlnaHQ6IDE7IG1pbi1oZWlnaHQ6IHVuc2V0OyB3aWR0aDogODV2dzt9fUBtZWQ8IS0tIC4uLnRydW5jYXRlZCAtLT4iLCJtZXRob2RCbG9ja2VkIjoiaW5pdGlhbERGUFNGLXdyaXRlIn0sImJsb2NrZWQiOnRydWUsImNhbGxTdGFjayI6IkVycm9yXG4gICAgYXQgdjIgKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L2ItN2IxMjBhNS05Yjg3MWQ0ZS5qczoxOjI1MzIyKVxuICAgIGF0IHZ2IChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9iLTdiMTIwYTUtOWI4NzFkNGUuanM6MToyOTc2MylcbiAgICBhdCBodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9vcC5qczoxOjM0NTgyXG4gICAgYXQgT2JqZWN0LmJlZm9yZUluc2VydCAoaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3Qvb3AuanM6MTozNTI2NClcbiAgICBhdCBIVE1MRGl2RWxlbWVudC5uaS48Y29tcHV0ZWQ%2BLm5pLjxjb21wdXRlZD4ubmkuPGNvbXB1dGVkPiBbYXMgYXBwZW5kQ2hpbGRdIChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9vcC5qczoxOjQzODQ2KVxuICAgIGF0IGhBIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvcHViYWRzX2ltcGxfMjAyMTEyMDYwMS5qczoxMDoxMDY4MjUpXG4gICAgYXQgbmV3IE5oIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvcHViYWRzX2ltcGxfMjAyMTEyMDYwMS5qczoxMDoxMDM4OTUpXG4gICAgYXQgUmggKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzOjY6MzMzODgpXG4gICAgYXQgWWguV0YubyAoaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsXzIwMjExMjA2MDEuanM6MTA6MTg2NTkzKVxuICAgIGF0IFloLmwgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzOjEwOjE4NzM0OCkiLCJpbnRlcm1lZGlhdGVNYXJrdXAiOiIifQ%3D%3D&i=20-20&t=adltag_kxaha5ew_2uDG9T67Cfc&r=067855bd54c256582f599f75d7d1496&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
SD0mphFRc8q38LhfSahrxIOiXFdEcNbJqMWEHUAYmqCtxsNDLaXtsg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=eyJzaXRlSWQiOiJtYXRoLWFpZHMtdGhyZWF0cG9zdCIsInVybCI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS8iLCJhZFVuaXQiOiIvMjI0MDQzMzc0NjcsMjE3MDcxMjQzMzYvdGhyZWF0cG9zdC0zMDB4NjAwLUFURl8wIiwiYWRTZXJ2ZXJEZXRhaWxzIjp7ImFkdmVydGlzZXJJZCI6IjUwMjQ1NjkzNzQiLCJjYW1wYWlnbklkIjoiMjkxMDkwMjM4NiIsImNyZWF0aXZlSWQiOiIxMzgzNjQ3NTY1MzgiLCJsaW5laXRlbUlkIjoiNTc5NDIxMjYzMCIsImFkU2VydmVyIjoiZGZwIiwieWllbGRHcm91cElkcyI6WzI4NTgzN119LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MCwid3YiOiIxLjAuMCs3YjEyMGE1IiwiYnYiOiIxLjAuMCs3YjEyMGE1IiwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BPC9oZWFkPjxib2R5PlRvbyBtYW55IHJlcXVlc3RzOiA3My5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsX3BhZ2VfbGV2ZWxfYWRzXzIwMjExMjA2MDEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9ydWxlcy5xdWFudGNvdW50LmNvbS9ydWxlcy1wLV83a1Z4MHQ5SnFqOTAuanNcIiBhc3luYz1cIlwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3NjcmlwdC40ZGV4LmlvL2xvY2Fsc3RvcmUuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9zdGF0aWMuYWRzLXR3aXR0ZXIuY29tL3V3dC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3NlY3VyZS5xdWFudHNlcnZlLmNvbS9xdWFudC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGUtYW5hbHl0aWNzLmNvbS9hbmFseXRpY3MuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly93d3cuZ3N0YXRpYy5jb20vcmVjYXB0Y2hhL3JlbGVhc2VzL1ZaS0VEVzl3c2xQYkVjOVJtek1xYU9BUC9yZWNhcHRjaGFfX2RlLmpzXCIgY3Jvc3NvcmlnaW49XCJhbm9ueW1vdXNcIiBpbnRlZ3JpdHk9XCJzaGEzODQtemVoTVdmQVgwNVloN09JeDRLZmVNVWJ0RUhrLyswZnN4UVBUbm9lenZaS3JIQnpVdWtRVitXbnE1Um40RkxCOFwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nc3RhdGljLmNvbS9yZWNhcHRjaGEvcmVsZWFzZXMvVlpLRURXOXdzbFBiRWM5Um16TXFhT0FQL3JlY2FwdGNoYV9fZW4uanNcIiBjcm9zc29yaWdpbj1cImFub255bW91c1wiIGludGVncml0eT1cInNoYTM4NC13eXZFVlNyQXhvOThNSkdFMFB1UjJyaTZrNXF1cnF4QTIvYSsyUmRqMnpJMVhISkhTR0xzb1JTNUFEb3p1c0FNXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L2JsLTBhZjAzNTYtOGY1NjNiNjAuanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgZGVmZXI9XCJcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3QvYi03YjEyMGE1LTliODcxZDRlLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGRlZmVyPVwiXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD5cbjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndG0uanM%2FaWQ9R1RNLVBNMjlITEZcIj48L3NjcmlwdD5cbjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tLz9kbT1lZDFmOWU0MzVkYzg4NTI5MmVhYjY1NjIwYzUxZjNmYiZhbXA7YWN0aW9uPWxvYWQmYW1wO2Jsb2dpZD0xMDMmYW1wO3NpdGVpZD0xJmFtcDt0PTEyMzE0NDA4MDMmYW1wO2JhY2s9aHR0cHMlM0ElMkYlMkZ0aHJlYXRwb3N0LmNvbSUyRmNvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucyUyRjE3NzExOSUyRlwiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cIi8vYy5hbWF6b24tYWRzeXN0ZW0uY29tL2FheDIvYXBzdGFnLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0PlxudmFyIGdBTVBfdXJsaG9zdCA9ICAnaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS8nO1xudmFyIGdBTVBfdXJscGF0aCA9ICAnL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkvJztcbnZhciBnQU1QX3VybHF1ZXJ5ID0gICdnb29nZmMnO1xudmFyIGdBTVBfY29udGVudGlkID0gICcxNzcxMTknO1xudmFyIGdBTVBfY2F0ZWdvcnkgPSAgJ21hbHdhcmUtMic7XG52YXIgZ0FNUF9jb250ZW50dGFncyA9ICAnJztcbjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L29wLmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiLy93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL3RhZy9qcy9ncHQuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly9xZC5hZG1ldHJpY3Nwcm8uY29tL2pzL3RocmVhdHBvc3Qvcm9zLWxheW91dC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L2NtcC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L3VzcGNtcC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L3RhcmdldGluZy5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcWQuYWRtZXRyaWNzcHJvLmNvbS9qcy90aHJlYXRwb3N0L3ByZWJpZC5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3FkLmFkbWV0cmljc3Byby5jb20vanMvdGhyZWF0cG9zdC9lbmdpbmUuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4hZnVuY3Rpb24obil7aWYoIXdpbmRvdy5jbngpe3dpbmRvdy5jbng9e30sd2luZG93LmNueC5jbWQ9W107dmFyIHQ9bi5jcmVhdGVFbGVtZW50KCdpZnJhbWUnKTt0LmRpc3BsYXk9J25vbmUnLHQub25sb2FkPWZ1bmN0aW9uKCl7dmFyIG49dC5jb250ZW50V2luZG93LmRvY3VtZW50LGM9bi5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtjLnNyYz0nLy9jZC5jb25uYXRpeC5jb20vY29ubmF0aXgucGxheWVyLmpzJyxjLnNldEF0dHJpYnV0ZSgnYXN5bmMnLCcxJyksYy5zZXRBdHRyaWJ1dGUoJ3R5cGUnLCd0ZXh0L2phdmFzY3JpcHQnKSxuLmJvZHkuYXBwZW5kQ2hpbGQoYyl9LG4uaGVhZC5hcHBlbmRDaGlsZCh0KX19KGRvY3VtZW50KTtcbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwiYXBwbGljYXRpb24vbGQranNvblwiPntcIkBjb250ZXh0XCI6XCJodHRwczovL3NjaGVtYS5vcmdcIixcIkB0eXBlXCI6XCJCcmVhZGNydW1iTGlzdFwiLFwiaXRlbUxpc3RFbGVtZW50XCI6W3tcIkB0eXBlXCI6XCJMaXN0SXRlbVwiLFwicG9zaXRpb25cIjoxLFwiaXRlbVwiOntcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9cIixcIm5hbWVcIjpcIlRocmVhdHBvc3RcIn19LHtcIkB0eXBlXCI6XCJMaXN0SXRlbVwiLFwicG9zaXRpb25cIjoyLFwiaXRlbVwiOntcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9jYXRlZ29yeS93ZWItc2VjdXJpdHkvXCIsXCJuYW1lXCI6XCJXZWIgU2VjdXJpdHlcIn19LHtcIkB0eXBlXCI6XCJMaXN0SXRlbVwiLFwicG9zaXRpb25cIjozLFwiaXRlbVwiOntcIkBpZFwiOlwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS9jb250aS1nYW5nLXJhbnNvbXdhcmUtYXR0YWNrLW1jbWVuYW1pbnMvMTc3MTE5L1wiLFwibmFtZVwiOlwiQ29udGkgR2FuZyBTdXNwZWN0ZWQgb2YgUmFuc29td2FyZSBBdHRhY2sgb24gTWNNZW5hbWluc1wifX1dfTwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwiYXBwbGljYXRpb24vbGQranNvblwiPntcIkBjb250ZXh0XCI6XCJodHRwczovL3NjaGVtYS5vcmdcIixcIkB0eXBlXCI6XCJOZXdzQXJ0aWNsZVwiLFwibWFpbkVudGl0eU9mUGFnZVwiOntcIkB0eXBlXCI6XCJXZWJQYWdlXCIsXCJAaWRcIjpcImh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS9cIn0sXCJoZWFkbGluZVwiOlwiQ29udGkgR2FuZyBTdXNwZWN0ZWQgb2YgUmFuc29td2FyZSBBdHRhY2sgb24gTWNNZW5hbWluc1wiLFwiaW1hZ2VcIjpcImh0dHBzOi8vbWVkaWEudGhyZWF0cG9zdC5jb20vd3AtY29udGVudC91cGxvYWRzL3NpdGVzLzEwMy8yMDIxLzA3LzMwMTcxMDM5L2JlZXItMjEuanBnXCIsXCJkYXRlUHVibGlzaGVkXCI6XCIyMDIxLTEyLTE3VDEzOjU3OjAyKzAwOjAwXCIsXCJkYXRlTW9kaWZpZWRcIjpcIjIwMjEtMTItMTdUMTM6NTc6MDIrMDA6MDBcIixcImF1dGhvclwiOntcIkB0eXBlXCI6XCJQZXJzb25cIixcIm5hbWVcIjpcIkVsaXphYmV0aCBNb250YWxiYW5vXCJ9LFwicHVibGlzaGVyXCI6e1wiQHR5cGVcIjpcIk9yZ2FuaXphdGlvblwiLFwibmFtZVwiOlwiVGhyZWF0cG9zdFwiLFwibG9nb1wiOntcIkB0eXBlXCI6XCJJbWFnZU9iamVjdFwiLFwidXJsXCI6XCJodHRwczovL21lZGlhLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy9zaXRlcy8xMDMvMjAxOC8xMi8wNDEyMTUxOS9hbXBfbG9nby5wbmdcIixcIndpZHRoXCI6NjAsXCJoZWlnaHRcIjo2MH19LFwiZGVzY3JpcHRpb25cIjpcIlRoZSBpbmNpZGVudCBvY2N1cnJlZCBsYXN0IHdlZWtlbmQgYXQgdGhlIHBvcHVsYXIgY2hhaW4gb2YgcmVzdGF1cmFudHMsIGhvdGVscyBhbmQgYnJld2VyaWVzLCB3aGljaCBpcyBzdGlsbCBmYWNpbmcgZGlzcnVwdGlvbnMuXCJ9PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9rYXNwZXJza3ktZW5hYmxlLWpxdWVyeS1taWdyYXRlLWhlbHBlci9qcy9qcXVlcnkvanF1ZXJ5LTEuMTIuNC13cC5qcz92ZXI9MS4xMi40LXdwXCIgaWQ9XCJqcXVlcnktY29yZS1qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgaWQ9XCJub3RpZmljYXRpb25fc3RyaW5ncy1qcy1leHRyYVwiPlxuLyogPCFbQ0RBVEFbICovXG52YXIgZ2RwckR5bmFtaWNTdHJpbmdzID0ge1wibm90aWZpY2F0aW9uX3RleHRcIjpcIldlIHVzZSBjb29raWVzIHRvIG1ha2UgeW91ciBleHBlcmllbmNlIG9mIG91ciB3ZWJzaXRlcyBiZXR0ZXIuIEJ5IHVzaW5nIGFuZCBmdXJ0aGVyIG5hdmlnYXRpbmcgdGhpcyB3ZWJzaXRlIHlvdSBhY2NlcHQgdGhpcy4gRGV0YWlsZWQgaW5mb3JtYXRpb24gYWJvdXQgdGhlIHVzZSBvZiBjb29raWVzIG9uIHRoaXMgd2Vic2l0ZSBpcyBhdmFpbGFibGUgYnkgY2xpY2tpbmcgb24gPGEgaHJlZj1cXFwiaHR0cHM6XFwvXFwvdGhyZWF0cG9zdC5jb21cXC93ZWItcHJpdmFjeS1wb2xpY3lcXC9cXFwiIHRhcmdldD1cXFwiX2JsYW5rXFxcIj5tb3JlIGluZm9ybWF0aW9uPFxcL2E%2BLlwiLFwiYnV0dG9uX3RleHRcIjpcIkFDQ0VQVCBBTkQgQ0xPU0VcIn07XG4vKiBdXT4gKi9cbjwvc2NyaXB0PlxuPHNj&i=1-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
YRc5mOFBYwS-9oy908c2-iugYgyIIl1Jx6KFs_WaUKkyXCrx4rqEMQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=cmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgaWQ9XCJrc3NfanMtanMtZXh0cmFcIj5cbi8qIDwhW0NEQVRBWyAqL1xudmFyIGtzcyA9IHtcInR3aXR0ZXJfYWNjb3VudFwiOlwidGhyZWF0cG9zdFwifTtcbi8qIF1dPiAqL1xuPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Fzc2V0cy50aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvYndwLW1pbmlmeS9taW4vP2Y9d3AtY29udGVudC9wbHVnaW5zL2thc3BlcnNreS1jb29raWVzLW5vdGlmaWNhdGlvbi9zY3JpcHRzL2FsZXJ0X3RleHQuanMsd3AtY29udGVudC9wbHVnaW5zL2thc3BlcnNreS1jb29raWVzLW5vdGlmaWNhdGlvbi9zY3JpcHRzL2FsZXJ0LmpzLHdwLWNvbnRlbnQvcGx1Z2lucy9ob25leXBvdC1jb21tZW50cy9wdWJsaWMvYXNzZXRzL2pzL3B1YmxpYy5qcyx3cC1jb250ZW50L3BsdWdpbnMva3Nwcl90d2l0dGVyX3B1bGxxdW90ZS9qcy9rYXNwZXJza3ktdHdpdHRlci1wdWxscXVvdGUuanMsd3AtY29udGVudC90aGVtZXMvdGhyZWF0cG9zdC0yMDE4L2Fzc2V0cy9qcy9sb2FkbW9yZS5qcyx3cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LXNvY2lhbC1zaGFyaW5nL2Fzc2V0cy9qcy9zb2NpYWwtc2hhcmUuanMmYW1wO3Zlcj04NGM5MmQ5N1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG52YXIgc05ldyA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoXCJzY3JpcHRcIik7XG5zTmV3LmFzeW5jID0gdHJ1ZTtcbnNOZXcuc3JjID0gXCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tLz9kbT1lZDFmOWU0MzVkYzg4NTI5MmVhYjY1NjIwYzUxZjNmYiZhY3Rpb249bG9hZCZibG9naWQ9MTAzJnNpdGVpZD0xJnQ9MTIzMTQ0MDgwMyZiYWNrPWh0dHBzJTNBJTJGJTJGdGhyZWF0cG9zdC5jb20lMkZjb250aS1nYW5nLXJhbnNvbXdhcmUtYXR0YWNrLW1jbWVuYW1pbnMlMkYxNzcxMTklMkZcIlxudmFyIHMwID0gZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoJ3NjcmlwdCcpWzBdO1xuczAucGFyZW50Tm9kZS5pbnNlcnRCZWZvcmUoc05ldywgczApO1xuPC9zY3JpcHQ%2BXG48c2NyaXB0PihmdW5jdGlvbih3LGQscyxsLGkpe3dbbF09d1tsXXx8W107d1tsXS5wdXNoKHsnZ3RtLnN0YXJ0Jzpcbm5ldyBEYXRlKCkuZ2V0VGltZSgpLGV2ZW50OidndG0uanMnfSk7dmFyIGY9ZC5nZXRFbGVtZW50c0J5VGFnTmFtZShzKVswXSxcbmo9ZC5jcmVhdGVFbGVtZW50KHMpLGRsPWwhPSdkYXRhTGF5ZXInPycmbD0nK2w6Jyc7ai5hc3luYz10cnVlO2ouc3JjPVxuJ2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD0nK2krZGw7Zi5wYXJlbnROb2RlLmluc2VydEJlZm9yZShqLGYpO1xufSkod2luZG93LGRvY3VtZW50LCdzY3JpcHQnLCdkYXRhTGF5ZXInLCdHVE0tUE0yOUhMRicpOzwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG4gICAgICAgICAgICB2YXIgalF1ZXJ5TWlncmF0ZUhlbHBlckhhc1NlbnREb3duZ3JhZGUgPSBmYWxzZTtcblxuXHRcdFx0d2luZG93Lm9uZXJyb3IgPSBmdW5jdGlvbiggbXNnLCB1cmwsIGxpbmUsIGNvbCwgZXJyb3IgKSB7XG5cdFx0XHRcdC8vIEJyZWFrIG91dCBlYXJseSwgZG8gbm90IHByb2Nlc3NpbmcgaWYgYSBkb3duZ3JhZGUgcmVxZXVzdCB3YXMgYWxyZWFkeSBzZW50LlxuXHRcdFx0XHRpZiAoIGpRdWVyeU1pZ3JhdGVIZWxwZXJIYXNTZW50RG93bmdyYWRlICkge1xuXHRcdFx0XHRcdHJldHVybiB0cnVlO1xuICAgICAgICAgICAgICAgIH1cblxuXHRcdFx0XHR2YXIgeGhyID0gbmV3IFhNTEh0dHBSZXF1ZXN0KCk7XG5cdFx0XHRcdHZhciBub25jZSA9ICdiNmFlMjA5YTg0Jztcblx0XHRcdFx0dmFyIGpRdWVyeUZ1bmN0aW9ucyA9IFtcblx0XHRcdFx0XHQnYW5kU2VsZicsXG5cdFx0XHRcdFx0J2Jyb3dzZXInLFxuXHRcdFx0XHRcdCdsaXZlJyxcblx0XHRcdFx0XHQnYm94TW9kZWwnLFxuXHRcdFx0XHRcdCdzdXBwb3J0LmJveE1vZGVsJyxcblx0XHRcdFx0XHQnc2l6ZScsXG5cdFx0XHRcdFx0J3N3YXAnLFxuXHRcdFx0XHRcdCdjbGVhbicsXG5cdFx0XHRcdFx0J3N1YicsXG4gICAgICAgICAgICAgICAgXTtcblx0XHRcdFx0dmFyIG1hdGNoX3BhdHRlcm4gPSAvXFwpXFwuKC4rPykgaXMgbm90IGEgZnVuY3Rpb24vO1xuICAgICAgICAgICAgICAgIHZhciBlcnJvcmVkRnVuY3Rpb24gPSBtc2cubWF0Y2goIG1hdGNoX3BhdHRlcm4gKTtcblxuICAgICAgICAgICAgICAgIC8vIElmIHRoZXJlIHdhcyBubyBtYXRjaGluZyBmdW5jdGlvbnMsIGRvIG5vdCB0cnkgdG8gZG93bmdyYWRlLlxuICAgICAgICAgICAgICAgIGlmICggdHlwZW9mIGVycm9yZWRGdW5jdGlvbiAhPT0gJ29iamVjdCcgfHwgdHlwZW9mIGVycm9yZWRGdW5jdGlvblsxXSA9PT0gXCJ1bmRlZmluZWRcIiB8fCAtMSA9PT0galF1ZXJ5RnVuY3Rpb25zLmluZGV4T2YoIGVycm9yZWRGdW5jdGlvblsxXSApICkge1xuICAgICAgICAgICAgICAgICAgICByZXR1cm4gdHJ1ZTtcbiAgICAgICAgICAgICAgICB9XG5cbiAgICAgICAgICAgICAgICAvLyBTZXQgdGhhdCB3ZSd2ZSBub3cgYXR0ZW1wdGVkIGEgZG93bmdyYWRlIHJlcXVlc3QuXG4gICAgICAgICAgICAgICAgalF1ZXJ5TWlncmF0ZUhlbHBlckhhc1NlbnREb3duZ3JhZGUgPSB0cnVlO1xuXG5cdFx0XHRcdHhoci5vcGVuKCAnUE9TVCcsICdodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWFkbWluL2FkbWluLWFqYXgucGhwJyApO1xuXHRcdFx0XHR4aHIuc2V0UmVxdWVzdEhlYWRlciggJ0NvbnRlbnQtVHlwZScsICdhcHBsaWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQnICk7XG5cdFx0XHRcdHhoci5vbmxvYWQgPSBmdW5jdGlvbiAoKSB7XG5cdFx0XHRcdFx0dmFyIHJlc3BvbnNlLFxuICAgICAgICAgICAgICAgICAgICAgICAgcmVsb2FkID0gZmFsc2U7XG5cblx0XHRcdFx0XHRpZiAoIDIwMCA9PT0geGhyLnN0YXR1cyApIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRyeSB7XG4gICAgICAgICAgICAgICAgICAgICAgICBcdHJlc3BvbnNlID0gSlNPTi5wYXJzZSggeGhyLnJlc3BvbnNlICk7XG5cbiAgICAgICAgICAgICAgICAgICAgICAgIFx0cmVsb2FkID0gcmVzcG9uc2UuZGF0YS5yZWxvYWQ7XG4gICAgICAgICAgICAgICAgICAgICAgICB9IGNhdGNoICggZSApIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIFx0cmVsb2FkID0gZmFsc2U7XG4gICAgICAgICAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgICAgIH1cblxuXHRcdFx0XHRcdC8vIEF1dG9tYXRpY2FsbHkgcmVsb2FkIHRoZSBwYWdlIGlmIGEgZGVwcmVjYXRpb24gY2F1c2VkIGFuIGF1dG9tYXRpYyBkb3duZ3JhZGUsIGVuc3VyZSB2aXNpdG9ycyBnZXQgdGhlIGJlc3QgcG9zc2libGUgZXhwZXJpZW5jZS5cblx0XHRcdFx0XHRpZiAoIHJlbG9hZCApIHtcblx0XHRcdFx0XHRcdGxvY2F0aW9uLnJlbG9hZCgpO1xuICAgICAgICAgICAgICAgICAgICB9XG5cdFx0XHRcdH07XG5cblx0XHRcdFx0eGhyLnNlbmQoIGVuY29kZVVSSSggJ2FjdGlvbj1qcXVlcnktbWlncmF0ZS1kb3duZ3JhZGUtdmVyc2lvbiZfd3Bub25jZT0nICsgbm9uY2UgKSApO1xuXG5cdFx0XHRcdC8vIFN1cHByZXNzIGVycm9yIGFsZXJ0cyBpbiBvbGRlciBicm93c2Vyc1xuXHRcdFx0XHRyZXR1cm4gdHJ1ZTtcblx0XHRcdH1cbiAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzXCIgYXN5bmM9XCJcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BKGZ1bmN0aW9uKCkge1xuICAgICAgICAgICAgXCJ1c2Ugc3RyaWN0XCI7XG4gICAgICAgICAgICB0cnkge1xuICAgICAgICAgICAgICAgIGNvbnN0IHBsYXllckFwaSA9IHdpbmRvdy5wbGF5ZXJfaW5zdGFuY2VfYWE4OGI0Mjg2MDQ4NGZlZGEwOGFjNWNmYmQ0ZjNjMmY7XG4vL2Rlc2t0b3AgY2xvc2UgYnV0dG9uIGZvbGxvd3NcbnBsYXllckFwaS5vbihjbnguY29uZmlnRXZlbnRzLkFkSW1wcmVzc2lvbiwgZnVuY3Rpb24oKSB7XG4gIGNvbnNvbGUubG9nKFwiQ05YLWFkLWltcFwiKVxuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS12aWRlb1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXghaW1wb3J0YW50XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWxvZ28tYmFyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1idXR0b25zXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1wcm9ncmVzc1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5Om5vbmVcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdm9sdW1lLWNvbnRhaW5lclwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5Om5vbmVcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdWktdmlkZW9cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6bm9uZVwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC1jbG9zZS1idXR0b25cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6YXV0byFpbXBvcnRhbnRcIjtcbn1cbiAgICAgICAgICAgICk7XG5wbGF5ZXJBcGkub24oY254LmNvbmZpZ0V2ZW50cy5BZFNraXBwZWQsIGZ1bmN0aW9uKCkge1xuICBjb25zb2xlLmxvZyhcIkNOWC1hZC1za2lwXCIpXG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWxvZ28tYmFyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1idXR0b25zXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS1wcm9ncmVzc1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXhcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdm9sdW1lLWNvbnRhaW5lclwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJkaXNwbGF5OmZsZXhcIjtcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtdWktdmlkZW9cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6YXV0b1wiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC1jbG9zZS1idXR0b25cIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwicG9pbnRlci1ldmVudHM6aW5oZXJpdFwiO1xufVxuICAgICAgICAgICAgKTtcbnBsYXllckFwaS5vbihjbnguY29uZmlnRXZlbnRzLkFkQ29tcGxldGVkMTAwLCBmdW5jdGlvbigpIHtcbiAgY29uc29sZS5sb2coXCJDTlgtYWQtY29tcGxldGVcIilcbiAgdG9wLmRvY3VtZW50LmdldEVsZW1lbnRzQnlDbGFzc05hbWUoXCJjbngtbG9nby1iYXJcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLWJ1dHRvbnNcIilbMF0uc3R5bGUuY3NzVGV4dCA9IFwiZGlzcGxheTpmbGV4XCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LXVpLXByb2dyZXNzXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNu&i=2-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
yoEqdmDehTT2uyiLxsxMdGaTN0g4AsOPt2F5B_gNrmb5BrmXmSYD0g==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=eC12b2x1bWUtY29udGFpbmVyXCIpWzBdLnN0eWxlLmNzc1RleHQgPSBcImRpc3BsYXk6ZmxleFwiO1xuICB0b3AuZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZShcImNueC11aS12aWRlb1wiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czphdXRvXCI7XG4gIHRvcC5kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKFwiY254LWNsb3NlLWJ1dHRvblwiKVswXS5zdHlsZS5jc3NUZXh0ID0gXCJwb2ludGVyLWV2ZW50czppbmhlcml0XCI7XG59XG4gICAgICAgICAgICApO1xuXG4gICAgICAgICAgICB9Y2F0Y2goZSl7XG4gICAgICAgICAgICAgICAgY29uc29sZS53YXJuKCctLS1DbnhDdXN0b21BcGlFcnJvci0tLScpO1xuICAgICAgICAgICAgICAgIGNvbnNvbGUud2FybihlLm1lc3NhZ2UpO1xuICAgICAgICAgICAgfVxuICAgICAgICAgIH0pKCk8L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvdGFnL2pzL2dwdC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdD4hZnVuY3Rpb24oKXtmdW5jdGlvbiBuKG4pe3dpbmRvd1tcImNueFwiK25dfHwod2luZG93W1wiY254XCIrbl09d2luZG93W25dLHdpbmRvd1tuXT1mdW5jdGlvbihlKXt2YXIgdD1cIlwiO3RyeXtlJiYodD1mdW5jdGlvbiBuKGUsdCl7dHJ5e2lmKCFlKXJldHVyblwiXCI7aWYoZS5jbnhJbm5lclRhZylyZXR1cm4gZS5jbnhJbm5lclRhZztpZih0PDIpe3ZhciByPXQrMTtyZXR1cm4gbihlLmNhbGxlcixyKX19Y2F0Y2gobil7cmV0dXJuXCJcIn1yZXR1cm5cIlwifShlKSl9Y2F0Y2gobil7fXZhciByPXdpbmRvd1tcImNueFwiK25dLmFwcGx5KG51bGwsYXJndW1lbnRzKTtpZih0KXt2YXIgaT13aW5kb3cuY254RW5mU3RvcmFnZTtpW25dW3RdPWlbbl1bdF18fFtdLGlbbl1bdF0ucHVzaChyKX1yZXR1cm4gcn0pfXdpbmRvdy5jbnhFbmZTdG9yYWdlPXtzZXRUaW1lb3V0Ont9LHNldEludGVydmFsOnt9LGV2ZW50TGlzdGVuZXJzOnt9LGVycm9yczpbXX07dmFyIGU9d2luZG93LmxvY2F0aW9uLmhvc3RuYW1lLnNwbGl0KFwiLlwiKSx0PXdpbmRvdy5idG9hKGVbZS5sZW5ndGgtMl0rXCIuXCIrZVtlLmxlbmd0aC0xXSk7LTE9PT1bXCJkRzE2TG1OdmJRPT1cIixcIlltbHNiR0p2WVhKa0xtTnZiUT09XCIsXCJhRzlzYkhsM2IyOWtjbVZ3YjNKMFpYSXVZMjl0XCIsXCJkbWxpWlM1amIyMD1cIixcImFHOXliM05qYjNCbExtTnZiUT09XCIsXCJZWE4wY205c2IyZDVMbU52YlE9PVwiLFwiWVdodmNtRnRhWE50Ynk1amIyMD1cIl0uaW5kZXhPZih0KSYmKCFmdW5jdGlvbigpe2NvbnN0IG49d2luZG93LkV2ZW50VGFyZ2V0P3dpbmRvdy5FdmVudFRhcmdldC5wcm90b3R5cGU6d2luZG93LmRvY3VtZW50O24uY254QWRkRXZlbnRMaXN0ZW5lcnx8KG4uY254QWRkRXZlbnRMaXN0ZW5lcj1uLmFkZEV2ZW50TGlzdGVuZXIsbi5hZGRFdmVudExpc3RlbmVyPWZ1bmN0aW9uKG4sZSx0KXt2YXIgcj10aGlzfHx3aW5kb3c7aWYoZSYmZS5jbnhJbm5lclRhZyl7dmFyIGk9d2luZG93LmNueEVuZlN0b3JhZ2U7aS5ldmVudExpc3RlbmVyc1tlLmNueElubmVyVGFnXT1pLmV2ZW50TGlzdGVuZXJzW2UuY254SW5uZXJUYWddfHxbXSxpLmV2ZW50TGlzdGVuZXJzW2UuY254SW5uZXJUYWddLnB1c2goe2VsZW1lbnQ6cix0eXBlOm4saGFuZGxlcjplLG9wdGlvbnM6dH0pfXRyeXtyLmNueEFkZEV2ZW50TGlzdGVuZXIobixlLHQpfWNhdGNoKG4pe24ubWVzc2FnZT1cImFkbHN0bl9cIituLm1lc3NhZ2UsaS5lcnJvcnMucHVzaChuKX19KX0oKSxuKFwic2V0VGltZW91dFwiKSxuKFwic2V0SW50ZXJ2YWxcIikpfSgpOzwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL3NlY3VyZS5jZG4uZmFzdGNsaWNrLm5ldC9qcy9wdWJjaWQvbGF0ZXN0L3B1YmNpZC5taW4uanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9jZG4uaWQ1LXN5bmMuY29tL2FwaS8xLjAvaWQ1LWFwaS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgICB3aW5kb3cuY254UHJveHlUYXNrID0gZnVuY3Rpb24odGFzaykge1xuICAgICAgICBzZXRUaW1lb3V0KGZ1bmN0aW9uKCl7XG4gICAgICAgICAgICB0YXNrKCk7XG4gICAgICAgIH0sIDApO1xuICAgIH1cbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmRlL2Fkc2lkL2ludGVncmF0b3IuanM%2FZG9tYWluPXRocmVhdHBvc3QuY29tXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL2Fkc2VydmljZS5nb29nbGUuY29tL2Fkc2lkL2ludGVncmF0b3IuanM%2FZG9tYWluPXRocmVhdHBvc3QuY29tXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0PlxuXHRcdFx0Z29vZ2xldGFnLmNtZC5wdXNoKGZ1bmN0aW9uKCkgeyBnb29nbGV0YWcuZGlzcGxheSgnZGl2LWdwdC1hZC02Nzk0NjcwLTEnKTsgfSk7XG5cdFx0PC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5qUXVlcnkoZG9jdW1lbnQpLnJlYWR5KGZ1bmN0aW9uKCQpe2dmb3JtSW5pdFNwaW5uZXIoIDUsICdodHRwczovL3RocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvdGhlbWVzL3RocmVhdHBvc3QtMjAxOC9hc3NldHMvaW1hZ2VzL2xvYWRlci5zdmcnICk7alF1ZXJ5KCcjZ2Zvcm1fYWpheF9mcmFtZV81Jykub24oJ2xvYWQnLGZ1bmN0aW9uKCl7dmFyIGNvbnRlbnRzID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnKicpLmh0bWwoKTt2YXIgaXNfcG9zdGJhY2sgPSBjb250ZW50cy5pbmRleE9mKCdHRl9BSkFYX1BPU1RCQUNLJykgPj0gMDtpZighaXNfcG9zdGJhY2spe3JldHVybjt9dmFyIGZvcm1fY29udGVudCA9IGpRdWVyeSh0aGlzKS5jb250ZW50cygpLmZpbmQoJyNnZm9ybV93cmFwcGVyXzUnKTt2YXIgaXNfY29uZmlybWF0aW9uID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnI2dmb3JtX2NvbmZpcm1hdGlvbl93cmFwcGVyXzUnKS5sZW5ndGggPiAwO3ZhciBpc19yZWRpcmVjdCA9IGNvbnRlbnRzLmluZGV4T2YoJ2dmb3JtUmVkaXJlY3QoKXsnKSA%2BPSAwO3ZhciBpc19mb3JtID0gZm9ybV9jb250ZW50Lmxlbmd0aCA%2BIDAgJiYgISBpc19yZWRpcmVjdCAmJiAhIGlzX2NvbmZpcm1hdGlvbjt2YXIgbXQgPSBwYXJzZUludChqUXVlcnkoJ2h0bWwnKS5jc3MoJ21hcmdpbi10b3AnKSwgMTApICsgcGFyc2VJbnQoalF1ZXJ5KCdib2R5JykuY3NzKCdtYXJnaW4tdG9wJyksIDEwKSArIDEwMDtpZihpc19mb3JtKXtqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5odG1sKGZvcm1fY29udGVudC5odG1sKCkpO2lmKGZvcm1fY29udGVudC5oYXNDbGFzcygnZ2Zvcm1fdmFsaWRhdGlvbl9lcnJvcicpKXtqUXVlcnkoJyNnZm9ybV93cmFwcGVyXzUnKS5hZGRDbGFzcygnZ2Zvcm1fdmFsaWRhdGlvbl9lcnJvcicpO30gZWxzZSB7alF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81JykucmVtb3ZlQ2xhc3MoJ2dmb3JtX3ZhbGlkYXRpb25fZXJyb3InKTt9c2V0VGltZW91dCggZnVuY3Rpb24oKSB7IC8qIGRlbGF5IHRoZSBzY3JvbGwgYnkgNTAgbWlsbGlzZWNvbmRzIHRvIGZpeCBhIGJ1ZyBpbiBjaHJvbWUgKi8galF1ZXJ5KGRvY3VtZW50KS5zY3JvbGxUb3AoalF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81Jykub2Zmc2V0KCkudG9wIC0gbXQpOyB9LCA1MCApO2lmKHdpbmRvd1snZ2Zvcm1Jbml0RGF0ZXBpY2tlciddKSB7Z2Zvcm1Jbml0RGF0ZXBpY2tlcigpO31pZih3aW5kb3dbJ2dmb3JtSW5pdFByaWNlRmllbGRzJ10pIHtnZm9ybUluaXRQcmljZUZpZWxkcygpO312YXIgY3VycmVudF9wYWdlID0galF1ZXJ5KCcjZ2Zvcm1fc291cmNlX3BhZ2VfbnVtYmVyXzUnKS52YWwoKTtnZm9ybUluaXRTcGlubmVyKCA1LCAnaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3RoZW1lcy90aHJlYXRwb3N0LTIwMTgvYXNzZXRzL2ltYWdlcy9sb2FkZXIuc3ZnJyApO2pRdWVyeShkb2N1bWVudCkudHJpZ2dlcignZ2Zvcm1fcGFnZV9sb2FkZWQnLCBbNSwgY3VycmVudF9wYWdlXSk7d2luZG93WydnZl9zdWJtaXR0aW5nXzUnXSA9IGZhbHNlO31lbHNlIGlmKCFpc19yZWRpcmVjdCl7dmFyIGNvbmZpcm1hdGlvbl9jb250ZW50ID0galF1ZXJ5KHRoaXMpLmNvbnRlbnRzKCkuZmluZCgnLkdGX0FKQVhfUE9TVEJBQ0snKS5odG1sKCk7aWYoIWNvbmZpcm1hdGlvbl9jb250ZW50KXtjb25maXJtYXRpb25fY29udGVudCA9IGNvbnRlbnRzO31zZXRUaW1lb3V0KGZ1bmN0aW9uKCl7alF1ZXJ5KCcjZ2Zvcm1fd3JhcHBlcl81JykucmVwbGFjZVdpdGgoY29uZmlybWF0aW9uX2NvbnRlbnQpO2pRdWVyeShkb2N1bWVudCkuc2Nyb2xsVG9wKGpRdWVyeSgnI2dmXzUnKS5vZmZzZXQoKS50b3AgLSBtdCk7alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9jb25maXJtYXRpb25fbG9hZGVkJywgWzVdKTt3aW5kb3dbJ2dmX3N1Ym1pdHRpbmdfNSddID0gZmFsc2U7fSwgNTApO31lbHNle2pRdWVyeSgnI2dmb3JtXzUnKS5hcHBlbmQoY29udGVudHMpO2lmKHdpbmRvd1snZ2Zvcm1SZWRpcmVjdCddKSB7Z2Zvcm1SZWRpcmVjdCgpO319alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9wb3N0X3JlbmRlcicsIFs1LCBjdXJyZW50X3BhZ2VdKTt9ICk7fSApOzwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BIGpRdWVyeShkb2N1bWVudCkuYmluZCgnZ2Zvcm1fcG9zdF9yZW5kZXInLCBmdW5jdGlvbihldmVudCwgZm9ybUlkLCBjdXJyZW50UGFnZSl7aWYoZm9ybUlkID09IDUpIHtnZl9nbG9iYWxbXCJudW1iZXJfZm9ybWF0c1wiXVs1XSA9IHtcIjhcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX0sXCIxXCI6e1wicHJpY2VcIjpmYWxzZSxcInZhbHVlXCI6ZmFsc2V9LFwiOVwiOntcInByaWNlXCI6ZmFsc2UsXCJ2YWx1ZVwiOmZhbHNlfSxcIjJcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX0sXCI1XCI6e1wicHJpY2VcIjpmYWxzZSxcInZhbHVlXCI6ZmFsc2V9LFwiMTBcIjp7XCJwcmljZVwiOmZhbHNlLFwidmFsdWVcIjpmYWxzZX19O2lmKHdpbmRvd1snalF1ZXJ5J10pe2lmKCF3aW5kb3dbJ2dmX2Zvcm1fY29uZGl0aW9uYWxfbG9naWMnXSl3aW5kb3dbJ2dmX2Zvcm1fY29uZGl0aW9uYWxfbG9naWMnXSA9IG5ldyBBcnJheSgpO3dpbmRvd1snZ2ZfZm9ybV9jb25kaXRpb25hbF9sb2dpYyddWzVdID0geyBsb2dpYzogeyAwOiB7XCJmaWVsZFwiOntcImFjdGlvblR5cGVcIjpcInNob3dcIixcImxvZ2ljVHlwZVwiOlwiYWxsXCIsXCJydWxlc1wiOlt7XCJmaWVsZElkXCI6XCIyXCIsXCJvcGVyYXRvclwiOlwiaXNcIixcInZhbHVlXCI6XCJJIGFncmVlXCJ9LHtcImZpZWxkSWRcIjpcIjVcIixcIm9wZXJhdG9yXCI6XCJpc1wiLFwidmFsdWVcIjpcIkkgYWdyZWVcIn1dfSxcInNlY3Rpb25cIjpudWxsfSB9LCBkZXBlbmRlbnRzOiB7IDA6IFswXSB9LCBhbmltYXRpb246IDEsIGRlZmF1bHRzOiBbXSwgZmllbGRzOiB7XCI4XCI6WzBdLFwiMVwiOlswXSxcIjlcIjpbMF0sXCIyXCI6WzBdLFwiNVwiOlswXSxcIjEwXCI6WzBdfSB9OyBpZighd2luZG93WydnZl9udW1iZXJfZm9ybWF0J10pd2luZG93WydnZl9udW1iZXJfZm9ybWF0J10gPSAnZGVjaW1hbF9kb3QnO2pRdWVyeShkb2N1bWVudCkucmVhZHkoZnVuY3Rpb24oKXtnZl9hcHBseV9ydWxlcyg1LCBbMF0sIHRydWUpO2pRdWVyeSgnI2dmb3JtX3dyYXBwZXJfNScpLnNob3coKTtqUXVlcnkoZG9jdW1lbnQpLnRyaWdnZXIoJ2dmb3JtX3Bvc3RfY29uZGl0aW9uYWxfbG9naWMnLCBbNSwgbnVsbCwgdHJ1ZV0pO30gKTt9IGlmKHR5cGVvZiBQbGFjZWhvbGRlcnMgIT0gJ3VuZGVmaW5lZCcpe1xuICAgICAgICAgICAgICAgICAgICAgICAgUGxhY2Vob2xkZXJzLmVuYWJsZSgpO1xuICAgICAgICAgICAgICAgICAgICB9fSB9ICk7&i=3-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
Avbr2FoHqOa4X_avxF7nWeBZbmkmHRG2MB9ZtM180tGYqFrsaT2jbQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=alF1ZXJ5KGRvY3VtZW50KS5iaW5kKCdnZm9ybV9wb3N0X2NvbmRpdGlvbmFsX2xvZ2ljJywgZnVuY3Rpb24oZXZlbnQsIGZvcm1JZCwgZmllbGRzLCBpc0luaXQpe30gKTs8L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPiBqUXVlcnkoZG9jdW1lbnQpLnJlYWR5KGZ1bmN0aW9uKCl7alF1ZXJ5KGRvY3VtZW50KS50cmlnZ2VyKCdnZm9ybV9wb3N0X3JlbmRlcicsIFs1LCAxXSkgfSApOyA8L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPlxuICAgICAgICAgICAgICAgIGRvY3VtZW50LmFkZEV2ZW50TGlzdGVuZXIoXCJpbnB1dFwiLCBmdW5jdGlvbiAoZXZlbnQpIHtcbiAgICAgICAgICAgICAgICAgICAgaWYgKCFldmVudC50YXJnZXQuY2xvc2VzdChcIiNjb21tZW50XCIpKSByZXR1cm47XG5cbiAgICAgICAgICAgICAgICAgICAgdmFyIGNhcHRjaGFDb250YWluZXIgPSBudWxsO1xuICAgICAgICAgICAgICAgICAgICBjYXB0Y2hhQ29udGFpbmVyID0gZ3JlY2FwdGNoYS5yZW5kZXIoXCJyZWNhcHRjaGEtc3VibWl0LWJ0bi1hcmVhXCIsIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIFwic2l0ZWtleVwiIDogXCI2TGZzZHJBYUFBQUFBTVZLZ2VpNmswRWFEQlRnbUt2NlpRckc3YUVzXCIsXG4gICAgICAgICAgICAgICAgICAgICAgICBcInRoZW1lXCIgOiBcInN0YW5kYXJkXCJcbiAgICAgICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICA8L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9yZWNhcHRjaGEvYXBpLmpzP2hsPWVuJmFtcDtyZW5kZXI9ZXhwbGljaXRcIiBhc3luYz1cIlwiIGRlZmVyPVwiXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IGlkPVwiNzRjMmVjMWJjOGY4NGY3Y2IyZmYzNjVhZDBiNTgxMjNcIj5cblx0XHRcdFx0XHRcdFx0XHRjbnguY21kLnB1c2goZnVuY3Rpb24oKSB7XG5cdFx0XHRcdFx0XHRcdFx0XHRjbngoe1xuXHRcdFx0XHRcdFx0XHRcdFx0cGxheWVySWQ6IFwiYzJlY2QwNGYtMGRjYS00ZmZhLTg3NjEtZDkzYjM0NzE3MzgwXCJcblx0XHRcdFx0XHRcdFx0XHRcdH0pLnJlbmRlcihcIjc0YzJlYzFiYzhmODRmN2NiMmZmMzY1YWQwYjU4MTIzXCIpO1xuXHRcdFx0XHRcdFx0XHRcdH0pO1xuXHRcdFx0XHRcdFx0XHRcdDwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BXG4gICAgICAgICAgICBpZiAoIHR5cGVvZiBfcmVjYXB0Y2hhX3dvcmRwcmVzc19zYXZlZGNvbW1lbnQgIT0gJ3VuZGVmaW5lZCcpIHtcbiAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnY29tbWVudCcpLnZhbHVlID1cbiAgICAgICAgICAgICAgICAgICAgX3JlY2FwdGNoYV93b3JkcHJlc3Nfc2F2ZWRjb21tZW50O1xuICAgICAgICAgICAgfVxuICAgICAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL2thc3BlcnNreWNvbnRlbnRodWIuY29tL3RocmVhdHBvc3QtZ2xvYmFsL3dwLWNvbnRlbnQvcGx1Z2lucy9rYXNwZXJza3ktZW1iZWRzL2pzL3NjcmlwdHMuanM%2FdmVyPTEuMFwiIGlkPVwia3Nwcl9lbWJlZHMtanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vcmVjYXB0Y2hhL2FwaS5qcz9yZW5kZXI9ZXhwbGljaXQmYW1wO3Zlcj0yMDIxMjQwNTA5MjdcIiBpZD1cImthc3BlcnNreS1keW5hbWljLWdyYXZpdHktZm9ybXMtZ29vZ2xlLXJlY2FwdGNoYS1qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiLy9hc3NldHMudGhyZWF0cG9zdC5jb20vd3AtY29udGVudC9wbHVnaW5zL2J3cC1taW5pZnkvbWluLz9mPXdwLWNvbnRlbnQvcGx1Z2lucy9ncmF2aXR5Zm9ybXMvanMvanF1ZXJ5Lmpzb24ubWluLmpzJmFtcDt2ZXI9ODRjOTJkOTdcIiBpZD1cImdmb3JtX2pzb24tanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGlkPVwiZ2Zvcm1fZ3Jhdml0eWZvcm1zLWpzLWV4dHJhXCI%2BXG4vKiA8IVtDREFUQVsgKi9cbnZhciBnZl9nbG9iYWwgPSB7XCJnZl9jdXJyZW5jeV9jb25maWdcIjp7XCJuYW1lXCI6XCJVLlMuIERvbGxhclwiLFwic3ltYm9sX2xlZnRcIjpcIiRcIixcInN5bWJvbF9yaWdodFwiOlwiXCIsXCJzeW1ib2xfcGFkZGluZ1wiOlwiXCIsXCJ0aG91c2FuZF9zZXBhcmF0b3JcIjpcIixcIixcImRlY2ltYWxfc2VwYXJhdG9yXCI6XCIuXCIsXCJkZWNpbWFsc1wiOjJ9LFwiYmFzZV91cmxcIjpcImh0dHBzOlxcL1xcL3RocmVhdHBvc3QuY29tXFwvd3AtY29udGVudFxcL3BsdWdpbnNcXC9ncmF2aXR5Zm9ybXNcIixcIm51bWJlcl9mb3JtYXRzXCI6W10sXCJzcGlubmVyVXJsXCI6XCJodHRwczpcXC9cXC90aHJlYXRwb3N0LmNvbVxcL3dwLWNvbnRlbnRcXC9wbHVnaW5zXFwvZ3Jhdml0eWZvcm1zXFwvaW1hZ2VzXFwvc3Bpbm5lci5naWZcIn07XG4vKiBdXT4gKi9cbjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly90aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvZ3Jhdml0eWZvcm1zL2pzL2dyYXZpdHlmb3Jtcy5taW4uanM%2FdmVyPTIuNC4xNy4xNVwiIGlkPVwiZ2Zvcm1fZ3Jhdml0eWZvcm1zLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Fzc2V0cy50aHJlYXRwb3N0LmNvbS93cC1jb250ZW50L3BsdWdpbnMvYndwLW1pbmlmeS9taW4vP2Y9d3AtY29udGVudC9wbHVnaW5zL2dyYXZpdHlmb3Jtcy9qcy9jb25kaXRpb25hbF9sb2dpYy5taW4uanMmYW1wO3Zlcj04NGM5MmQ5N1wiIGlkPVwiZ2Zvcm1fY29uZGl0aW9uYWxfbG9naWMtanNcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMvZ3Jhdml0eWZvcm1zL2pzL3BsYWNlaG9sZGVycy5qcXVlcnkubWluLmpzJmFtcDt2ZXI9ODRjOTJkOTdcIiBpZD1cImdmb3JtX3BsYWNlaG9sZGVyLWpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBpZD1cImthc3BlcnNreS1keW5hbWljLWdyYXZpdHktZm9ybXMtbWFpbi1qcy1leHRyYVwiPlxuLyogPCFbQ0RBVEFbICovXG52YXIga2FzcGVyc2t5RHluYW1pY2FSZUNhcHRjaGFEYXRhID0ge1wiYWpheFVybFwiOlwiaHR0cHM6XFwvXFwvdGhyZWF0cG9zdC5jb21cXC93cC1hZG1pblxcL2FkbWluLWFqYXgucGhwXCJ9O1xuLyogXV0%2BICovXG48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIHNyYz1cIi8vYXNzZXRzLnRocmVhdHBvc3QuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy9id3AtbWluaWZ5L21pbi8%2FZj13cC1jb250ZW50L3BsdWdpbnMva2FzcGVyc2t5LWdyYXZpdHktZm9ybXMtZHluYW1pYy1yZWNhcHRjaGEvYXNzZXRzL2pzL21haW4uanMsd3AtY29udGVudC90aGVtZXMvdGhyZWF0cG9zdC0yMDE4L2Fzc2V0cy9qcy9tYWluLmpzLHdwLWluY2x1ZGVzL2pzL3dwLWVtYmVkLm1pbi5qcyx3cC1jb250ZW50L3BsdWdpbnMvYWtpc21ldC9faW5jL2Zvcm0uanMmYW1wO3Zlcj04NGM5MmQ5N1wiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3R5cGU9amF2YXNjcmlwdCZhbXA7dmVyc2lvbj0yLjAuNCZhbXA7cF9pZD1Ud2l0dGVyJmFtcDtwX3VzZXJfaWQ9MCZhbXA7dHhuX2lkPW50dDBqJmFtcDtldmVudHM9JTVCJTVCJTIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJmFtcDt0d19zYWxlX2Ftb3VudD0wJmFtcDt0d19vcmRlcl9xdWFudGl0eT0wJmFtcDt0d19pZnJhbWVfc3RhdHVzPTAmYW1wO2V2ZW50X2lkPTc5OWM4OTVmLTMyZWMtNGRlZS1hNjYzLWQ5MjkzMTkxNDlhZiZhbXA7dHdfZG9jdW1lbnRfaHJlZj1odHRwcyUzQSUyRiUyRnRocmVhdHBvc3QuY29tJTJGY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zJTJGMTc3MTE5JTJGJmFtcDt0cHhfY2I9dHd0dHIuY29udmVyc2lvbi5sb2FkUGl4ZWxzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3MwLjJtZG4ubmV0L2luc3RyZWFtL3ZpZGVvL2NsaWVudC5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCIvL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9zZGtsb2FkZXIvaW1hMy5qc1wiIGFzeW5jPVwiXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbS9hZHNpZC9pbnRlZ3JhdG9yLmpzP2RvbWFpbj1cIj48L3NjcmlwdD5cbjxzY3JpcHQgc3JjPVwiLy9jZC5jb25uYXRpeC5jb20vY29ubmF0aXgucGxheWVyLmpzXCIgYXN5bmM9XCIxXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ18xNDcyOTQ4MzkwJykuY29udGVudFdpbmRvd1xuICAgICAgICAgICAgICAucG9zdE1lc3NhZ2Uoe3R5cGU6ICdvbWlkSWZyYW1lTG9hZGVkJ30sICcqJyk7XG4gICAgICAgICAgfVxuICAgICAgICB9KTtcbiAgICAgIDwvc2NyaXB0PlxuPHNjcmlwdCBzcmM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL29tc2RrL3JlbGVhc2VzL2xpdmUvb213ZWItdjEuanNcIj48L3NjcmlwdD5cbjxzY3JpcHQ%2BXG4gICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgZnVuY3Rpb24oZSkge1xuICAgICAgICAgIGlmIChlLmRhdGEudHlwZSA9PT0gJ2lubmVyQnJpZGdlSWZyYW1lTG9hZGVkJykge1xuICAgICAgICAgICAgd2luZG93LmZyYW1lRWxlbWVudC5wYXJlbnRFbGVtZW50XG4gICAgICAgICAgICAgIC5xdWVyeVNlbGVjdG9yKCcjZ29vZ184MjUzNTIwOTUnKS5jb250ZW50V2luZG93XG4gICAg&i=4-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
v9i5-SjtapWwm7WKzsuI4etiGvVB5p4jtfMOniiilVQXgbrW33KrUA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=ICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHNyYz1cImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vb21zZGsvcmVsZWFzZXMvbGl2ZS9vbXdlYi12MS5qc1wiPjwvc2NyaXB0PlxuPHNjcmlwdD5cbiAgICAgICAgd2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJ21lc3NhZ2UnLCBmdW5jdGlvbihlKSB7XG4gICAgICAgICAgaWYgKGUuZGF0YS50eXBlID09PSAnaW5uZXJCcmlkZ2VJZnJhbWVMb2FkZWQnKSB7XG4gICAgICAgICAgICB3aW5kb3cuZnJhbWVFbGVtZW50LnBhcmVudEVsZW1lbnRcbiAgICAgICAgICAgICAgLnF1ZXJ5U2VsZWN0b3IoJyNnb29nXzIwMTg2OTQ4NDQnKS5jb250ZW50V2luZG93XG4gICAgICAgICAgICAgIC5wb3N0TWVzc2FnZSh7dHlwZTogJ29taWRJZnJhbWVMb2FkZWQnfSwgJyonKTtcbiAgICAgICAgICB9XG4gICAgICAgIH0pO1xuICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCJodHRwczovL3ZwYWlkLnB1Ym1hdGljLmNvbS9hZHMvdmlkZW8vUE1BZE1nci5qcz9lbWJlZGRlZD0xJmFtcDtwdWJJZD0xNTY4NTgmYW1wO3NpdGVJZD02MzA5MDcmYW1wO2FkSWQ9MjQ0NjAwOCZhbXA7dnR5cGU9MSZhbXA7aW1wcklkPTZEMjA0MUJBLTIxQjctNDQ4Mi05MDFCLUJCQTlERkJFOTAzMSZhbXA7YWRTZXJ2ZXJJZD0yNDMmYW1wO2NhbXBhaWduSWQ9MjI5MTgmYW1wO2NySUQ9a2lhb3Jpa3AmYW1wO3VjcmlkPTYxODMwMjY0MzYzMzM3ODAyNjJcIj48L3NjcmlwdD5cbjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPlxuICAgICAgICAgICAgd2luZG93Lk9iamVjdC5kZWZpbmVQcm9wZXJ0eShPYmplY3QucHJvdG90eXBlLCAnY254SW5uZXJUYWcnLCB7IGVudW1lcmFibGU6ICExLCB3cml0YWJsZTogITAsIHZhbHVlOiAnY254LWFkLXNsb3QtZmQyYzU4NWQtNWJiYy00NjMxLTg3YjktOWI0NGM4NzE0NzVkJyB9KTtcbiAgICAgICAgICAgIHdpbmRvdy5PYmplY3QuZGVmaW5lUHJvcGVydHkoRnVuY3Rpb24ucHJvdG90eXBlLCAnY254SW5uZXJUYWcnLFxuICAgICAgICAgICAgeyBlbnVtZXJhYmxlOiAhMSwgd3JpdGFibGU6ICEwLCB2YWx1ZTogJ2NueC1hZC1zbG90LWZkMmM1ODVkLTViYmMtNDYzMS04N2I5LTliNDRjODcxNDc1ZCcgfSk7XG4gICAgICAgICAgICBjbnh0aW1lb3V0cyA9IFtdO1xuICAgICAgICAgICAgY254aW50ZXJ2YWxzID0gW107XG4gICAgICAgICAgICBvbGRTZXRUaW1lb3V0ID0gc2V0VGltZW91dDtcbiAgICAgICAgICAgIHNldFRpbWVvdXQgPSBmdW5jdGlvbiAoZSwgdCkgeyB2YXIgbiA9IG9sZFNldFRpbWVvdXQuYXBwbHkobnVsbCwgYXJndW1lbnRzKTsgcmV0dXJuIGNueHRpbWVvdXRzLnB1c2gobiksIG4gfTtcbiAgICAgICAgICAgIG9sZFNldEludGVydmFsID0gc2V0SW50ZXJ2YWw7XG4gICAgICAgICAgICBzZXRJbnRlcnZhbCA9IGZ1bmN0aW9uIChlLCB0KSB7IHZhciBuID0gb2xkU2V0SW50ZXJ2YWwuYXBwbHkobnVsbCwgYXJndW1lbnRzKTsgcmV0dXJuIGNueGludGVydmFscy5wdXNoKG4pLCBuIH07XG4gICAgICAgICAgICBjbGVhckFsbCA9IGZ1bmN0aW9uICgpIHtcbiAgICAgICAgICAgICAgICBzZXRUaW1lb3V0ID0gZnVuY3Rpb24gKCkgeyB9O1xuICAgICAgICAgICAgICAgIHNldEludGVydmFsID0gZnVuY3Rpb24gKCkgeyB9O1xuICAgICAgICAgICAgICAgIGZvciAodmFyIGUgPSAwOyBlIDwgY254dGltZW91dHMubGVuZ3RoOyBlKyspIHtcbiAgICAgICAgICAgICAgICAgICAgY2xlYXJUaW1lb3V0KGNueHRpbWVvdXRzW2VdKTtcbiAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgZm9yIChlID0gMDsgZSA8IGNueGludGVydmFscy5sZW5ndGg7IGUrKykge1xuICAgICAgICAgICAgICAgICAgICBjbGVhckludGVydmFsKGNueGludGVydmFsc1tlXSk7XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfTtcbiAgICAgICAgPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj53aW5kb3cucG9zdE1lc3NhZ2UoJ3tcImV2ZW50XCI6IFwicmVhZHlcIiwgXCJpZFwiOiBcImNueC1pZnJhbWVfNDhjNGUyMGEtNDFmZi00MzAyLTg0M2MtZTExMWZkODU2ZWI1XCJ9JywgJyonKTs8L3NjcmlwdD5cbjxzY3JpcHQgaWQ9XCJjbngtcHJlYmlkLWxvYWRlclwiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBzcmM9XCIvL2Nkcy5jb25uYXRpeC5jb20vcC9wbHVnaW5zL3ByZWJpZDQuNDMuMC00LmpzXCI%2BPC9zY3JpcHQ%2BXG48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj53aW5kb3cucG9zdE1lc3NhZ2UoJ3tcImV2ZW50XCI6IFwicmVhZHlcIiwgXCJpZFwiOiBcImNueC1pZnJhbWVfOGQxZWJlNGItNDI2Mi00ZjQ3LWEwMTQtMTBmNWFmNDE2ZGFhXCJ9JywgJyonKTs8L3NjcmlwdD5cbjxpZnJhbWUgZnJhbWVib3JkZXI9XCIwXCIgc3JjPVwiaHR0cHM6Ly9jYTE0MzkxYTgyNGU0NjQzODBmMDFhYjRiNmMwMmQ3Mi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZmVmcmFtZS8xLTAtMzgvaHRtbC9jb250YWluZXIuaHRtbFwiIGlkPVwiZ29vZ2xlX2Fkc19pZnJhbWVfLzIyNDA0MzM3NDY3LDIxNzA3MTI0MzM2L3RocmVhdHBvc3QtOTcweDI1MC1BVEZfMFwiIHRpdGxlPVwiM3JkIHBhcnR5IGFkIGNvbnRlbnRcIiBuYW1lPVwiMS0wLTM4OzU3NjM3OzwhZG9jdHlwZSBodG1sPjxodG1sPjxoZWFkPjxzY3JpcHQ%2BdmFyIGpzY1ZlcnNpb24gPSAncjIwMjExMjA3Jzs8L3NjcmlwdD48c2NyaXB0PnZhciBnb29nbGVfY2FzbT1bXTs8L3NjcmlwdD48L2hlYWQ%2BPGJvZHkgbGVmdE1hcmdpbj0mcXVvdDswJnF1b3Q7IHRvcE1hcmdpbj0mcXVvdDswJnF1b3Q7IG1hcmdpbndpZHRoPSZxdW90OzAmcXVvdDsgbWFyZ2luaGVpZ2h0PSZxdW90OzAmcXVvdDs%2BPHNjcmlwdD53aW5kb3cuZGljbmYgPSB7fTs8L3NjcmlwdD48c2NyaXB0IGRhdGEtamM9JnF1b3Q7NDImcXVvdDsgZGF0YS1qYy12ZXJzaW9uPSZxdW90O3IyMDIxMTIwNyZxdW90OyBkYXRhLWpjLWZsYWdzPSZxdW90O1smYW1wO3F1b3Q7eCUyNzg0NDYmYW1wOyMzOTs5ZWZvdG0oJmFtcDthbXA7MjAwNjc7JmFtcDtndDs4JmFtcDthbXA7JmFtcDtndDtgZG9wYi8lJmFtcDtsdDsxNzMyMjYxIT1uZWh1YH4mYW1wO3F1b3Q7XSZxdW90Oz4oZnVuY3Rpb24oKXsvKiAgQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4gU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gJ3VzZSBzdHJpY3QnO3ZhciBkYT0mcXVvdDtmdW5jdGlvbiZxdW90Oz09dHlwZW9mIE9iamVjdC5kZWZpbmVQcm9wZXJ0aWVzP09iamVjdC5kZWZpbmVQcm9wZXJ0eTpmdW5jdGlvbihhLGIsYyl7aWYoYT09QXJyYXkucHJvdG90eXBlfHxhPT1PYmplY3QucHJvdG90eXBlKXJldHVybiBhO2FbYl09Yy52YWx1ZTtyZXR1cm4gYX07ZnVuY3Rpb24gZWEoYSl7YT1bJnF1b3Q7b2JqZWN0JnF1b3Q7PT10eXBlb2YgZ2xvYmFsVGhpcyZhbXA7JmFtcDtnbG9iYWxUaGlzLGEsJnF1b3Q7b2JqZWN0JnF1b3Q7PT10eXBlb2Ygd2luZG93JmFtcDsmYW1wO3dpbmRvdywmcXVvdDtvYmplY3QmcXVvdDs9PXR5cGVvZiBzZWxmJmFtcDsmYW1wO3NlbGYsJnF1b3Q7b2JqZWN0JnF1b3Q7PT10eXBlb2YgZ2xvYmFsJmFtcDsmYW1wO2dsb2JhbF07Zm9yKHZhciBiPTA7YjxhLmxlbmd0aDsrK2Ipe3ZhciBjPWFbYl07aWYoYyZhbXA7JmFtcDtjLk1hdGg9PU1hdGgpcmV0dXJuIGN9dGhyb3cgRXJyb3IoJnF1b3Q7Q2Fubm90IGZpbmQgZ2xvYmFsIG9iamVjdCZxdW90Oyk7fXZhciBmYT1lYSh0aGlzKTsgZnVuY3Rpb24gaGEoYSxiKXtpZihiKWE6e3ZhciBjPWZhO2E9YS5zcGxpdCgmcXVvdDsuJnF1b3Q7KTtmb3IodmFyIGQ9MDtkPGEubGVuZ3RoLTE7ZCsrKXt2YXIgZj1hW2RdO2lmKCEoZiBpbiBjKSlicmVhayBhO2M9Y1tmXX1hPWFbYS5sZW5ndGgtMV07ZD1jW2FdO2I9YihkKTtiIT1kJmFtcDsmYW1wO251bGwhPWImYW1wOyZhbXA7ZGEoYyxhLHtjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsdmFsdWU6Yn0pfX1oYSgmcXVvdDtnbG9iYWxUaGlzJnF1b3Q7LGZ1bmN0aW9uKGEpe3JldHVybiBhfHxmYX0pO3ZhciByPXRoaXN8fHNlbGY7ZnVuY3Rpb24gdChhKXt0WyZxdW90OyAmcXVvdDtdKGEpO3JldHVybiBhfXRbJnF1b3Q7ICZxdW90O109ZnVuY3Rpb24oKXt9O3ZhciBpYT17fSx3PW51bGw7IGZ1bmN0aW9uIGphKGEsYil7dm9pZCAwPT09YiZhbXA7JmFtcDsoYj0wKTtpZighdyl7dz17fTtmb3IodmFyIGM9JnF1b3Q7QUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODkmcXVvdDsuc3BsaXQoJnF1b3Q7JnF1b3Q7KSxkPVsmcXVvdDsrLz0mcXVvdDssJnF1b3Q7Ky8mcXVvdDssJnF1b3Q7LV89JnF1b3Q7LCZxdW90Oy1fLiZxdW90OywmcXVvdDstXyZxdW90O10sZj0wOzU%2BZjtmKyspe3ZhciBnPWMuY29uY2F0KGRbZl0uc3BsaXQoJnF1b3Q7JnF1b3Q7KSk7aWFbZl09Zztmb3IodmFyIGU9MDtlPGcubGVuZ3RoO2UrKyl7dmFyIGs9Z1tlXTt2b2lkIDA9PT13W2tdJmFtcDsmYW1wOyh3W2tdPWUpfX19Yj1pYVtiXTtjPUFycmF5KE1hdGguZmxvb3IoYS5sZW5ndGgvMykpO2Q9Yls2NF18fCZxdW90OyZxdW90Oztmb3IoZj1nPTA7ZzxhLmxlbmd0aC0yO2crPTMpe3ZhciBoPWFbZ10sbD1hW2crMV07az1hW2crMl07ZT1iW2g%2BPjJdO2g9YlsoaCZhbXA7Myk8PDR8bD4%2BNF07bD1iWyhsJmFtcDsxNSk8PDJ8az4%2BNl07az1iW2smYW1wOzYzXTtjW2YrK109ZStoK2wra31lPTA7az1kO3N3aXRjaChhLmxlbmd0aC1nKXtjYXNlIDI6ZT0gYVtnKzFdLGs9YlsoZSZhbXA7MTUpPDwyXXx8ZDtjYXNlIDE6YT1hW2ddLGNbZl09YlthPj4yXStiWyhhJmFtcDszKTw8NHxlPj40XStrK2R9cmV0dXJuIGMuam9pbigmcXVvdDsmcXVvdDspfTt2YXIga2E9JnF1b3Q7ZnVuY3Rpb24mcXVvdDs9PT10eXBlb2YgVWludDhBcnJheTtjb25zdCB4PVN5bWJvbCh2b2lkIDApO2Z1bmN0aW9uIHooYSl7T2JqZWN0LmlzRnJvemVuKGEpfHwoeD9hW3hdfD0xOnZvaWQgMCE9PWEuZz9hLmd8PTE6T2JqZWN0LmRlZmluZVByb3BlcnRpZXMoYSx7Zzp7dmFsdWU6MSxjb25maWd1cmFibGU6ITAsd3JpdGFibGU6ITAsZW51bWVyYWJsZTohMX19KSk7cmV0dXJuIGF9O2Z1bmN0aW9uIGxhKGEpe3JldHVybiBudWxsIT09YSZhbXA7JmFtcDsmcXVvdDtvYmplY3QmcXVvdDs9PT10eXBlb2YgYSZhbXA7JmFtcDshQXJyYXkuaXNBcnJheShhKSZhbXA7JmFtcDthLmNvbnN0cnVjdG9yPT09T2JqZWN0fWxldCBBO2Z1bmN0aW9uIG1hKGEpe3N3aXRjaCh0eXBlb2YgYSl7Y2FzZSAmcXVvdDtudW1iZXImcXVvdDs6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgJnF1b3Q7b2JqZWN0JnF1b3Q7OmlmKGEmYW1wOyZhbXA7IUFycmF5LmlzQXJyYXkoYSkmYW1wOyZhbXA7a2EmYW1wOyZhbXA7bnVsbCE9YSZhbXA7JmFtcDthIGluc3RhbmNlb2YgVWludDhBcnJheSlyZXR1cm4gamEoYSl9cmV0dXJuIGF9O2Z1bmN0aW9uIG5hKGEsYil7aWYobnVsbCE9YSlyZXR1cm4gQXJyYXkuaXNBcnJheShhKXx8bGEoYSk%2FQihhLGIpOmIoYSl9ZnVuY3Rpb24gQihhLGIpe2lmKEFycmF5LmlzQXJyYXkoYSkpe3ZhciBjPUFycmF5KGEubGVuZ3RoKTtmb3IobGV0IGY9MDtmPGEubGVuZ3RoO2YrKyljW2ZdPW5hKGFbZl0sYik7aWYoYj1BcnJheS5pc0FycmF5KGEpKXt2YXIgZDt4P2Q9YVt4XTpkPWEuZztiPShudWxsPT1kPzA6ZCkmYW1wOzF9YiZhbXA7JmFtcDt6KGMpO3JldHVybiBjfWQ9e307Zm9yKGMgaW4gYSlkW2NdPW5hKGFbY10sYik7cmV0dXJuIGR9ZnVuY3Rpb24gb2EoYSl7aWYoYSZhbXA7JmFtcDsmcXVvdDtvYmplY3QmcXVvdDs9PXR5cGVvZiBhJm&i=5-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
uif8HGEiACDyJyHUP6Yyk3GsCZjL_jU9Vs-Uve6QfFYtVuG8nYmaIQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=FtcDsmYW1wO2EudG9KU09OKXJldHVybiBhLnRvSlNPTigpO2E9bWEoYSk7cmV0dXJuIEFycmF5LmlzQXJyYXkoYSk%2FQihhLG9hKTphfTtsZXQgcGE7ZnVuY3Rpb24gRCgpe3ZhciBhPXZvaWQgMCxiPXFhLGM9cGE7cGE9bnVsbDthfHwoYT1jKTtjPXRoaXMuY29uc3RydWN0b3IudjthfHwoYT1jP1tjXTpbXSk7dGhpcy5oPShjPzA6LTEpLSh0aGlzLmNvbnN0cnVjdG9yLnV8fDApO3RoaXMuZz1hO2E6e2M9dGhpcy5nLmxlbmd0aDthPWMtMTtpZihjJmFtcDsmYW1wOyhjPXRoaXMuZ1thXSxsYShjKSkpe3RoaXMuaj1hLXRoaXMuaDt0aGlzLmk9YzticmVhayBhfXRoaXMuaj1OdW1iZXIuTUFYX1ZBTFVFfWlmKGIpZm9yKGE9MDthPGIubGVuZ3RoO2ErKylpZihjPWJbYV0sYzx0aGlzLmope2MrPXRoaXMuaDt2YXIgZD10aGlzLmdbY107ZD9BcnJheS5pc0FycmF5KGQpJmFtcDsmYW1wO3ooZCk6dGhpcy5nW2NdPXJhfWVsc2Ugc2EodGhpcyksKGQ9dGhpcy5pW2NdKT9BcnJheS5pc0FycmF5KGQpJmFtcDsmYW1wO3ooZCk6dGhpcy5pW2NdPXJhfWNvbnN0IHJhPU9iamVjdC5mcmVlemUoeihbXSkpOyBmdW5jdGlvbiBzYShhKXtsZXQgYj1hLmorYS5oO2EuZ1tiXXx8KGEuaT1hLmdbYl09e30pfWZ1bmN0aW9uIEUoYSxiLGMpe2I%2BPWEuaj8oc2EoYSksYS5pW2JdPWMpOmEuZ1tiK2EuaF09YztyZXR1cm4gYX1ELnByb3RvdHlwZS50b0pTT049ZnVuY3Rpb24oKXtjb25zdCBhPXRoaXMuZztyZXR1cm4gQT9hOkIoYSxvYSl9O2Z1bmN0aW9uIHRhKGEsYil7cmV0dXJuIG1hKGIpfUQucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIHRoaXMuZy50b1N0cmluZygpfTtjbGFzcyB1YXtjb25zdHJ1Y3RvcihhKXt0aGlzLmtleT1hfX12YXIgRj1jbGFzcyBleHRlbmRzIHVhe2NvbnN0cnVjdG9yKGEpe3N1cGVyKGEpO3RoaXMuZGVmYXVsdFZhbHVlPSExfX07dmFyIHZhPW5ldyBGKCZxdW90OzQ1MzU3MTU2JnF1b3Q7KSx3YT1uZXcgRigmcXVvdDs0NTM1MDg5MCZxdW90Oyk7dmFyIEc9KGEsYik9PiZxdW90OyZhbXA7YWR1cmw9JnF1b3Q7PT1hLnN1YnN0cmluZyhhLmxlbmd0aC03KT9hLnN1YnN0cmluZygwLGEubGVuZ3RoLTcpK2IrJnF1b3Q7JmFtcDthZHVybD0mcXVvdDs6YStiOy8qICBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyBmdW5jdGlvbiBIKGEsYixjKXthLmFkZEV2ZW50TGlzdGVuZXImYW1wOyZhbXA7YS5hZGRFdmVudExpc3RlbmVyKGIsYywhMSl9O3ZhciB4YT1SZWdFeHAoJnF1b3Q7Xig%2FOihbXjovPyMuXSspOik%2FKD86Ly8oPzooW15cXFxcXFxcXC8%2FI10qKUApPyhbXlxcXFxcXFxcLz8jXSo%2FKSg%2FOjooWzAtOV0rKSk%2FKD89W1xcXFxcXFxcLz8jXXwkKSk%2FKFtePyNdKyk%2FKD86XFxcXD8oW14jXSopKT8oPzojKFtcXFxcc1xcXFxTXSopKT8kJnF1b3Q7KTtmdW5jdGlvbiBJKGEpe3RyeXt2YXIgYjtpZihiPSEhYSZhbXA7JmFtcDtudWxsIT1hLmxvY2F0aW9uLmhyZWYpYTp7dHJ5e3QoYS5mb28pO2I9ITA7YnJlYWsgYX1jYXRjaChjKXt9Yj0hMX1yZXR1cm4gYn1jYXRjaChjKXtyZXR1cm4hMX19ZnVuY3Rpb24geWEoKXtpZighZ2xvYmFsVGhpcy5jcnlwdG8pcmV0dXJuIE1hdGgucmFuZG9tKCk7dHJ5e2NvbnN0IGE9bmV3IFVpbnQzMkFycmF5KDEpO2dsb2JhbFRoaXMuY3J5cHRvLmdldFJhbmRvbVZhbHVlcyhhKTtyZXR1cm4gYVswXS82NTUzNi82NTUzNn1jYXRjaChhKXtyZXR1cm4gTWF0aC5yYW5kb20oKX19ZnVuY3Rpb24gSihhLGIpe2lmKGEpZm9yKGNvbnN0IGMgaW4gYSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoYSxjKSZhbXA7JmFtcDtiLmNhbGwodm9pZCAwLGFbY10sYyxhKX1mdW5jdGlvbiBEYShhKXthPXZvaWQgMD09PWE%2FZG9jdW1lbnQ6YTtyZXR1cm4gYS5jcmVhdGVFbGVtZW50KCZxdW90O2ltZyZxdW90Oyl9O2Z1bmN0aW9uIEwoYSxiLGM9bnVsbCl7RWEoYSxiLGMpfWZ1bmN0aW9uIEVhKGEsYixjKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KGEuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzPVtdKTtjb25zdCBkPURhKGEuZG9jdW1lbnQpO2lmKGMpe2NvbnN0IGY9Zz0%2Be2MmYW1wOyZhbXA7YyhnKTtkLnJlbW92ZUV2ZW50TGlzdGVuZXImYW1wOyZhbXA7ZC5yZW1vdmVFdmVudExpc3RlbmVyKCZxdW90O2xvYWQmcXVvdDssZiwhMSk7ZC5yZW1vdmVFdmVudExpc3RlbmVyJmFtcDsmYW1wO2QucmVtb3ZlRXZlbnRMaXN0ZW5lcigmcXVvdDtlcnJvciZxdW90OyxmLCExKX07SChkLCZxdW90O2xvYWQmcXVvdDssZik7SChkLCZxdW90O2Vycm9yJnF1b3Q7LGYpfWQuc3JjPWI7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHMucHVzaChkKX0gdmFyIEdhPSgpPT57bGV0IGE9JnF1b3Q7aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1iYWRwdWJ3aW4mcXVvdDs7Sih7c3RhY2s6RXJyb3IoKS5zdGFjayxhc3dpZnQ6d2luZG93Lmdvb2dsZV9hc3luY19pZnJhbWVfaWR9LChiLGMpPT57YiZhbXA7JmFtcDsoYSs9YCZhbXA7JHtjfT0ke2VuY29kZVVSSUNvbXBvbmVudChiKX1gKX0pO0ZhKGEpfSxGYT1hPT57dmFyIGI9d2luZG93O2IuZmV0Y2g%2FYi5mZXRjaChhLHtrZWVwYWxpdmU6ITAsY3JlZGVudGlhbHM6JnF1b3Q7aW5jbHVkZSZxdW90OyxyZWRpcmVjdDomcXVvdDtmb2xsb3cmcXVvdDssbWV0aG9kOiZxdW90O2dldCZxdW90Oyxtb2RlOiZxdW90O25vLWNvcnMmcXVvdDt9KTpMKGIsYSl9O2xldCBNPTA7ZnVuY3Rpb24gSGEoYSxiPW51bGwpe3JldHVybiBiJmFtcDsmYW1wO2IuZ2V0QXR0cmlidXRlKCZxdW90O2RhdGEtamMmcXVvdDspPT09U3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7JnF1b3Q7ZGF0YS1qYyZxdW90O309JnF1b3Q7JHthfSZxdW90O11gKX07ZnVuY3Rpb24gSWEoYSl7Tnx8KE49bmV3IEphKTtjb25zdCBiPU4uZ1thLmtleV07aWYoYSBpbnN0YW5jZW9mIEYpcmV0dXJuJnF1b3Q7Ym9vbGVhbiZxdW90Oz09PXR5cGVvZiBiP2I6YS5kZWZhdWx0VmFsdWU7dGhyb3cgRXJyb3IoKTt9dmFyIEthPWNsYXNze2NvbnN0cnVjdG9yKCl7dGhpcy5nPXt9fX07dmFyIEphPWNsYXNzIGV4dGVuZHMgS2F7Y29uc3RydWN0b3IoKXtzdXBlcigpO3ZhciBhPUhhKE0sZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7YT1hJmFtcDsmYW1wO2EuZ2V0QXR0cmlidXRlKCZxdW90O2RhdGEtamMtZmxhZ3MmcXVvdDspfHwmcXVvdDsmcXVvdDs7dHJ5e2NvbnN0IGI9SlNPTi5wYXJzZShhKVswXTthPSZxdW90OyZxdW90Oztmb3IobGV0IGM9MDtjPGIubGVuZ3RoO2MrKylhKz1TdHJpbmcuZnJvbUNoYXJDb2RlKGIuY2hhckNvZGVBdChjKV4mcXVvdDtcXHUwMDAzXFx1MDAwN1xcdTAwMDNcXHUwMDA3XFxiXFx1MDAwNFxcdTAwMDRcXHUwMDA2XFx1MDAwNVxcdTAwMDMmcXVvdDsuY2hhckNvZGVBdChjJTEwKSk7dGhpcy5nPUpTT04ucGFyc2UoYSl9Y2F0Y2goYil7fX19LE47dmFyIExhPWRvY3VtZW50LE1hPXdpbmRvdzt2YXIgTmE9ISF3aW5kb3cuZ29vZ2xlX2FzeW5jX2lmcmFtZV9pZDtsZXQgTz1OYSZhbXA7JmFtcDt3aW5kb3cucGFyZW50fHx3aW5kb3c7Y2xhc3MgT2F7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fCZxdW90OyZxdW90Ozt0aGlzLmlkPWIuaWR8fCZxdW90O2pzZXJyb3ImcXVvdDs7dGhpcy5tZXRhPXt9fX07Y29uc3QgUGE9UmVnRXhwKCZxdW90O15odHRwcz86Ly8oXFxcXHd8LSkrXFxcXC5jZG5cXFxcLmFtcHByb2plY3RcXFxcLihuZXR8b3JnKShcXFxcP3wvfCQpJnF1b3Q7KTt2YXIgUWE9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn19LFJhPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLm09ISFiO3RoaXMuZGVwdGg9bnVsbH19O2Z1bmN0aW9uIFAoYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gU2EoYSxiLGMsZCxmKXtjb25zdCBnPVtdO0ooYSxmdW5jdGlvbihlLGspeyhlPVRhKGUsYixjLGQsZikpJmFtcDsmYW1wO2cucHVzaChrKyZxdW90Oz0mcXVvdDsrZSl9KTtyZXR1cm4gZy5qb2luKGIpfSBmdW5jdGlvbiBUYShhLGIsYyxkLGYpe2lmKG51bGw9PWEpcmV0dXJuJnF1b3Q7JnF1b3Q7O2I9Ynx8JnF1b3Q7JmFtcDsmcXVvdDs7Yz1jfHwmcXVvdDssJCZxdW90OzsmcXVvdDtzdHJpbmcmcXVvdDs9PXR5cGVvZiBjJmFtcDsmYW1wOyhjPWMuc3BsaXQoJnF1b3Q7JnF1b3Q7KSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Y29uc3QgZz1bXTtmb3IobGV0IGU9MDtlPGEubGVuZ3RoO2UrKylnLnB1c2goVGEoYVtlXSxiLGMsZCsxLGYpKTtyZXR1cm4gZy5qb2luKGNbZF0pfX1lbHNlIGlmKCZxdW90O29iamVjdCZxdW90Oz09dHlwZW9mIGEpcmV0dXJuIGY9Znx8MCwyPmY%2FZW5jb2RlVVJJQ29tcG9uZW50KFNhKGEsYixjLGQsZisxKSk6JnF1b3Q7Li4uJnF1b3Q7O3JldHVybiBlbmNvZGVVUklDb21wb25lbnQoU3RyaW5nKGEpKX1mdW5jdGlvbiBVYShhKXtsZXQgYj0xO2Zvcihjb25zdCBjIGluIGEuaCliPWMubGVuZ3RoPmI%2FYy5sZW5ndGg6YjtyZXR1cm4gMzk5Ny1iLWEuaS5sZW5ndGgtMX0gZnVuY3Rpb24gVmEoYSxiLGMpe2I9YismcXVvdDsvL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tJnF1b3Q7K2M7bGV0IGQ9VWEoYSktYy5sZW5ndGg7aWYoMD5kKXJldHVybiZxdW90OyZxdW90OzthLmcuc29ydChmdW5jdGlvbihnLGUpe3JldHVybiBnLWV9KTtjPW51bGw7bGV0IGY9JnF1b3Q7JnF1b3Q7O2ZvcihsZXQgZz0wO2c8YS5nLmxlbmd0aDtnKyspe2NvbnN0IGU9YS5nW2ddLGs9YS5oW2VdO2ZvcihsZXQgaD0wO2g8ay5sZW5ndGg7aCsrKXtpZighZCl7Yz1udWxsPT1jP2U6YzticmVha31sZXQgbD1TYShrW2hdLGEuaSwmcXVvdDssJCZxdW90Oyk7aWYobCl7bD1mK2w7aWYoZD49bC5sZW5ndGgpe2QtPWwubGVuZ3RoO2IrPWw7Zj1hLmk7YnJlYWt9Yz1udWxsPT1jP2U6Y319fWE9JnF1b3Q7JnF1b3Q7O251bGwhPWMmYW1wOyZhbXA7KGE9ZismcXVvdDt0cm49JnF1b3Q7K2MpO3JldHVybiBiK2F9Y2xhc3MgUXtjb25zdHJ1Y3Rvcigpe3RoaXMuaT0mcXVvdDsmYW1wOyZxdW90Ozt0aGlzLmg9e307dGhpcy5qPTA7dGhpcy5nPVtdfX07ZnVuY3Rpb24gV2EoKXt2YXIgYT1SLGI9Uy5nb29nbGVfc3J0OzA8PWImYW1wOyZhbXA7MT49YiZhbXA7JmFtcDsoYS5nPWIpfWZ1bmN0aW9uIFQoYSxiLGMsZCxmLGcpe2lmKChkP2EuZzpNYXRoLnJhbmRvbSgpKTwoZnx8LjAxKSl0cnl7bGV0IGU7YyBpbnN0YW5jZW9mIFE%2FZT1jOihlPW5ldyBRLEooYywoaCxsKT0%2Be3ZhciBtPWUsbj1tLmorKztoPVAobCxoKTttLmcucHVzaChuKTttLmhbbl09aH0pKTtjb25zdCBrPVZhKGUsYS5oLCZxdW90Oy9wYWdlYWQvZ2VuXzIwND9pZD0mcXVvdDsrYismcXVvdDsmYW1wOyZxdW90Oyk7ayZhbXA7JmFtcDsoJnF1b3Q7dW5kZWZpbmVkJnF1b3Q7IT09dHlwZW9mIGc%2FTChyLGssZyk6TChyLGspKX1jYXRjaChlKXt9fWNsYXNzIFhhe2NvbnN0cnVjdG9yKCl7dmFyIGE9dm9pZCAwPT09YT9NYTphO3RoaXMuaD0mcXVvdDtodHRwOiZxdW90Oz09PWEubG9jYXRpb24ucHJvdG9jb2w%2FJnF1b3Q7aHR0cDomcXVvdDs6JnF1b3Q7aHR0cHM6JnF1b3Q7O3RoaXMuZz1NYXRoLnJhbmRvbSgpfX07bGV0IFU9bnVsbDt2YXIgWWE9KCk9Pntjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmYW1wOyZhbXA7YS5ub3cmYW1wOyZhbXA7YS50aW1pbmc%2FTWF0aC5mbG9vcihhLm5vdygpK2EudGltaW5nLm5hdmlnYXRpb25TdGFydCk6RGF0ZS5ub3coKX0sWmE9KCk9Pntjb25zdCBhPXIucGVyZm9ybWFuY2U7cmV0dXJuIGEmYW1wOyZhbXA7YS5ub3c%2FYS5ub3coKTpudWxsfTtjbGFzcyAkYXtjb25zdHJ1Y3RvcihhLGIpe3ZhciBjPVphKCl8fFlhKCk7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1i&i=6-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
_qcCyjXCK0IOktWk8Xu2XsOcNS3U3_y7vhrJjgvRYkDtL-DKJOiyJQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=O3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPTA7dGhpcy51bmlxdWVJZD1NYXRoLnJhbmRvbSgpO3RoaXMuc2xvdElkPXZvaWQgMH19O2NvbnN0IFY9ci5wZXJmb3JtYW5jZSxhYj0hIShWJmFtcDsmYW1wO1YubWFyayZhbXA7JmFtcDtWLm1lYXN1cmUmYW1wOyZhbXA7Vi5jbGVhck1hcmtzKSxXPWZ1bmN0aW9uKGEpe2xldCBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX0oKCk9Pnt2YXIgYTtpZihhPWFiKXt2YXIgYjtpZihudWxsPT09VSl7VT0mcXVvdDsmcXVvdDs7dHJ5e2E9JnF1b3Q7JnF1b3Q7O3RyeXthPXIudG9wLmxvY2F0aW9uLmhhc2h9Y2F0Y2goYyl7YT1yLmxvY2F0aW9uLmhhc2h9YSZhbXA7JmFtcDsoVT0oYj1hLm1hdGNoKC9cXGJkZWlkPShbXFxkLF0rKS8pKT9iWzFdOiZxdW90OyZxdW90Oyl9Y2F0Y2goYyl7fX1iPVU7YT0hIWIuaW5kZXhPZiZhbXA7JmFtcDswPD1iLmluZGV4T2YoJnF1b3Q7MTMzNyZxdW90Oyl9cmV0dXJuIGF9KTtmdW5jdGlvbiBiYihhKXthJmFtcDsmYW1wO1YmYW1wOyZhbXA7VygpJmFtcDsmYW1wOyhWLmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YCksVi5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgKSl9IGNsYXNzIGNie2NvbnN0cnVjdG9yKCl7dmFyIGE9Uzt0aGlzLmg9W107dGhpcy5pPWF8fHI7bGV0IGI9bnVsbDthJmFtcDsmYW1wOyhhLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWU9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlfHxbXSx0aGlzLmg9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlLGI9YS5nb29nbGVfbWVhc3VyZV9qc190aW1pbmcpO3RoaXMuZz1XKCl8fChudWxsIT1iP2I6MT5NYXRoLnJhbmRvbSgpKX1zdGFydChhLGIpe2lmKCF0aGlzLmcpcmV0dXJuIG51bGw7YT1uZXcgJGEoYSxiKTtiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGA7ViZhbXA7JmFtcDtXKCkmYW1wOyZhbXA7Vi5tYXJrKGIpO3JldHVybiBhfWVuZChhKXtpZih0aGlzLmcmYW1wOyZhbXA7JnF1b3Q7bnVtYmVyJnF1b3Q7PT09dHlwZW9mIGEudmFsdWUpe2EuZHVyYXRpb249KFphKCl8fFlhKCkpLWEudmFsdWU7dmFyIGI9YGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X2VuZGA7ViZhbXA7JmFtcDtXKCkmYW1wOyZhbXA7Vi5tYXJrKGIpOyF0aGlzLmd8fDIwNDg8dGhpcy5oLmxlbmd0aHx8IHRoaXMuaC5wdXNoKGEpfX19O2Z1bmN0aW9uIFgoYSl7bGV0IGI9YS50b1N0cmluZygpO2EubmFtZSZhbXA7JmFtcDstMT09Yi5pbmRleE9mKGEubmFtZSkmYW1wOyZhbXA7KGIrPSZxdW90OzogJnF1b3Q7K2EubmFtZSk7YS5tZXNzYWdlJmFtcDsmYW1wOy0xPT1iLmluZGV4T2YoYS5tZXNzYWdlKSZhbXA7JmFtcDsoYis9JnF1b3Q7OiAmcXVvdDsrYS5tZXNzYWdlKTtpZihhLnN0YWNrKXthPWEuc3RhY2s7dHJ5ey0xPT1hLmluZGV4T2YoYikmYW1wOyZhbXA7KGE9YismcXVvdDtcXG4mcXVvdDsrYSk7bGV0IGM7Zm9yKDthIT1jOyljPWEsYT1hLnJlcGxhY2UoLygoaHR0cHM%2FOlxcLy4uKlxcLylbXlxcLzpdKjpcXGQrKD86LnxcXG4pKilcXDIvLCZxdW90OyQxJnF1b3Q7KTtiPWEucmVwbGFjZSgvXFxuICovZywmcXVvdDtcXG4mcXVvdDspfWNhdGNoKGMpe319cmV0dXJuIGJ9IGZ1bmN0aW9uIGRiKGEsYil7bGV0IGMsZDt0cnl7YS5nJmFtcDsmYW1wO2EuZy5nPyhkPWEuZy5zdGFydCgoOTAzKS50b1N0cmluZygpLDMpLGM9YigpLGEuZy5lbmQoZCkpOmM9YigpfWNhdGNoKGYpe2I9ITA7dHJ5e2JiKGQpLGI9YS5zKDkwMyxuZXcgT2EoZix7bWVzc2FnZTpYKGYpfSksdm9pZCAwLHZvaWQgMCl9Y2F0Y2goZyl7YS5vKDIxNyxnKX1pZihiKXtsZXQgZyxlO251bGw9PShnPXdpbmRvdy5jb25zb2xlKXx8bnVsbD09KGU9Zy5lcnJvcil8fGUuY2FsbChnLGYpfWVsc2UgdGhyb3cgZjt9cmV0dXJuIGN9ZnVuY3Rpb24gZWIoYSl7dmFyIGI9WTtyZXR1cm4oLi4uYyk9PmRiKGIsKCk9PmEuYXBwbHkodm9pZCAwLGMpKX0gY2xhc3MgZmJ7Y29uc3RydWN0b3IoKXt2YXIgYT1aO3RoaXMuaT1SO3RoaXMuaD1udWxsO3RoaXMucz10aGlzLm87dGhpcy5nPXZvaWQgMD09PWE%2FbnVsbDphO3RoaXMuaj0hMX1waW5nZXIoKXtyZXR1cm4gdGhpcy5pfW8oYSxiLGMsZCxmKXtmPWZ8fCZxdW90O2pzZXJyb3ImcXVvdDs7bGV0IGc7dHJ5e2NvbnN0IHY9bmV3IFE7dmFyIGU9djtlLmcucHVzaCgxKTtlLmhbMV09UCgmcXVvdDtjb250ZXh0JnF1b3Q7LGEpO2IuZXJyb3ImYW1wOyZhbXA7Yi5tZXRhJmFtcDsmYW1wO2IuaWR8fChiPW5ldyBPYShiLHttZXNzYWdlOlgoYil9KSk7aWYoYi5tc2cpe2U9djt2YXIgaz1iLm1zZy5zdWJzdHJpbmcoMCw1MTIpO2UuZy5wdXNoKDIpO2UuaFsyXT1QKCZxdW90O21zZyZxdW90OyxrKX12YXIgaD1iLm1ldGF8fHt9O2I9aDtpZih0aGlzLmgpdHJ5e3RoaXMuaChiKX1jYXRjaCh5KXt9aWYoZCl0cnl7ZChiKX1jYXRjaCh5KXt9ZD12O2g9W2hdO2QuZy5wdXNoKDMpO2QuaFszXT1oO2Q9cjtoPVtdO2I9bnVsbDtkb3t2YXIgbD1kO2lmKEkobCkpe3ZhciBtPWwubG9jYXRpb24uaHJlZjsgYj1sLmRvY3VtZW50JmFtcDsmYW1wO2wuZG9jdW1lbnQucmVmZXJyZXJ8fG51bGx9ZWxzZSBtPWIsYj1udWxsO2gucHVzaChuZXcgUmEobXx8JnF1b3Q7JnF1b3Q7KSk7dHJ5e2Q9bC5wYXJlbnR9Y2F0Y2goeSl7ZD1udWxsfX13aGlsZShkJmFtcDsmYW1wO2whPWQpO2ZvcihsZXQgeT0wLHphPWgubGVuZ3RoLTE7eTw9emE7Kyt5KWhbeV0uZGVwdGg9emEteTtsPXI7aWYobC5sb2NhdGlvbiZhbXA7JmFtcDtsLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyZhbXA7JmFtcDtsLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucy5sZW5ndGg9PWgubGVuZ3RoLTEpZm9yKG09MTttPGgubGVuZ3RoOysrbSl7dmFyIG49aFttXTtuLnVybHx8KG4udXJsPWwubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW20tMV18fCZxdW90OyZxdW90OyxuLm09ITApfXZhciB1PWg7bGV0IEs9bmV3IFJhKHIubG9jYXRpb24uaHJlZiwhMSk7bD1udWxsO2NvbnN0IGFhPXUubGVuZ3RoLTE7Zm9yKG49YWE7MDw9bjstLW4pe3ZhciBwPXVbbl07IWwmYW1wOyZhbXA7UGEudGVzdChwLnVybCkmYW1wOyZhbXA7KGw9cCk7aWYocC51cmwmYW1wOyZhbXA7IXAubSl7Sz0gcDticmVha319cD1udWxsO2NvbnN0IGpiPXUubGVuZ3RoJmFtcDsmYW1wO3VbYWFdLnVybDswIT1LLmRlcHRoJmFtcDsmYW1wO2piJmFtcDsmYW1wOyhwPXVbYWFdKTtnPW5ldyBRYShLLHApO2lmKGcuaCl7dT12O3ZhciBxPWcuaC51cmx8fCZxdW90OyZxdW90Ozt1LmcucHVzaCg0KTt1LmhbNF09UCgmcXVvdDt0b3AmcXVvdDsscSl9dmFyIGJhPXt1cmw6Zy5nLnVybHx8JnF1b3Q7JnF1b3Q7fTtpZihnLmcudXJsKXt2YXIgY2E9Zy5nLnVybC5tYXRjaCh4YSksQz1jYVsxXSxBYT1jYVszXSxCYT1jYVs0XTtxPSZxdW90OyZxdW90OztDJmFtcDsmYW1wOyhxKz1DKyZxdW90OzomcXVvdDspO0FhJmFtcDsmYW1wOyhxKz0mcXVvdDsvLyZxdW90OyxxKz1BYSxCYSZhbXA7JmFtcDsocSs9JnF1b3Q7OiZxdW90OytCYSkpO3ZhciBDYT1xfWVsc2UgQ2E9JnF1b3Q7JnF1b3Q7O0M9djtiYT1bYmEse3VybDpDYX1dO0MuZy5wdXNoKDUpO0MuaFs1XT1iYTtUKHRoaXMuaSxmLHYsdGhpcy5qLGMpfWNhdGNoKHYpe3RyeXtUKHRoaXMuaSxmLHtjb250ZXh0OiZxdW90O2VjbXNlcnImcXVvdDsscmN0eDphLG1zZzpYKHYpLHVybDpnJmFtcDsmYW1wO2cuZy51cmx9LHRoaXMuaixjKX1jYXRjaChLKXt9fXJldHVybiEwfX07Y2xhc3MgZ2J7fTtsZXQgUixZO2lmKE5hJmFtcDsmYW1wOyFJKE8pKXtsZXQgYT0mcXVvdDsuJnF1b3Q7K0xhLmRvbWFpbjt0cnl7Zm9yKDsyPGEuc3BsaXQoJnF1b3Q7LiZxdW90OykubGVuZ3RoJmFtcDsmYW1wOyFJKE8pOylMYS5kb21haW49YT1hLnN1YnN0cihhLmluZGV4T2YoJnF1b3Q7LiZxdW90OykrMSksTz13aW5kb3cucGFyZW50fWNhdGNoKGIpe31JKE8pfHwoTz13aW5kb3cpfU8hPT13aW5kb3cmYW1wOyZhbXA7LjAxPk1hdGgucmFuZG9tKCkmYW1wOyZhbXA7R2EoKTtjb25zdCBTPU8sWj1uZXcgY2I7dmFyIGhiPSgpPT57aWYoIVMuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nKXt2YXIgYT1aO2EuZz0hMTthLmghPWEuaS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlJmFtcDsmYW1wOyhXKCkmYW1wOyZhbXA7QXJyYXkucHJvdG90eXBlLmZvckVhY2guY2FsbChhLmgsYmIsdm9pZCAwKSxhLmgubGVuZ3RoPTApfX07IChhPT57Uj1udWxsIT1hP2E6bmV3IFhhOyZxdW90O251bWJlciZxdW90OyE9PXR5cGVvZiBTLmdvb2dsZV9zcnQmYW1wOyZhbXA7KFMuZ29vZ2xlX3NydD1NYXRoLnJhbmRvbSgpKTtXYSgpO1k9bmV3IGZiO1kuaD1iPT57dmFyIGM9TTswIT09YyZhbXA7JmFtcDsoYi5qYz1TdHJpbmcoYyksYz0oYz1IYShjLGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpKSZhbXA7JmFtcDtjLmdldEF0dHJpYnV0ZSgmcXVvdDtkYXRhLWpjLXZlcnNpb24mcXVvdDspfHwmcXVvdDt1bmtub3duJnF1b3Q7LGIuc2h2PWMpfTtZLmo9ITA7JnF1b3Q7Y29tcGxldGUmcXVvdDs9PVMuZG9jdW1lbnQucmVhZHlTdGF0ZT9oYigpOlouZyZhbXA7JmFtcDtIKFMsJnF1b3Q7bG9hZCZxdW90OywoKT0%2Be2hiKCl9KX0pKCk7ZnVuY3Rpb24gaWIoKXt2YXIgYSxiO2NvbnN0IGM9d2luZG93O2lmKGMuZ21hU2RrfHwobnVsbD09PShhPWMud2Via2l0KXx8dm9pZCAwPT09YT8wOmEubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSlyZXR1cm4gYzt0cnl7Y29uc3QgZD13aW5kb3cucGFyZW50O2lmKGQuZ21hU2RrfHwobnVsbD09PShiPWQud2Via2l0KXx8dm9pZCAwPT09Yj8wOmIubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSlyZXR1cm4gZH1jYXRjaChkKXt9cmV0dXJuIG51bGx9IGZ1bmN0aW9uIGtiKGEsYj17fSxjPSgpPT57fSxkPSgpPT57fSl7Y29uc3QgZj1TdHJpbmcoTWF0aC5mbG9vcigyMTQ3NDgzNjQ3KnlhKCkpKTtsZXQgZz0wO2NvbnN0IGU9az0%2Be3RyeXt2YXIgaD0mcXVvdDtvYmplY3QmcXVvdDs9PT10eXBlb2Ygay5kYXRhP2suZGF0YTpKU09OLnBhcnNlKGsuZGF0YSk7Zj09PWgucGF3X2lkJmFtcDsmYW1wOyh3aW5kb3cuY2xlYXJUaW1lb3V0KGcpLHdpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKCZxdW90O21lc3NhZ2UmcXVvdDssZSksaC5zaWduYWw%2FYyhoLnNpZ25hbCk6aC5lcnJvciZhbXA7JmFtcDtkKGguZXJyb3IpKX1jYXRjaChtKXtrPXttc2c6JnF1b3Q7cG9zdG1lc3NhZ2VFcnJvciZxdW90OyxlcnI6bSBpbnN0YW5jZW9mIEVycm9yP20ubWVzc2FnZTomcXVvdDtub25FcnJvciZxdW90OyxkYXRhOm51bGw9PWsuZGF0YT8mcXVvdDtudWxsJnF1b3Q7OjUwMDxrLmRhdGEubGVuZ3RoP2suZGF0YS5zdWJzdHJpbmcoMCw1MDApOmsuZGF0YX07aD1nYjt2YXIgbD0mcXVvdDtsJnF1b3Q7O2gubCZhbXA7JmFtcDtoLmhhc093blByb3BlcnR5KGwpfHwobD1uZXcgaCxoLmw9bCk7aD1bXTshay5laWQmYW1wOyZhbXA7IGgubGVuZ3RoJmFtcDsmYW1wOyhrLmVpZD1oLnRvU3RyaW5nKCkpO1QoUiwmcXVvdDtwYXdfc2lncyZxdW90OyxrLCEwLHZvaWQgMCx2b2lkIDApfX07d2luZG93LmFkZEV2ZW50TGlzdGVuZXIoJnF1b3Q7bWVzc2FnZSZxdW90OyxlYihrPT57ZShrKX0pKTthLnBvc3RNZXNzYWdlKE9iamVjdC5hc3NpZ24oe3Bhd19pZDpmfSxiKSk7Zz13aW5kb3cuc2V0VGltZW91dCgoKT0%2Be3dpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKCZxdW90O21lc3NhZ2UmcXVvdDssZSk7ZCgmcXVvdDtQQVcgR01BIHBvc3RtZXNzYWdlIHRpbWVkIG91dC4mcXVvdDspfSwyMDApfTt2YXIgbGI9Y2xhc3MgZXh0ZW5kcyBEe30scWE9WzZdO2NvbnN0IG1iPSZxdW90O3BsYXRmb3JtIHBsYXRmb3JtVmVyc2lvbiBhcmNoaXRlY3R1cmUgbW9kZWwgdWFGdWxsVmVyc2lvbiBiaXRuZXNzJnF1b3Q7LnNwbGl0KCZxdW90OyAmcXVvdDsp&i=7-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
eqzc9CZwiqmGzy9WKuXcvNt9DjTHk7TLuSf4SCbTwceh1KXyU4egIw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=O3ZhciBuYj0oKT0%2Be3ZhciBhPXdpbmRvdztyZXR1cm4gYS5uYXZpZ2F0b3ImYW1wOyZhbXA7YS5uYXZpZ2F0b3IudXNlckFnZW50RGF0YSZhbXA7JmFtcDsmcXVvdDtmdW5jdGlvbiZxdW90Oz09PXR5cGVvZiBhLm5hdmlnYXRvci51c2VyQWdlbnREYXRhLmdldEhpZ2hFbnRyb3B5VmFsdWVzP2EubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXMobWIpLnRoZW4oYj0%2Be3ZhciBjPW5ldyBsYjtjPUUoYywxLGIucGxhdGZvcm0pO2M9RShjLDIsYi5wbGF0Zm9ybVZlcnNpb24pO2M9RShjLDMsYi5hcmNoaXRlY3R1cmUpO2M9RShjLDQsYi5tb2RlbCk7Yz1FKGMsNSxiLnVhRnVsbFZlcnNpb24pO3JldHVybiBFKGMsOSxiLmJpdG5lc3MpfSk6bnVsbH07Y2xhc3Mgb2J7Y29uc3RydWN0b3IoKXt0aGlzLnByb21pc2U9bmV3IFByb21pc2UoYT0%2Be3RoaXMuZz1hfSl9fTt3aW5kb3cudmlld1JlcT1bXTtjb25zdCBwYj1hPT57Y29uc3QgYj1uZXcgSW1hZ2U7Yi5zcmM9YS5yZXBsYWNlKCZxdW90OyZhbXA7YW1wOyZxdW90OywmcXVvdDsmYW1wOyZxdW90Oyk7d2luZG93LnZpZXdSZXEucHVzaChiKX0scWI9YT0%2Be2ZldGNoKGEse2tlZXBhbGl2ZTohMCxjcmVkZW50aWFsczomcXVvdDtpbmNsdWRlJnF1b3Q7LHJlZGlyZWN0OiZxdW90O2ZvbGxvdyZxdW90OyxtZXRob2Q6JnF1b3Q7Z2V0JnF1b3Q7LG1vZGU6JnF1b3Q7bm8tY29ycyZxdW90O30pLmNhdGNoKCgpPT57cGIoYSl9KX0scmI9YT0%2Be3dpbmRvdy5mZXRjaD9xYihhKTpwYihhKX07TT00Mjsgd2luZG93LnZ1PWE9Pnt2YXIgYixjLGQsZjtjb25zdCBnPUlhKHZhKSxlPWliKCk7ZyZhbXA7JmFtcDtudWxsIT0obnVsbD09PShiPW51bGw9PT1lfHx2b2lkIDA9PT1lP3ZvaWQgMDplLmdtYVNkayl8fHZvaWQgMD09PWI%2Fdm9pZCAwOmIuZ2V0Vmlld1NpZ25hbHMpJmFtcDsmYW1wOyhiPW51bGw9PT0oYz1udWxsPT09ZXx8dm9pZCAwPT09ZT92b2lkIDA6ZS5nbWFTZGspfHx2b2lkIDA9PT1jP3ZvaWQgMDpjLmdldFZpZXdTaWduYWxzKCkpJmFtcDsmYW1wOyhhPUcoYSwmcXVvdDsmYW1wO21zPSZxdW90OytiKSk7Y29uc3Qgaz1bXTtjPSgpPT57Y29uc3QgaD1uZXcgb2I7ay5wdXNoKGgucHJvbWlzZSk7cmV0dXJuIGguZ307aWYoYj1JYSh3YSkpe2NvbnN0IGg9bmIoKTtpZihudWxsIT1oKXtjb25zdCBsPWMoKTtoLnRoZW4obT0%2Be2E6e0E9ITA7dHJ5e3ZhciBuPUpTT04uc3RyaW5naWZ5KG0udG9KU09OKCksdGEpO2JyZWFrIGF9ZmluYWxseXtBPSExfW49dm9pZCAwfW09bjtuPVtdO2Zvcih2YXIgdT0wLHA9MDtwPG0ubGVuZ3RoO3ArKyl7dmFyIHE9IG0uY2hhckNvZGVBdChwKTsyNTU8cSZhbXA7JmFtcDsoblt1KytdPXEmYW1wOzI1NSxxPj49OCk7blt1KytdPXF9bT1qYShuLDMpOzA8bS5sZW5ndGgmYW1wOyZhbXA7KGE9RyhhLCZxdW90OyZhbXA7dWFjaD0mcXVvdDsrbSkpO2woKX0pfX1pZihnJmFtcDsmYW1wO251bGwhPShudWxsPT09KGQ9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUud2Via2l0KXx8dm9pZCAwPT09ZD92b2lkIDA6ZC5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMpKXtjb25zdCBoPWMoKTtrYihudWxsPT09KGY9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUud2Via2l0KXx8dm9pZCAwPT09Zj92b2lkIDA6Zi5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMse30sbD0%2Be2E9RyhhLCZxdW90OyZhbXA7JnF1b3Q7K2wpO2goKX0sKCk9PntoKCl9KX1ifHxnP1Byb21pc2UuYWxsKGspLnRoZW4oKCk9PntyYihhKX0pOnJiKGEpfTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQ%2BdnUoJnF1b3Q7aHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haVxceDNkQ0FjMFpnNXk4WVpub0pNanIzd08xX1lISUE2eWQ0cTVtdWRDdXlwWVB3STIzQVJBQklBQmdsYktoZ3JBSGdnRVhZMkV0Y0hWaUxUUXhNVE0yT0RFNE9ESXpNVEUwTlRYSUFRbmdBZ0NvQXdHcUJLVUNUOUNLZWpwZkNzZkJ2UWNNUlpUYkVFUjduaGNzWk9xbmRpN2IzR1YxdEIteXN0MXZPRGFWSlc5YUFDTFFFcTZraEt4dUM4cURyeks2R3VfNWZFSHRRQjFsRFdJaGZBNXZaNkRjSXNlZEFrVDFPdUhaT3I3anc0ci1yYXZESE4tTlF6dk82QXF3YXpUNmIzODZ5bjZHNHZOOGIxYzUtWmNHaHpOSU9mcVlNNjViemdfZEozZUFNYnAtYjhjNUVZQ0lCYk1ueHJ1WVZkdDhIa1dsbVJtUFFYc3JyMWwzdklmMVlDZXk5WVUxR1JnWnpBdVlJd2dCMlVKMTVzZEF5b1NaeVhub2pLTDZXeVlzNExib1BFSDlRdHJjYkZHQlRqUHBEMllUMzFnTUtIWE50REFfSkZyMDU3N09DakRzVnBxVGpyNHJhcHVhMkhkY250RnhaeDZyMjB6VDBjNjVod1dHTnJzUmFuMHZEWThDU2hTbF9rb0Z0SllqYUpoaUU2VmFMaDlraU1mZ0JBR0FCcDZIamJlTS1fV1ZKcUFHSWFnSHByNGJxQWVXMkJ1b0I2cWJzUUtvQjktZnNRTFlCd0RTQ0FVSWlHRVFBWUFLQV9vTEFnZ0JnQXdCMEJVQmdCY0JzaGNjQ2hvU0ZIQjFZaTAwTVRFek5qZ3hPRGd5TXpFeE5EVTFHSVRiZXdcXHgyNnNpZ2hcXHgzZFlPMVhKNTZVcXlZXFx4MjZ1YWNoX21cXHgzZFtVQUNIXVxceDI2Y2lkXFx4M2RDQVFTUHdDTklyTE00VU16OHZIZFVvZFcwbmJfNTdNeGJlVGk2bTJuMkJBcTJ1WWtyZ0xrSm1KZ3FiNnZJZGkzbU9FYW1DcXc0dWl3ckJES1ZzZkxSdGNtSkJnQiZxdW90Oyk8L3NjcmlwdD48c2NyaXB0PnZ1KCZxdW90O2h0dHBzOi8vZy5hbGdiaWQuYXBwL3J0aW1wP3NpZFxceDNkNjNjMTQ5MDAtNWY0NC0xMWVjLWEzN2ItZjZkMzJlMGJhNzk0XFx4MjZkXFx4M2R0aHJlYXRwb3N0LmNvbVxceDI2Y3JcXHgzZGdyZF9nZW4xMV8yXFx4MjZhXFx4M2RpbXBcXHgyNnBcXHgzZFlieWNnd0FKTkJrS2RfWElBQUItdFlPUEtORU93Z2FRWTVyN25RXFx4MjZpbVxceDNkTWs5SDBJTHZLSGNoUGhqbzZSX2JZV2Y1Ql8zdWVyWno1ZUl0LWY0d0tmQWtKOUNsNHlaMGNCbEVHa1lXOEduRzVHbVo5aGc2RXhDaHRXN2ozQVNDei1xSWpzUHRFTlRNNEJrQkFzUmxZT0lTV2FxYmRVNjlBNFdHUDNSMWh0SkhmTEQ4WHZlMmhYd3VjSk1QNmVfelVpUktkaEdVTnliTGcxVDQ5dEVNM1dtbWFQVXZFOXFCV2J4ai1IZWFUdGNzRHZRbmVyeWw4dGMtaXF1NmJXdnBEV1lHTjFLTTdDb0pfMGhpVllfbTQ2a3dWZ0VLaHJobmQ3OFhtZWhTeUZzcDRJN0hwWnotVER3SGI2QUZQNXFHLVpBeFJIVkh4NXlPS1ZDSERtR1IzODRJMWpzX0IyS043dHF5OFd5a2RFNXYmcXVvdDspPC9zY3JpcHQ%2BPGRpdiBjbGFzcz0mcXVvdDtHb29nbGVBY3RpdmVWaWV3SW5uZXJDb250YWluZXImcXVvdDtzdHlsZT0mcXVvdDtsZWZ0OjBweDt0b3A6MHB4O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7cG9zaXRpb246Zml4ZWQ7cG9pbnRlci1ldmVudHM6bm9uZTt6LWluZGV4Oi05OTk5OyZxdW90Oz48L2Rpdj48ZGl2IHN0eWxlPSZxdW90O2Rpc3BsYXk6aW5saW5lJnF1b3Q7Y2xhc3M9JnF1b3Q7R29vZ2xlQWN0aXZlVmlld0VsZW1lbnQmcXVvdDtkYXRhLWdvb2dsZS1hdi1jeG49JnF1b3Q7aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzczJ5bEZQbFZ0NVhraElvTzctRDgtbjZ6ZmRGRzlnQVlvYW42Yjd3RFVTNGtqZ3gyT2hDTkFPRlQwVGRVc1E4ZnZSaTZ3eXJHazNIcDNSbTlzVG1vcUVxQSZhbXA7YW1wO3NpZz1DZzBBcktKU3pKU0VKUVd6R0xXNUVBRSZxdW90O2RhdGEtZ29vZ2xlLWF2LWFkaz0mcXVvdDs0MTY2NzIzOTkxJnF1b3Q7ZGF0YS1nb29nbGUtYXYtbWV0YWRhdGE9JnF1b3Q7bGE9MSZhbXA7YW1wO3hkaT0wJmFtcDthbXA7JnF1b3Q7ZGF0YS1nb29nbGUtYXYtb3ZlcnJpZGU9JnF1b3Q7LTEmcXVvdDtkYXRhLWdvb2dsZS1hdi1kbT0mcXVvdDsyJnF1b3Q7ZGF0YS1nb29nbGUtYXYtaW1tZWRpYXRlIGRhdGEtZ29vZ2xlLWF2LWFpZD0mcXVvdDswJnF1b3Q7ZGF0YS1nb29nbGUtYXYtbmFpZD0mcXVvdDsxJnF1b3Q7ZGF0YS1nb29nbGUtYXYtc2xpZnQ9JnF1b3Q7JnF1b3Q7ZGF0YS1nb29nbGUtYXYtY3BtYXY9JnF1b3Q7JnF1b3Q7ZGF0YS1nb29nbGUtYXYtYnRyPSZxdW90OyZxdW90O2RhdGEtZ29vZ2xlLWF2LWl0cGw9JnF1b3Q7MjAmcXVvdDtkYXRhLWdvb2dsZS1hdi1ycz0mcXVvdDs0JnF1b3Q7ZGF0YS1nb29nbGUtYXYtZmxhZ3M9JnF1b3Q7WyZhbXA7cXVvdDt4JTI3ODQ0MCZhbXA7IzM5OzllZm90bSgmYW1wO2FtcDs3NTMzNzQlMmJlanZmLyUyNzg0NCZhbXA7Z3Q7JmFtcDsjMzk7OXd1dmIkJmFtcDthbXA7NTY1MzMmYW1wO2d0OyE9fHZxYykhMjczNzk0JmFtcDthbXA7JmFtcDtsdDtxcXZiLyUmYW1wO2x0OzE3MzUwMjAhPW5laHVgLyEzNjQ9NTA1MSE5YWJre2EoJDE2MDIxMDozJmFtcDthbXA7JmFtcDtsdDtjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJmFtcDsjMzk7NzY0NjM7MjEkP2Via3BiJCZhbXA7YW1wOzAzNjY3MTcmYW1wO2d0OyomYW1wO2d0O2JnaXBmKyEzPTcxMjM2MyU5YWlod2MpITcyMDImYW1wO2x0OzIxNyZhbXA7IzM5OzllZm90bSgmYW1wO2FtcDsyMDA2MTs0OCZhbXA7YW1wOyZhbXA7Z3Q7YGRvcGIvJSZhbXA7bHQ7MTcwNzIwMCE9OCgmYW1wO2FtcDsyMDA1NTc1PyZhbXA7YW1wOyZhbXA7Z3Q7YGRvcGIvJSZhbXA7bHQ7MTcwNjoyMSE9bmVodWB%2BJmFtcDtxdW90O10mcXVvdDs%2BPCFET0NUWVBFIGh0bWw%2BPGh0bWwgbGFuZz0mcXVvdDtlbiZxdW90Oz4gPGhlYWQ%2BIDxtZXRhIGNoYXJzZXQ9JnF1b3Q7VVRGLTgmcXVvdDsvPiA8bWV0YSBuYW1lPSZxdW90O3ZpZXdwb3J0JnF1b3Q7IGNvbnRlbnQ9JnF1b3Q7d2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEuMCZxdW90Oy8%2BIDxtZXRhIGh0dHAtZXF1aXY9JnF1b3Q7WC1VQS1Db21wYXRpYmxlJnF1b3Q7IGNvbnRlbnQ9JnF1b3Q7aWU9ZWRnZSZxdW90Oy8%2BIDxtZXRhIG5hbWU9JnF1b3Q7cmVmZXJyZXImcXVvdDsgY29udGVudD0mcXVvdDtuby1yZWZlcnJlciZxdW90Oy8%2BIDx0aXRsZT5Eb2N1bWVudDwvdGl0bGU%2BIDxsaW5rIGhyZWY9JnF1b3Q7aHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M%2FZmFtaWx5PVJvYm90bzo0MDAsNzAwJmFtcDtkaXNwbGF5PXN3YXAmcXVvdDsgcmVsPSZxdW90O3N0eWxlc2hlZXQmcXVvdDsvPiA8bGluayBocmVmPSZxdW90O2h0dHBzOi8vZm9udHMuZ29vZ2xlYXBpcy5jb20vY3NzP2ZhbWlseT1TZWN1bGFyK09uZSZhbXA7ZGlzcGxheT1zd2FwJnF1b3Q7IHJlbD0mcXVvdDtzdHlsZXNoZWV0JnF1b3Q7Lz4gPHN0eWxlPi8qIHJlc2V0ICovIGFiYnIsIGFkZHJlc3MsIGFydGljbGUsIGFzaWRlLCBhdWRpbywgYiwgYmxvY2txdW90ZSwgYm9keSwgY2FudmFzLCBjYXB0aW9uLCBjaXRlLCBjb2RlLCBkZCwgZGVsLCBkZXRhaWxzLCBkZm4sIGRpdiwgZGwsIGR0LCBlbSwgZmllbGRzZXQsIGZpZ2NhcHRpb24sIGZpZ3VyZSwgZm9vdGVyLCBmb3JtLCBoMSwgaDIsIGgzLCBoNCwgaDUsIGg2LCBoZWFkZXIsIGhncm91cCwgaHRtbCwgaSwgaWZyYW1lLCBpbWcsIGlucywga2JkLCBsYWJlbCwgbGVnZW5kLCBsaSwgbWFyaywgbWVudSwgbmF2LCBvYmplY3QsIG9sLCBwLCBwcmUsIHEsIHNhbXAsIHNlY3Rpb24sIHNtYWxsLCBzcGFuLCBzdHJvbmcsIHN1Yiwgc3VtbWFyeSwgc3VwLCB0YWJsZSwgdGJvZHksIHRkLCB0Zm9vdCwgdGgsIHRoZWFkLCB0aW1lLCB0ciwgdWwsIHZhciwgdmlkZW97bWFyZ2luOiAwOyBwYWRkaW5nOiAwOyBib3JkZXI6IDA7IG91dGxpbmU6IDA7IGZvbnQtc2l6ZTogMTAwJTsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBiYWNrZ3JvdW5kOiAwIDA7fWJvZHl7bGluZS1oZWlnaHQ6IDE7fWFydGljbGUsIGFzaWRlLCBkZXRhaWxzLCBmaWdjYXB0aW9uLCBmaWd1cmUsIGZvb3RlciwgaGVhZGVyLCBoZ3JvdXAsIG1lbnUsIG5hdiwgc2VjdGlvbntkaXNwbGF5OiBibG9jazt9bmF2IHVse2xpc3Qtc3R5bGU6IG5vbmU7fWJsb2NrcXVvdGUsIHF7cXVvdGVzOiBub2&i=8-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
a8CTL0uLAR6VkCmqrstVfMGxiT96byrYeKvFvU_cPFo8Fl0ZuYcU4w==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=5lO31ibG9ja3F1b3RlOmFmdGVyLCBibG9ja3F1b3RlOmJlZm9yZSwgcTphZnRlciwgcTpiZWZvcmV7Y29udGVudDogJnF1b3Q7JnF1b3Q7OyBjb250ZW50OiBub25lO31he21hcmdpbjogMDsgcGFkZGluZzogMDsgZm9udC1zaXplOiAxMDAlOyB2ZXJ0aWNhbC1hbGlnbjogYmFzZWxpbmU7IGJhY2tncm91bmQ6IDAgMDt9aW5ze2JhY2tncm91bmQtY29sb3I6ICNmZjk7IGNvbG9yOiAjMDAwOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7fW1hcmt7YmFja2dyb3VuZC1jb2xvcjogI2ZmOTsgY29sb3I6ICMwMDA7IGZvbnQtc3R5bGU6IGl0YWxpYzsgZm9udC13ZWlnaHQ6IDcwMDt9ZGVse3RleHQtZGVjb3JhdGlvbjogbGluZS10aHJvdWdoO31hYmJyW3RpdGxlXSwgZGZuW3RpdGxlXXtib3JkZXItYm90dG9tOiAxcHggZG90dGVkOyBjdXJzb3I6IGhlbHA7fXRhYmxle2JvcmRlci1jb2xsYXBzZTogY29sbGFwc2U7IGJvcmRlci1zcGFjaW5nOiAwO31ocntkaXNwbGF5OiBibG9jazsgaGVpZ2h0OiAxcHg7IGJvcmRlcjogMDsgYm9yZGVyLXRvcDogMXB4IHNvbGlkICNjY2M7IG1hcmdpbjogMWVtIDA7IHBhZGRpbmc6IDA7fWlucHV0LCBzZWxlY3R7dmVydGljYWwtYWxpZ246IG1pZGRsZTt9PC9zdHlsZT4gPHN0eWxlPmh0bWx7Ym94LXNpemluZzogYm9yZGVyLWJveDt9Ym9keXtmb250LWZhbWlseTogJnF1b3Q7Um9ib3RvJnF1b3Q7LCBzYW5zLXNlcmlmO31he3RleHQtZGVjb3JhdGlvbjogbm9uZTsgY29sb3I6ICMwMDAwMDA7fXVsIGxpe2Rpc3BsYXk6IGJsb2NrOyBwYWRkaW5nOiAwOyBtYXJnaW46IDA7fS5jb250YWluZXJfX2lubmVye3dpZHRoOiBjYWxjKDEwMHZ3IC0gMTBweCk7IGhlaWdodDogY2FsYygxMDB2aCAtIDEwcHgpOyBtYXJnaW46IDVweCA1cHggNXB4IDVweDsgZGlzcGxheTogZmxleDsgYWxpZ24taXRlbXM6IGNlbnRlcjsganVzdGlmeS1jb250ZW50OiBzcGFjZS1hcm91bmQ7IGJhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyBjdXJzb3I6IGRlZmF1bHQ7fS5zdGFydF9fYnRue21pbi13aWR0aDogMjA3cHg7IGN1cnNvcjogcG9pbnRlcjsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KCB0byBib3R0b20sIHJnYmEoMCwgMTkyLCAxNiwgMSkgMCUsIHJnYmEoMCwgMTQ3LCA5LCAxKSAxMDAlICk7IGZvbnQtZmFtaWx5OiAmcXVvdDtTZWN1bGFyIE9uZSZxdW90Oywgc2Fucy1zZXJpZjsgZGlzcGxheTogaW5saW5lLWJsb2NrOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiB1cHBlcmNhc2U7IGNvbG9yOiAjZmZmOyBmb250LXdlaWdodDogYm9sZDsgYmFja2dyb3VuZC1jb2xvcjogIzAwYmEwZDsgcGFkZGluZzogMThweCA0NXB4OyBsZXR0ZXItc3BhY2luZzogMC4xZW07IHRleHQtc2hhZG93OiAxcHggMXB4IDJweCByZ2JhKDAsIDAsIDAsIDAuNzYpOyBib3JkZXI6IDFweCBzb2xpZCAjMDE0ZjA0OTQ7IGJvcmRlci1yYWRpdXM6IDEwcHg7IGJveC1zaGFkb3c6IDNweCAzcHggMHB4ICMwMTRmMDQ5NCwgMHB4IDNweCAxNXB4IHJnYmEoMCwgMCwgMCwgMC40KSwgaW5zZXQgMHB4IDFweCAwcHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjMpLCBpbnNldCAwcHggMHB4IDNweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNSk7IHRyYW5zaXRpb246IGJveC1zaGFkb3cgMjAwbXM7IHdpZHRoOiBjbGFtcCgyMDBweCwgNDB2dywgMzAwcHgpOyBwYWRkaW5nOiAxNHB4IDI1cHg7IGZvbnQtc2l6ZTogMjBweDsgZm9udC1zaXplOiBjbGFtcCgyMHB4LCA2dncsIDM4cHgpO30ubG9uZy10ZXh0e3dpZHRoOiBjbGFtcCgyMDBweCwgNDV2dywgMzUwcHgpO30uc3RhcnRfX2J0bjpmb2N1c3tvdXRsaW5lOiBub25lO30uc3RhcnRfX3dyYXBwZXJ7YWxpZ24taXRlbXM6IGNlbnRlcjsgZGlzcGxheTogZmxleDt9LmluZm97ZGlzcGxheTogZmxleDsgYWxpZ24taXRlbXM6IGZsZXgtZW5kO30uaW5mbyBoNHtmb250LXNpemU6IDE3cHg7IGxpbmUtaGVpZ2h0OiAyMXB4OyBmb250LXdlaWdodDogNzAwO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMThweDt9LmluZm9fX3N0ZXBzIHNwYW57Zm9udC13ZWlnaHQ6IDcwMDt9LmxvZ297bWFyZ2luLXRvcDogNjBweDsgbWluLXdpZHRoOiA3MHB4O30udGl0bGUtY29udGFpbmVye2Rpc3BsYXk6IGZsZXg7IGp1c3RpZnktY29udGVudDogY2VudGVyOyBmbGV4LWRpcmVjdGlvbjogY29sdW1uO30udGl0bGV7ZGlzcGxheTogYmxvY2s7IGZvbnQtc2l6ZTogY2xhbXAoMzBweCwgNHZ3LCA4MHB4KTsgdGV4dC1hbGlnbjogY2VudGVyOyBsaW5lLWhlaWdodDogMS4yOyBmb250LWZhbWlseTogYXV0bzt9LnRpdGxlLWFkZGl0aW9ue2ZvbnQtd2VpZ2h0OiA2MDA7fS5oaWRle2Rpc3BsYXk6IG5vbmU7fS5oYWxmLUltZy1BcnRpY2xlLW1haW57d2lkdGg6IDg4dnc7IGZvbnQtc2l6ZTogMTMuNXB4OyBsaW5lLWhlaWdodDogMS4yO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHR7bWFyZ2luLXRvcDogM3ZoO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHQ6ZW1wdHl7ZGlzcGxheTogbm9uZTt9LnByZXNzLWRvd246YWN0aXZlLCAucHJlc3MtZG93bjpmb2N1cywgLnByZXNzLWRvd246dmlzaXRlZHt0cmFuc2Zvcm06IHRyYW5zbGF0ZVkoMXB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNzI5cHgpey5zdGFydF9fYnRue21pbi13aWR0aDogMjA3cHg7IHBhZGRpbmc6IDE2cHggMTBweDsgd2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzMDBweCk7IGZvbnQtc2l6ZTogNC43dnc7fS5sb25nLXRleHR7d2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzNTBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNTAwcHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogOTZ2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMjBweCl7LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiA4OXZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEwMHB4KXtoNHtkaXNwbGF5OiBub25lO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDc5cHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogODR2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDU5NnB4KXsuY29udGFpbmVyX19vdXRlcntoZWlnaHQ6IDEwMHZoOyAvKiBiYWNrZ3JvdW5kLWNvbG9yOiBncmV5OyAqLyBkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjt9LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiAxMDAlO30uaW5mb3toZWlnaHQ6IDEwMHZoO30uaW5mb19fd3JhcHBlcntkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBoZWlnaHQ6IDEwMCU7IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNTk2cHgpey5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgxODBweCwgNTB2dywgMjUwcHgpOyBtaW4td2lkdGg6IDE3NXB4OyBtaW4taGVpZ2h0OiA1MHB4OyBwYWRkaW5nOiA5cHggMTNweDsgZm9udC1zaXplOiAxNnB4OyBmb250LXNpemU6IGNsYW1wKDE2cHgsIDV2dywgMzBweCk7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMTRweDsgbGluZS1oZWlnaHQ6IDE4cHg7fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAxNHB4O30ubG9nb3tmb250LXNpemU6IDEycHg7IG1hcmdpbi10b3A6IDQ1cHg7IG1pbi13aWR0aDogNTBweDt9fS5saW5rcy10cnktYWdhaW57ZmxleC1kaXJlY3Rpb246IHJvdy1yZXZlcnNlO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA0NThweCl7LmNvbnRhaW5lcl9faW5uZXJ7ZmxleC1kaXJlY3Rpb246IGNvbHVtbjt9Lmxpbmtze2ZsZXgtZGlyZWN0aW9uOiBpbmhlcml0O30ubGlua3MtdHJ5LWFnYWlue2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTt9LmluZm97bWFyZ2luLXRvcDogNnZtaW47IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGFsaWduLWl0ZW1zOiBjZW50ZXI7fS5sb2dve2ZvbnQtc2l6ZTogMTVweDsgbWFyZ2luLXRvcDogNnZtaW47IG1hcmdpbi1sZWZ0OiA3NSU7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMThweDsgbGluZS1oZWlnaHQ6IDEuM2VtO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMS4yZW07fS5zdGFydF9fYnRuey8qIHdpZHRoOiAyMzBweDsgKi8gLyogcGFkZGluZzogMThweCA0MHB4OyAqLyAvKiBmb250LXNpemU6IDIwcHg7ICovIHdpZHRoOiA5NHZ3OyBwYWRkaW5nOiAyNHB4IDE0cHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTJ2dywgNDBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyODBweCl7LnN0YXJ0X19idG57d2lkdGg6IDk1dnc7IG1pbi13aWR0aDogMTA2cHg7IHBhZGRpbmc6IDIwcHggNHB4OyBmb250LXNpemU6IDE4cHg7IGZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMjFweCk7fS5sb25nLXRleHR7Zm9udC1zaXplOiBjbGFtcCgxM3B4LCAxM3Z3LCAxOHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDIwMHB4KXsubG9uZy10ZXh0e2ZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMTVweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAxNTBweCl7LmxvbmctdGV4dHtmb250LXNpemU6IGNsYW1wKDEzcHgsIDEzdncsIDEzcHgpO319LmxvZ297Zm9udC1zaXplOiAxM3B4OyBtYXJnaW4tbGVmdDogNjAlO30uaW5mbyBoNHtmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAyZW07fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAyZW07fS8qIFJFU1BPTlNJVkUgKi8gLnN0YXJ0X19hcnJvdywgLmxvZ297ZGlzcGxheTogbm9uZTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogMTYwcHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LmxvZ297ZGlzcGxheTogYmxvY2s7fX0uY29udGFpbmVyX19pbm5lcntoZWlnaHQ6IDEwMHZoOyBoZWlnaHQ6IGNhbGMoMTAwdmggLSAxMHB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogNTAwcHgpIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fS5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgyMDBweCwgNTB2dywgNTAwcHgpOyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDZ2dywgNjBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5pbmZvX19zdGVwc3tkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWV2ZW5seTsgbGluZS1oZWlnaHQ6IGluaGVyaXQ7IGZvbnQtc2l6ZTogY2xhbXAoMTVweCwgNS41dncsIDE4cHgpO30uaW5mb19fd3JhcHBlcnsvKiBoZWlnaHQ6IDEwMCU7ICovIGRpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogY2VudGVyOyBtYXgtd2lkdGg6IDEwMHZ3OyBtYXgtd2lkdGg6IGNhbGMoMTAwdncgLSAxMHB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fS5pbmZve2ZsZXg6IDU1JTt9LnN0YXJ0e2ZsZXg6IDM1JTsgZGlzcGxheTogZmxleDsgZmxleDogdW5zZXQ7fS5sb2dve2Rpc3BsYXk6IGZsZXg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMzUwcHgpey5pbmZvX193cmFwcGVye2xpbmUtaGVpZ2h0OiA3dmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNDlweCl7LmluZm9fX3N0ZXBze2Rpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5OyAvKiBsaW5lLWhlaWdodDogMjB2aDsgKi8gbGluZS1oZWlnaHQ6IDIwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MD&i=9-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
oX26Mnu0oEGy950zULcx4h1OFgTQqODrD8zXW82zGX_1y19LN-1yzA==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=BweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDEuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDJ2aCwgMjJweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogNTAwcHgpIGFuZCAobWluLXdpZHRoOiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDMuNXZoLCAyMnB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDIuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7LmxvZ297d2lkdGg6IDEwMHZ3O319LmxpbmtfdGV4dHtjb2xvcjogIzFhMGRhYjsgZm9udC1zaXplOiAxOXB4OyBmb250LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7IGN1cnNvcjogcG9pbnRlcjt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDIwMHB4KXsubGlua190ZXh0e3RyYW5zZm9ybTogdHJhbnNsYXRlWSgtNXB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxNjBweCl7LmxpbmtfdGV4dHtmb250LXNpemU6IDE4cHg7fS5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEyNXB4KXsubGlua190ZXh0e2Rpc3BsYXk6IG5vbmU7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTEwcHgpey5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4OyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDEwdncsIDQwcHgpOyBsaW5lLWhlaWdodDogMS4yO30uYWR2X25hbWV7LyogZGlzcGxheTogbm9uZTsgKi99LmNvbnRhaW5lcl9faW5uZXJ7LyoganVzdGlmeS1jb250ZW50OiBjZW50ZXI7ICovfX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNzRweCl7LnN0YXJ0X19idG57cGFkZGluZzogNnB4IDEzcHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgOXZ3LCA0MHB4KTsgbGluZS1oZWlnaHQ6IDE7IG1pbi1oZWlnaHQ6IHVuc2V0OyB3aWR0aDogODV2dzt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiA2MHB4KXsuc3RhcnRfX2J0bntwYWRkaW5nOiAxNXB4IDVweDsgbGluZS1oZWlnaHQ6IDAuMzsgZm9udC1zaXplOiBjbGFtcCgxMnB4LCA0LjV2dywgNDBweCk7IHdpZHRoOiA0MHZ3OyBtaW4taGVpZ2h0OiB1bnNldDsgbWluLXdpZHRoOiBtYXgtY29udGVudDt9LmxvbmctdGV4dHt3aWR0aDogNzV2dzsgcGFkZGluZzogMTZweCAwcHg7fS5saW5rc3tmbGV4LWRpcmVjdGlvbjogcm93O30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiBjbGFtcCg5cHgsIDE4dmgsIDEycHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDYwcHgpIGFuZCAobWF4LXdpZHRoOiAyODBweCl7LmluZm9fX3N0ZXBze2ZvbnQtc2l6ZTogY2xhbXAoOHB4LCAxNHZoLCAxMnB4KTt9LnN0YXJ0e21hcmdpbi1yaWdodDogMTBweDt9fS5saW5rX3RleHQ6aG92ZXJ7dGV4dC1kZWNvcmF0aW9uOiB1bmRlcmxpbmU7fS5hZHZfbmFtZXsvKiBwb3NpdGlvbjogYWJzb2x1dGU7ICovIC8qIGJvdHRvbTogMDsgcmlnaHQ6IDA7ICovIC8qIGZvbnQtc2l6ZTogMTRweDsgZm9udC1zaXplOiBjbGFtcCgxMnB4LCAxLjZ2dywgMTRweCk7ICovIGRpc3BsYXk6IGlubGluZTt9LnN0YXJ0X19idG57dHJhbnNpdGlvbjogYWxsIDAuMnMgZWFzZS1pbi1vdXQ7fS5nb2xkZW4tdGV4dC1zaGFkb3d7dGV4dC1zaGFkb3c6IHJnYigxNjgsIDk5LCA1OSkgMXB4IDFweCA2cHgsIHJnYigxNjgsIDk5LCA1OSkgLTFweCAtMXB4IDBweCwgcmdiKDE2OCwgOTksIDU5KSAxcHggLTFweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgLTFweCAxcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDFweCAxcHggMHB4O31AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LmdvbGRlbi10ZXh0LXNoYWRvd3t0ZXh0LXNoYWRvdzogcmdiKDE2OCwgOTksIDU5KSAxLjVweCAxLjVweCA2cHgsIHJnYigxNjgsIDk5LCA1OSkgLTEuNXB4IC0xLjVweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMS41cHggLTEuNXB4IDBweCwgcmdiKDE2OCwgOTksIDU5KSAtMS41cHggMS41cHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDEuNXB4IDEuNXB4IDBweDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDcwMHB4KXsuZ29sZGVuLXRleHQtc2hhZG93e3RleHQtc2hhZG93OiByZ2IoMTY4LCA5OSwgNTkpIDJweCAycHggNnB4LCByZ2IoMTY4LCA5OSwgNTkpIC0ycHggLTJweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMnB4IC0ycHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIC0ycHggMnB4IDBweCwgcmdiKDE2OCwgOTksIDU5KSAycHggMnB4IDBweDt9fS5idG4tc2NhbGUtaG92ZXI6aG92ZXJ7dHJhbnNmb3JtOiBzY2FsZSgxLjIpO30uZXh0ZXJuYWwtaG92ZXItYnRuLXNjYWxlOmhvdmVyIC5zdGFydF9fYnRue3RyYW5zZm9ybTogc2NhbGUoMS4yKTt9Lmxpbmtze2Rpc3BsYXk6IGluaGVyaXQ7IGp1c3RpZnktY29udGVudDogaW5oZXJpdDsgYWxpZ24taXRlbXM6IGluaGVyaXQ7IHdpZHRoOiBpbmhlcml0OyBoZWlnaHQ6IGluaGVyaXQ7fS5saW5rcy1sb25nLXRpdGxle2Rpc3BsYXk6IGZsZXg7IGFsaWduLWl0ZW1zOiBjZW50ZXI7IHdpZHRoOiAxMDB2dzsganVzdGlmeS1jb250ZW50OiBjZW50ZXI7IGhlaWdodDogdW5zZXQ7fS5idG4tbG9uZy10aXRsZXtwYWRkaW5nOiAwOyBtYXJnaW4tdG9wOiAydmg7fS5maXhlZC10aXRsZXtmb250LXNpemU6IGNsYW1wKDE4cHgsIDR2dywgODBweCk7fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMTBweCl7LmJ0bi1sb25nLXRpdGxle2ZvbnQtc2l6ZTogY2xhbXAoMjVweCwgM3Z3LCA0MHB4KTsgd2lkdGg6IHVuc2V0OyBtYXJnaW4tdG9wOiA1dmg7IHBhZGRpbmc6IDN2aCAwO319QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDQwMHB4KXsuYnRuLWxvbmctdGl0bGV7Zm9udC1zaXplOiBjbGFtcCgyNXB4LCAzdncsIDQwcHgpO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNDU4cHgpey5idG4tbG9uZy10aXRsZXt3aWR0aDogdW5zZXQ7IGZvbnQtc2l6ZTogY2xhbXAoMjVweCwgMTB2dywgNDBweCk7IHBhZGRpbmc6IDJ2aCA0dnc7IG1hcmdpbi10b3A6IDR2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiAzMDBweCksIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogMzAwcHgpey5idG4tbG9uZy10aXRsZXttYXJnaW4tdG9wOiA1dmg7IHdpZHRoOiB1bnNldDsgcGFkZGluZzogMS41dmggMy41dnc7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTB2dywgNDBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTgwcHgpey50aXRsZS1jb250YWluZXJ7ZmxleC1kaXJlY3Rpb246IHJvdzt9LnRpdGxlLWFkZGl0aW9ue3BhZGRpbmctbGVmdDogOHB4O30uYnRuLWxvbmctdGl0bGV7bWFyZ2luLXRvcDogMXZoO30uZml4ZWQtdGl0bGV7ZGlzcGxheTogbm9uZTt9fS5zZWNvbmQtYWQtd3JhcHBlciAubGlua3N7anVzdGlmeS1jb250ZW50OiBjZW50ZXI7fS5zZWNvbmQtYWQtd3JhcHBlciAuY29udGFpbmVyX19pbm5lcntwYWRkaW5nOiAwO30uc2Vjb25kLWFke2Rpc3BsYXk6IG5vbmU7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGJhY2tncm91bmQtY29sb3I6ICNmZmY7IGJvcmRlcjogMXB4IHNvbGlkICNjZmNmY2Y7IHdpZHRoOiAxMDB2dzsgcG9zaXRpb246IGFic29sdXRlOyBib3R0b206IDA7IGxlZnQ6IDA7IHJpZ2h0OiAwOyBib3gtc2l6aW5nOiBib3JkZXItYm94O30uc2Vjb25kLWFkLXdyYXBwZXIgLnNlY29uZC1hZC10b3B7Y29sb3I6ICM1NDU0NTQ7IGZvbnQtd2VpZ2h0OiA0MDA7IHBhZGRpbmc6IDR2aCA1dnc7IGJvcmRlci1ib3R0b206IDFweCBzb2xpZCAjY2ZjZmNmOyBtYXJnaW4tYm90dG9tOiAxdmg7IGZvbnQtc2l6ZTogMTZweDt9LnNlY29uZC1hZC1jb250YWluZXJ7ZGlzcGxheTogZmxleDsganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOyBhbGlnbi1pdGVtczogY2VudGVyOyBwYWRkaW5nOiA0dmggNXZ3OyBmb250LXNpemU6IDE0cHg7fS5zZWNvbmQtYWQtd3JhcHBlciBwe2NvbG9yOiAjYjliOGI4O30uc2Vjb25kLWFkLXdyYXBwZXIgLnNlY29uZC1hZC1jdGF7YmFja2dyb3VuZC1jb2xvcjogIzI5YmFkNjsgY29sb3I6ICNmZmY7IHBhZGRpbmc6IDJ2aCAydnc7IGJvcmRlci1yYWRpdXM6IDZweDsgZm9udC1zaXplOiAxMnB4O31AbWVkaWEgKG1pbi1hc3BlY3QtcmF0aW86IDIvMjApLCAobWluLWFzcGVjdC1yYXRpbzogOS8yMCl7QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDE4MHB4KXsuc2Vjb25kLWFkLXdyYXBwZXJ7LypiYWNrZ3JvdW5kLWNvbG9yOiAjQ0ZDRkNGOyovfS5zZWNvbmQtYWR7ZGlzcGxheTogZmxleDt9LnNlY29uZC1hZC13cmFwcGVyIC5saW5rc3tqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWFyb3VuZDt9LmxpbmtfdGV4dHt0cmFuc2Zvcm06IHVuc2V0O30uc2Vjb25kLWFkLXdyYXBwZXIgLmxpbmtze2p1c3RpZnktY29udGVudDogY2VudGVyOyBtYXJnaW4tYm90dG9tOiAzMHZoO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyMDBweCl7LnNlY29uZC1hZC13cmFwcGVyIC5zZWNvbmQtYWQtdG9we2ZvbnQtc2l6ZTogMTNweDt9LnNlY29uZC1hZC13cmFwcGVyIHB7Zm9udC1zaXplOiAxMnB4O30uc2Vjb25kLWFkLXdyYXBwZXIgLnNlY29uZC1hZC1jdGF7cGFkZGluZzogMS4ydmggNHZ3O30uc2Vjb25kLWFke2xpbmUtaGVpZ2h0OiAxLjM7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyNTBweCl7LnNlY29uZC1hZC13cmFwcGVyIC5saW5rc3ttYXJnaW4tYm90dG9tOiA0MHZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNDU4cHgpey5zdGFydF9fYnRue3BhZGRpbmc6IDF2aCAzdnc7IGZvbnQtc2l6ZTogY2xhbXAoMTVweCwgMTB2dywgNDBweCk7IHdpZHRoOiA4NXZ3O319fX1AbWVkaWEgKG1pbi1hc3BlY3QtcmF0aW86IDMvMSl7QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi1oZWlnaHQ6IDgwcHgpIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LnNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLnNlY29uZC1hZHtwb3NpdGlvbjogdW5zZXQ7IGRpc3BsYXk6IGZsZXg7IGhlaWdodDogMTAwdmg7IHBvc2l0aW9uOiBhYnNvbHV0ZTsgcmlnaHQ6IDA7IGxlZnQ6IHVuc2V0OyB3aWR0aDogNDB2dzt9LmZsaXAtc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAuc2Vjb25kLWFke2xlZnQ6IDA7fS5zZWNvbmQtYWQtaG9yaXpvbnRhbC13cmFwcGVyICNjdGF7d2lkdGg6IDYwdnc7IGRpc3BsYXk6IGZsZXg7IGp1c3RpZnktY29udGVudDogY2VudGVyO30uc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAubGlua3N7bWFyZ2luOiAwOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWJldHdlZW47fS5mbGlwLXNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLmxpbmtze2ZsZXgtZGlyZWN0aW9uOiByb3ctcmV2ZXJzZTt9LnNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLmxpbmtfdGV4dHt0cmFuc2Zvcm06IHVuc2V0OyBkaXNwbGF5OiBmbGV4O30uc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAuc2Vjb25kLWFkLXRvcHtmb250LXNpemU6IDE3cHg7IGhlaWdodDogNTAlOyBwYWRkaW5nOiAwOyBkaXNwbGF5OiBmbGV4OyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgYWxpZ24taXRlbXM6IGNlbnRlcjsgbWFyZ2luOiAwO30uc2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciAuc2Vjb25kLWFkLWN0YXtwYWRkaW5nOiAzdmggMi41dnc7IGZvbnQtc2l6ZTogMTRweDt9LnNlY29uZC&i=10-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
RYWzKSxA61ORdq8bQtEXo0fwv6Ee4rRADYOHafZWsXyElb5J9ZH0vg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=1hZC1ob3Jpem9udGFsLXdyYXBwZXIgcHtmb250LXNpemU6IDE1cHg7fS5zZWNvbmQtYWQtaG9yaXpvbnRhbC13cmFwcGVyIC5zZWNvbmQtYWQtY29udGFpbmVye3BhZGRpbmc6IDA7IGp1c3RpZnktY29udGVudDogc3BhY2UtYXJvdW5kOyBoZWlnaHQ6IDUwJTt9LnNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXIgLmxpbmtfdGV4dDpob3Zlcnt0ZXh0LWRlY29yYXRpb246IG5vbmU7fX19PC9zdHlsZT4gPHNjcmlwdD52YXIgY2xpY2tlZD1mYWxzZTsgd2luZG93LmxpbmtUYXJnZXQ9JnF1b3Q7X2JsYW5rJnF1b3Q7OyBmdW5jdGlvbiBuZXYoYSl7dmFyIHRpbWV6b25lT2Zmc2V0PW5ldyBEYXRlKCkuZ2V0VGltZXpvbmVPZmZzZXQoKTsgdmFyIHRpbWV6b25lPW51bGw7IGlmIChhPT0mcXVvdDtjbGsmcXVvdDspe3dpbmRvdy5lZT10cnVlOyBpZiAoY2xpY2tlZCl7bmV2KCZxdW90O2Nsa19hZ24mcXVvdDspO31pZiAoaXNUcnVlKHBhcmFtcy50cnlBZ2Fpbikpe3RyeUFnYWluSGFuZGxlcigpO31jbGlja2VkPXRydWU7IGlmIChpc1RydWUocGFyYW1zLm9wZW5Jbk5ld1dpbmRvdykpe2xldCBuZXdXaW5kb3dQYXJhbXM9YHdpZHRoPSR7d2luZG93Lm91dGVyV2lkdGh9LGhlaWdodD0ke3dpbmRvdy5vdXRlckhlaWdodH0sbGVmdD0wLHRvcD0wLHRvb2xiYXI9MCxzdGF0dXM9MCxtZW51YmFyPTAsc2Nyb2xsYmFycz0wLHJlc2l6YWJsZT0wYDsgd2luZG93Lm9wZW4oICZxdW90O2h0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYW1wO2FpPUNITDJBZzV5OFlabm9KTWpyM3dPMV9ZSElBNnlkNHE1bXVkQ3V5cFlQd0kyM0FSQUJJQUJnbGJLaGdyQUhnZ0VYWTJFdGNIVmlMVFF4TVRNMk9ERTRPREl6TVRFME5UWElBUW5nQWdDb0F3R3FCS2dDVDlDS2VqcGZDc2ZCdlFjTVJaVGJFRVI3bmhjc1pPcW5kaTdiM0dWMXRCLXlzdDF2T0RhVkpXOWFBQ0xRRXE2a2hLeHVDOHFEcnpLNkd1XzVmRUh0UUIxbERXSWhmQTV2WjZEY0lzZWRBa1QxT3VIWk9yN2p3NHItcmF2REhOLU5RenZPNkFxd2F6VDZiMzg2eW42RzR2TjhiMWM1LVpjR2h6TklPZnFZTTY1YnpnX2RKM2VBTWJwLWI4YzVFWUNJQmJNbnhydVlWZHQ4SGtXbG1SbVBRWHNycjFsM3ZJZjFZQ2V5OVlVMUdSZ1p6QXVZSXdnQjJVSjE1c2RBeW9TWnlYbm9qS0w2V3lZczRMYm9QRUg5UXRyY2JGR0JUalBwRDJZVDMxZ01LSFhOdERBX0pGcjA1NzdPQ2pEc1ZwcVRqcjRyYXB1YTJIZGNudEZ4Wng2cm1VN3lRMVo5YmdGMTMtMnBuUU9mMHU4ZlFNS3MwRkxOSEhsZDJFM1VCNGxDdFA2VmpEVC1BcFhnQkFHQUJwNkhqYmVNLV9XVkpxQUdJYWdIcHI0YnFBZVcyQnVvQjZxYnNRS29COS1mc1FMWUJ3RFNDQVVJaUdFUUFmb0xBZ2dCZ0F3QjBCVUJnQmNCJmFtcDtudW09MSZhbXA7c2lnPUFPRDY0XzNiTkFKMUxJODg2dWRLLXIyUkVIajktZ0lxYVEmYW1wO2NsaWVudD1jYS1wdWItNDExMzY4MTg4MjMxMTQ1NSZhbXA7YWR1cmw9aHR0cHMlM0ElMkYlMkZwcm90ZWN0aW9uLmJ5Z3VhcmRpby5jb20lMkYlM0ZjbGljayUzRDYzYzE0OTAwLTVmNDQtMTFlYy1hMzdiLWY2ZDMyZTBiYTc5NCUyNnV0bV9zb3VyY2UlM0RhZHhfZ3JkX2dlbjExXzIlMjZtaWQlM0Q2M2MxNDkwMC01ZjQ0LTExZWMtYTM3Yi1mNmQzMmUwYmE3OTQlMjZ1dG1fdGVzdCUzRGFmZnNjYW4lMjZhZmZfaWQlM0Q2MTEmcXVvdDssICZxdW90O2xwJnF1b3Q7LCBuZXdXaW5kb3dQYXJhbXMgKTt9ZWxzZXt3aW5kb3cub3BlbiggJnF1b3Q7aHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9TCZhbXA7YWk9Q0hMMkFnNXk4WVpub0pNanIzd08xX1lISUE2eWQ0cTVtdWRDdXlwWVB3STIzQVJBQklBQmdsYktoZ3JBSGdnRVhZMkV0Y0hWaUxUUXhNVE0yT0RFNE9ESXpNVEUwTlRYSUFRbmdBZ0NvQXdHcUJLZ0NUOUNLZWpwZkNzZkJ2UWNNUlpUYkVFUjduaGNzWk9xbmRpN2IzR1YxdEIteXN0MXZPRGFWSlc5YUFDTFFFcTZraEt4dUM4cURyeks2R3VfNWZFSHRRQjFsRFdJaGZBNXZaNkRjSXNlZEFrVDFPdUhaT3I3anc0ci1yYXZESE4tTlF6dk82QXF3YXpUNmIzODZ5bjZHNHZOOGIxYzUtWmNHaHpOSU9mcVlNNjViemdfZEozZUFNYnAtYjhjNUVZQ0lCYk1ueHJ1WVZkdDhIa1dsbVJtUFFYc3JyMWwzdklmMVlDZXk5WVUxR1JnWnpBdVlJd2dCMlVKMTVzZEF5b1NaeVhub2pLTDZXeVlzNExib1BFSDlRdHJjYkZHQlRqUHBEMllUMzFnTUtIWE50REFfSkZyMDU3N09DakRzVnBxVGpyNHJhcHVhMkhkY250RnhaeDZybVU3eVExWjliZ0YxMy0ycG5RT2YwdThmUU1LczBGTE5ISGxkMkUzVUI0bEN0UDZWakRULUFwWGdCQUdBQnA2SGpiZU0tX1dWSnFBR0lhZ0hwcjRicUFlVzJCdW9CNnFic1FLb0I5LWZzUUxZQndEU0NBVUlpR0VRQWZvTEFnZ0JnQXdCMEJVQmdCY0ImYW1wO251bT0xJmFtcDtzaWc9QU9ENjRfM2JOQUoxTEk4ODZ1ZEstcjJSRUhqOS1nSXFhUSZhbXA7Y2xpZW50PWNhLXB1Yi00MTEzNjgxODgyMzExNDU1JmFtcDthZHVybD1odHRwcyUzQSUyRiUyRnByb3RlY3Rpb24uYnlndWFyZGlvLmNvbSUyRiUzRmNsaWNrJTNENjNjMTQ5MDAtNWY0NC0xMWVjLWEzN2ItZjZkMzJlMGJhNzk0JTI2dXRtX3NvdXJjZSUzRGFkeF9ncmRfZ2VuMTFfMiUyNm1pZCUzRDYzYzE0OTAwLTVmNDQtMTFlYy1hMzdiLWY2ZDMyZTBiYTc5NCUyNnV0bV90ZXN0JTNEYWZmc2NhbiUyNmFmZl9pZCUzRDYxMSZxdW90Oywgd2luZG93LmxpbmtUYXJnZXQgKTt9fXRyeXt0aW1lem9uZT1JbnRsLkRhdGVUaW1lRm9ybWF0KCkucmVzb2x2ZWRPcHRpb25zKCkudGltZVpvbmU7fWNhdGNoe312YXIgdXJsPSZxdW90O2h0dHBzOi8vZy5hbGdiaWQuYXBwL3J0aW1wP3NpZD02M2MxNDkwMC01ZjQ0LTExZWMtYTM3Yi1mNmQzMmUwYmE3OTQmYW1wO2Q9dGhyZWF0cG9zdC5jb20mYW1wO2NyPWdyZF9nZW4xMV8yJmFtcDtnaWQ9JmFtcDthPSZxdW90OyArIGEgKyAmcXVvdDsmYW1wO3A9WWJ5Y2d3QUpOQmtLZF9YSUFBQi10WU9QS05FT3dnYVFZNXI3blEmYW1wO3I9NjcyNzA3ODQyJmFtcDtvdz0mcXVvdDsgKyB3aW5kb3cub3V0ZXJXaWR0aCArICZxdW90OyZhbXA7b2g9JnF1b3Q7ICsgd2luZG93Lm91dGVySGVpZ2h0ICsgJnF1b3Q7JmFtcDt0em9mPSZxdW90OyArIHRpbWV6b25lT2Zmc2V0ICsgJnF1b3Q7JmFtcDt0ej0mcXVvdDsgKyB0aW1lem9uZSArICZxdW90OyZhbXA7cHhyPSZxdW90OyArIHdpbmRvdy5kZXZpY2VQaXhlbFJhdGlvOyBuZXcgSW1hZ2UoKS5zcmM9dXJsO312YXIgdnc9ZmFsc2U7IGZ1bmN0aW9uIGhhbmRsZU0oZSl7aWYgKCF2dyAmYW1wOyZhbXA7IGUuZGF0YSAmYW1wOyZhbXA7IGUuZGF0YS5pbmRleE9mKCZxdW90Ozc9MSZxdW90OykgPiAtMSl7dnc9dHJ1ZTsgbmV2KCZxdW90O3Z3JnF1b3Q7KTsgd2luZG93LnJlbW92ZUV2ZW50TGlzdGVuZXIoJnF1b3Q7bWVzc2FnZSZxdW90OywgaGFuZGxlTSk7fX13aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcigmcXVvdDttZXNzYWdlJnF1b3Q7LCBoYW5kbGVNKTsgPC9zY3JpcHQ%2BIDwvaGVhZD4gPGJvZHkgb25sb2FkPSZxdW90O25ldignaW1sb2FkJyk7JnF1b3Q7IHN0eWxlPSZxdW90O2Rpc3BsYXk6IG5vbmUmcXVvdDs%2BIDxkaXYgc3R5bGU9JnF1b3Q7b3ZlcmZsb3c6aGlkZGVuO3Bvc2l0aW9uOnJlbGF0aXZlOyB3aWR0aDoxMDAlOyZxdW90Oz4gPHNlY3Rpb24gY2xhc3M9JnF1b3Q7bWFpbiZxdW90Oz4gPGRpdiBjbGFzcz0mcXVvdDtjb250YWluZXIgY29udGFpbmVyX19vdXRlciZxdW90Oz4gPGRpdiBjbGFzcz0mcXVvdDtjb250YWluZXJfX2lubmVyIG9wZW5fbGluayZxdW90OyBvbmNsaWNrPSZxdW90O2V2ZW50LnN0b3BQcm9wYWdhdGlvbigpOyBuZXYoJ2NsaycpOyBuZXYoJ3dyYXBwZXJjbGsnKTsmcXVvdDsgb25tb3VzZW92ZXI9JnF1b3Q7bmV2KCd3cmFwaG92Jyk7JnF1b3Q7IGlkPSZxdW90O3dyYXBwZXImcXVvdDsgPiA8ZGl2IGNsYXNzPSZxdW90O2xpbmtzJnF1b3Q7PiA8YSBjbGFzcz0mcXVvdDtvcGVuX2xpbmsmcXVvdDsgaHJlZj0mcXVvdDsjJnF1b3Q7IG9uY2xpY2s9JnF1b3Q7ZXZlbnQuc3RvcFByb3BhZ2F0aW9uKCk7IG5ldignY2xrJyk7IG5ldignY3RhY2xrJyk7JnF1b3Q7IG9ubW91c2VvdmVyPSZxdW90O25ldignaG92Jyk7JnF1b3Q7IG9udG91Y2hzdGFydD0mcXVvdDtuZXYoJ2N0YXRvdWNoJyk7JnF1b3Q7IGlkPSZxdW90O2N0YSZxdW90OyA%2BIDxkaXYgY2xhc3M9JnF1b3Q7c3RhcnQmcXVvdDs%2BIDxkaXYgY2xhc3M9JnF1b3Q7c3RhcnRfX3dyYXBwZXImcXVvdDs%2BIDxidXR0b24gY2xhc3M9JnF1b3Q7c3RhcnRfX2J0biZxdW90Oz4gU3RhcnQgTm93IDwvYnV0dG9uPiA8L2Rpdj48L2Rpdj48L2E%2BIDxhIGNsYXNzPSZxdW90O29wZW5fbGluayZxdW90OyBocmVmPSZxdW90OyMmcXVvdDsgb25jbGljaz0mcXVvdDtldmVudC5zdG9wUHJvcGFnYXRpb24oKTsgbmV2KCdjbGsnKTsgbmV2KCd0eHRjbGsnKTsmcXVvdDsgb25tb3VzZW92ZXI9JnF1b3Q7bmV2KCd0eHRob3YnKTsmcXVvdDsgb250b3VjaHN0YXJ0PSZxdW90O25ldigndHh0dG91Y2gnKTsmcXVvdDsgaWQ9JnF1b3Q7YXR4dCZxdW90OyA%2BIDxkaXYgY2xhc3M9JnF1b3Q7aW5mb19fd3JhcHBlciZxdW90Oz4gPGg0PjwvaDQ%2BIDx1bCBjbGFzcz0mcXVvdDtpbmZvX19zdGVwcyZxdW90Oz4gPGxpPiAxLiA8c3Bhbj5DbGljazwvc3Bhbj4gJnF1b3Q7U3RhcnQgTm93JnF1b3Q7IDwvbGk%2BPGxpPiAyLiA8c3Bhbj5Db250aW51ZTwvc3Bhbj4gb24gb3VyIHdlYnNpdGUgPC9saT48bGk%2BIDMuIDxzcGFuPkdldDwvc3Bhbj4gPHNwYW4%2BIDxkaXYgY2xhc3M9JnF1b3Q7YWR2X25hbWUmcXVvdDs%2BIEd1YXJkaW8gPC9kaXY%2BPC9zcGFuPiBmb3IgQ2hyb21lIDwvbGk%2BPC91bD4gPC9kaXY%2BPC9hPiA8L2Rpdj48L2Rpdj48L2Rpdj48L3NlY3Rpb24%2BIDwvZGl2PjxzY3JpcHQ%2BZnVuY3Rpb24gaW5qZWN0Q3NzKGNzcyl7dmFyIHN0eWxlPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJnF1b3Q7c3R5bGUmcXVvdDspOyBkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKHN0eWxlKTsgc3R5bGUudHlwZT0mcXVvdDt0ZXh0L2NzcyZxdW90OzsgaWYgKHN0eWxlLnN0eWxlU2hlZXQpe3N0eWxlLnN0eWxlU2hlZXQuY3NzVGV4dD1jc3M7fWVsc2V7c3R5bGUuYXBwZW5kQ2hpbGQoZG9jdW1lbnQuY3JlYXRlVGV4dE5vZGUoY3NzKSk7fX12YXIgY29sb3JzPXtncmVlbjp7YmFja2dyb3VuZDogJnF1b3Q7bGluZWFyLWdyYWRpZW50KHRvIGJvdHRvbSwgIzAwYzAxMCAwJSwgIzAwOTMwOSAxMDAlKSZxdW90Oywgc2hhZG93Q29sb3I6ICZxdW90OyMwMTRGMDQ5NCZxdW90O30sIGJsdWU6e2JhY2tncm91bmQ6ICZxdW90O2xpbmVhci1ncmFkaWVudCgxODBkZWcsICMyMTk2ZjMgMCUsICMxOTc2ZDIgMTAwJSkmcXVvdDssIHNoYWRvd0NvbG9yOiAmcXVvdDsjMTk3NmQyJnF1b3Q7fSwgcmVkOntiYWNrZ3JvdW5kOiAmcXVvdDtsaW5lYXItZ3JhZGllbnQoMTgwZGVnLCAjZjQ0MzM2IDAlLCAjZDMyZjJmIDEwMCUpJnF1b3Q7LCBzaGFkb3dDb2xvcjogJnF1b3Q7I2M2MjgyOCZxdW90O30sIGdvbGQ6e2JhY2tncm91bmQ6ICZxdW90O2xpbmVhci1ncmFkaWVudCgxODBkZWcsICNmZmJmMDAgMCUsICNmZmNmNDAgMTAwJSkmcXVvdDssIHNoYWRvd0NvbG9yOiAmcXVvdDsjYmY5YjMwJnF1b3Q7fX07IGZ1bmN0aW9uIGlzVHJ1ZShwYXJhbSl7cmV0dXJuICggcGFyYW0gIT09dW5kZWZpbmVkICZhbXA7JmFtcDsgKHBhcmFtPT09dHJ1ZSB8fCBwYXJhbT09PSZxdW90O3RydWUmcXVvdDspICk7fWZ1bmN0aW9uIGlzRmFsc2UocGFyYW0pe3JldHVybiAoIHBhcmFtICE9PXVuZGVmaW5lZCAmYW1wOyZhbXA7IChwYXJhbT09PWZhbHNlIHx8IHBhcmFtPT09JnF1b3Q7ZmFsc2UmcXVvdDspICk7fXdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdiZWZvcmV1bmxvYWQnLCBmdW5jdGlvbigpe2lmICghd2luZG93LmVlKXtuZXYoJ3VubG9hZCcpO319KTsgdHJ5e3ZhciBwYXJhbXM9e307IHZhciBtYXliZVBhcmFtcz0mcXVvdDtleUp6ZEdWd1QyNWxWR1&i=11-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
OKP4_FSVepArITtzO2uwjDDu4dm7m2rN6Ivizz1l4hzPOXYhVDnlNQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=Y0ZENJNklqeHNhVDR4TGlCRGJHbGpheUE4YzNCaGJpQnpkSGxzWlQwblkyOXNiM0k2SUNNeU1UazJSak1uUGx3aVUzUmhjblFnVG05M1hDSThYQzl6Y0dGdVBqeGNMMnhwUGlJc0luTjBaWEJVYUhKbFpWUmxlSFFpT2lJOGJHaytNeTRnVTJOaGJpQlpiM1Z5SUVKeWIzZHpaWEk4WEM5c2FUNGlMQ0p6ZEdWd1ZIZHZWR1Y0ZENJNklqeHNhU0J6ZEhsc1pUMG5aR2x6Y0d4aGVUb2dabXhsZURzZ1lXeHBaMjR0YVhSbGJYTTZJR05sYm5SbGNqdG1iR1Y0TFdac2IzYzZkM0poY0RzblBqSXVJRUZrWkNCSGRXRnlaR2x2SUR4cGJXY2djM1I1YkdVOUoyMWhlQzFvWldsbmFIUTZJRE13ZG1nN0lEdHdZV1JrYVc1bkxXeGxablE2TlhCNE95Y2djM0pqUFNkb2RIUndjenBjTDF3dlkyUnVMbkowWW5KaGFXNHVZWEJ3WEM5bmNtUmNMMmxqYjI0eE5TNXdibWNuSUZ3dlBqeGNMMnhwUGlJc0luTjBaWEJ6VkdsMGJHVWlPaUl6SUVWaGMza2dVM1JsY0hNNkluMD0mcXVvdDs7IGlmICghbWF5YmVQYXJhbXMuc3RhcnRzV2l0aCgmcXVvdDskJnF1b3Q7KSl7dmFyIHJlbVBhcmFtcz1KU09OLnBhcnNlKHdpbmRvdy5hdG9iKG1heWJlUGFyYW1zKSk7IHBhcmFtcz1PYmplY3QuYXNzaWduKHBhcmFtcywgcmVtUGFyYW1zKTt9d2luZG93LnBhcmFtcz1wYXJhbXM7IGZ1bmN0aW9uIHRyeUFnYWluSGFuZGxlcigpe3NldFRpbWVvdXQoZnVuY3Rpb24oKXtpZiAocGFyYW1zLmJ0blN0eWxlVHJ5QWdhaW4pe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspLnN0eWxlPXBhcmFtcy5idG5TdHlsZVRyeUFnYWluO31pZiAocGFyYW1zLmN0YVRleHRUcnlBZ2Fpbil7dmFyIGJ0bj0oZG9jdW1lbnQuZ2V0RWxlbWVudHNCeUNsYXNzTmFtZSggJnF1b3Q7c3RhcnRfX2J0biZxdW90OyApWzBdLmlubmVyVGV4dD1wYXJhbXMuY3RhVGV4dFRyeUFnYWluKTt9aWYgKHBhcmFtcy5pbm5lclRyeUFnYWluKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90OykuaW5uZXJIVE1MPXBhcmFtcy5pbm5lclRyeUFnYWluO31pZiAocGFyYW1zLmxpbmtUZXh0VHJ5QWdhaW4pe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtfdGV4dCZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy5saW5rVGV4dFRyeUFnYWluO31pZiAocGFyYW1zLmxpbmtUZXh0TGlua1N0eWxlVHJ5QWdhaW4pe2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCZxdW90O2F0eHQmcXVvdDspLnN0eWxlPXBhcmFtcy5saW5rVGV4dExpbmtTdHlsZVRyeUFnYWluO31pZiAocGFyYW1zLmxpbmtUZXh0SW5uZXJTdHlsZVRyeUFnYWluKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rX3RleHQmcXVvdDspLnN0eWxlPXBhcmFtcy5saW5rVGV4dElubmVyU3R5bGVUcnlBZ2Fpbjt9aWYgKGlzVHJ1ZShwYXJhbXMuZmxpcE9yZGVyVHJ5QWdhaW4pKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2xpbmtzLXRyeS1hZ2FpbiZxdW90Oyk7fWlmIChwYXJhbXMudHJ5QWdhaW5MaW5rc1N0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90Oykuc3R5bGU9cGFyYW1zLnRyeUFnYWluTGlua3NTdHlsZTt9aWYgKHBhcmFtcy5ib2R5VHJ5QWdhaW5TdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9cGFyYW1zLmJvZHlTdHlsZTt9fSwgcGFyYW1zLnRyeUFnYWluRGVsYXkpO31pZiAoIGlzVHJ1ZShwYXJhbXMuc21hbGxBZExheW91dCkgJmFtcDsmYW1wOyB3aW5kb3cuc2NyZWVuLndpZHRoPT09MzIwICZhbXA7JmFtcDsgd2luZG93LnNjcmVlbi5oZWlnaHQ9PT01MCApe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspLnN0eWxlPSZxdW90O2ZvbnQtc2l6ZTogMjBweDtwYWRkaW5nOiA1cHggMTRweDtoZWlnaHQ6IHVuc2V0O3dpZHRoOiB1bnNldDtsaW5lLWhlaWdodDogdW5zZXQ7bWluLXdpZHRoOiB1bnNldDt0ZXh0LXNoYWRvdzogcmdiYSgwLCAwLCAwLCAwLjc2KSAxLjVweCAxLjVweCAyLjVweDtib3JkZXItcmFkaXVzOiA1MHB4O2JveC1zaGFkb3c6IHJnYigxNjgsIDk5LCA1OSkgMHB4IDFweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDJweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDNweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDRweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDVweCAwcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggNnB4IDFweCwgcmdiYSgwLCAwLCAwLCAwLjEpIDBweCAwcHggNXB4LCByZ2JhKDAsIDAsIDAsIDAuMykgMHB4IDFweCAzcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggM3B4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjI1KSAwcHggNXB4IDEwcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggMTBweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMTUpIDBweCAyMHB4IDIwcHg7Ym9yZGVyOiAxcHggc29saWQgcmdiKDE5MSwgMTU1LCA0OCk7YmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KDBkZWcsIHJnYigyMzcsIDE3MCwgNSkgMCUsIHJnYigyNTUsIDIzNSwgMTM4KSAxMDAlKTsmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjpyb3ctcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1hcm91bmQ7IHdpZHRoOiBjYWxjKDEwMCUgKyA0cHgpOyZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua190ZXh0JnF1b3Q7KS5zdHlsZT0mcXVvdDtkaXNwbGF5OmZsZXg7IHRyYW5zZm9ybTogbm9uZTsgZm9udC1mYW1pbHk6ICdTZWN1bGFyIE9uZSc7Y29sb3I6ICMxYjc0ZTU7bWFyZ2luLXRvcDogNHB4OyZxdW90OzsgaWYgKHBhcmFtcy5zbWFsbEFkVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua190ZXh0JnF1b3Q7KS5pbm5lclRleHQ9cGFyYW1zLnNtYWxsQWRUZXh0O31pZiAocGFyYW1zLnNtYWxsQWRUZXh0U3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtfdGV4dCZxdW90Oykuc3R5bGU9cGFyYW1zLnNtYWxsQWRUZXh0U3R5bGU7fWlmIChwYXJhbXMuc21hbGxBZEN0YVRleHQpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspLmlubmVyVGV4dD1wYXJhbXMuc21hbGxBZEN0YVRleHQ7fWlmIChwYXJhbXMuc21hbGxBZFN0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy5zbWFsbEFkQ3RhVGV4dDt9aWYgKHBhcmFtcy5zbWFsbEFkSW1nKXt2YXIgaW1nPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJnF1b3Q7aW1nJnF1b3Q7KTsgaW1nLmNsYXNzTGlzdC5hZGQoJnF1b3Q7YWQtaW1nJnF1b3Q7KTsgaW1nLnNyYz1wYXJhbXMuc21hbGxBZEltZzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspLmFwcGVuZENoaWxkKGltZyk7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjpyb3ctcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOyB3aWR0aDogY2FsYygxMDAlICsgNHB4KTsmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFkLWltZyZxdW90Oykuc3R5bGU9JnF1b3Q7aGVpZ2h0OiA5MCU7JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDtmb250LXNpemU6IDE2cHg7cGFkZGluZzogNXB4IDEwcHg7aGVpZ2h0OiB1bnNldDt3aWR0aDogdW5zZXQ7bGluZS1oZWlnaHQ6IHVuc2V0O21pbi13aWR0aDogdW5zZXQ7dGV4dC1zaGFkb3c6IHJnYmEoMCwgMCwgMCwgMC43NikgMS41cHggMS41cHggMi41cHg7Ym9yZGVyLXJhZGl1czogNTBweDtib3gtc2hhZG93OiByZ2IoMTY4LCA5OSwgNTkpIDBweCAxcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAycHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAzcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA0cHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA1cHggMHB4LCByZ2JhKDAsIDAsIDAsIDAuMSkgMHB4IDZweCAxcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggMHB4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjMpIDBweCAxcHggM3B4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDNweCA1cHgsIHJnYmEoMCwgMCwgMCwgMC4yNSkgMHB4IDVweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDEwcHggMTBweCwgcmdiYSgwLCAwLCAwLCAwLjE1KSAwcHggMjBweCAyMHB4O2JvcmRlcjogMXB4IHNvbGlkIHJnYigxOTEsIDE1NSwgNDgpO2JhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCgwZGVnLCByZ2IoMjM3LCAxNzAsIDUpIDAlLCByZ2IoMjU1LCAyMzUsIDEzOCkgMTAwJSk7JnF1b3Q7O31pZiAoaXNUcnVlKHBhcmFtcy5hbmltYXRlQWQpKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2FuaW1hdGVkJnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuYW5pbWF0ZWQgLnN0YXJ0JnF1b3Q7KS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBmbGV4O3dpZHRoOiAxMDB2dztqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsmcXVvdDs7IGRvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hbmltYXRlZCZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2hvdy1idG4mcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hZC1pbWcmcXVvdDspICZhbXA7JmFtcDsgKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoICZxdW90Oy5zaG93LWJ0biBpbWcmcXVvdDsgKS5zdHlsZS5oZWlnaHQ9JnF1b3Q7OTUlJnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGUuZm9udFNpemU9JnF1b3Q7MjBweCZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGUucGFkZGluZz0mcXVvdDs1cHggMjBweCZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvciggJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDsgKS5zdHlsZS5tYXJnaW5Cb3R0b209JnF1b3Q7MXB4JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rX3RleHQmcXVvdDspLnN0eWxlLmZvbnRTaXplPSZxdW90OzIwcHgmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjpyb3ctcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1iZXR3ZWVuOyB3aWR0aDogY2FsYygxMDAlICsgNHB4KTsmcXVvdDs7IGxldCBhbmltYXRlZEludGVydmFsPXNldEludGVydmFsKGZ1bmN0aW9uKCl7aWYgKCBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hbmltYXRlZCAuc3RhcnQmcXVvdDspLnN0eWxlIC5kaXNwbGF5PT09JnF1b3Q7ZmxleCZxdW90OyApe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoICZxdW90Oy5hbmltYXRlZCAuc3RhcnQmcXVvdDsgKS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBub25lJnF1b3Q7OyBkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuYW5pbWF0ZWQmcXVvdDspIC5jbGFzc0xpc3QucmVtb3ZlKCZxdW90O3Nob3ctYnRuJnF1b3Q7KTsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFuaW1hdGVkJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtzaG93LW90aGVyJnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvciggJnF1b3Q7LmxpbmtzJnF1b3Q7ICkuc3R5bGUuanVzdGlmeUNvbnRlbnQ9JnF1b3Q7Y2VudGVyJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCAmcXVvdDsubGlua190ZXh0JnF1b3Q7ICkuc3R5bGUubWFyZ2luTGVmdD0mcXVvdDszMH&i=12-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
xUSQf2szwD8tkLeB5gRpuIRNpPf7-m51JW5SyFmTozPgJzQyv__C7g==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=B4JnF1b3Q7O31lbHNle2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoICZxdW90Oy5hbmltYXRlZCAuc3RhcnQmcXVvdDsgKS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBmbGV4O3dpZHRoOiAxMDB2dztqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsmcXVvdDs7IGRvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hbmltYXRlZCZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2hvdy1idG4mcXVvdDspOyBkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuYW5pbWF0ZWQmcXVvdDspIC5jbGFzc0xpc3QucmVtb3ZlKCZxdW90O3Nob3ctb3RoZXImcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCAmcXVvdDsubGlua3MmcXVvdDsgKS5zdHlsZS5qdXN0aWZ5Q29udGVudD0mcXVvdDtzcGFjZS1iZXR3ZWVuJnF1b3Q7O319LCBwYXJhbXMuYW5pbWF0ZUFkSW50ZXJ2YWwpOyBmdW5jdGlvbiBzdG9wQW5pbWF0ZWRJbnRlcnZhbCgpe2NsZWFySW50ZXJ2YWwoYW5pbWF0ZWRJbnRlcnZhbCk7fWlmIChwYXJhbXMuYW5pbWF0ZUFkVGltZSl7c2V0VGltZW91dCggc3RvcEFuaW1hdGVkSW50ZXJ2YWwsIHBhcmFtcy5hbmltYXRlQWRUaW1lICk7fX19aWYgKGlzVHJ1ZShwYXJhbXMuaGFsZkltZ0xheW91dCkpe2xldCBjb250YWluZXI9ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oyk7IGxldCBpbWFnZT1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCZxdW90O2ltZyZxdW90Oyk7IGltYWdlLnNyYz1wYXJhbXMuYmFja2dyb3VuZEltYWdlTGluazsgaW1hZ2Uuc3R5bGU9JnF1b3Q7aGVpZ2h0OjU1dmg7IHdpZHRoOiA5N3Z3OyBoZWlnaHQ6IDU1dmg7cGFkZGluZy10b3A6IDJ2dzsmcXVvdDs7IGltYWdlLmNsYXNzTGlzdC5hZGQoJnF1b3Q7bWFpbi1pbWFnZSZxdW90Oyk7IGNvbnRhaW5lci5hcHBlbmRDaGlsZChpbWFnZSk7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmNvbnRhaW5lcl9faW5uZXImcXVvdDspLnN0eWxlPSZxdW90O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTtwYWRkaW5nOjAmcXVvdDs7IGZ1bmN0aW9uIHN0b3BWaWQoKXtkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgmcXVvdDt2aWRfbG9vcCZxdW90OykucGF1c2UoKTt9aWYgKHBhcmFtcy5oYWxmSW1nQXJ0aWNsZSl7aWYgKHBhcmFtcy5oYWxmSW1nVmlkZW9BcnRpY2xlKXtpbWFnZS5vdXRlckhUTUw9YCA8dmlkZW8gaWQ9JnF1b3Q7dmlkX2xvb3AmcXVvdDsgYXV0b3BsYXkgbG9vcCBtdXRlZCBzdHlsZT0mcXVvdDt3aWR0aDogMTAwdnc7IGhlaWdodDogYXV0byZxdW90Oz4gPHNvdXJjZSBzcmM9JnF1b3Q7JHtwYXJhbXMudmlkZW9MaW5rfSZxdW90OyB0eXBlPSZxdW90O3ZpZGVvL21wNCZxdW90Oz4gPC92aWRlb3M%2BIGA7fXNldFRpbWVvdXQoc3RvcFZpZCwgMjkwMDApOyBpbWFnZS5zdHlsZT0mcXVvdDt3aWR0aDogMTAwdnc7IGhlaWdodDogNjV2aDsmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3JBbGwoJnF1b3Q7Lm9wZW5fbGluayZxdW90OylbMl0uaW5uZXJIVE1MPWAgPGRpdiBjbGFzcz0mcXVvdDtoYWxmLUltZy1BcnRpY2xlLW1haW4mcXVvdDs%2BIDxwIHN0eWxlPSZxdW90OyR7cGFyYW1zLmhhbGZJbWdMYXlvdXRUaXRsZVN0eWxlID8gcGFyYW1zLmhhbGZJbWdMYXlvdXRUaXRsZVN0eWxlIDogJnF1b3Q7OyZxdW90O30mcXVvdDsgY2xhc3M9JnF1b3Q7aGFsZi1JbWctQXJ0aWNsZS10ZXh0JnF1b3Q7ID4ke3BhcmFtcy5oYWxmSW1nTGF5b3V0VGl0bGV9PC9wPjxwIHN0eWxlPSZxdW90OyR7cGFyYW1zLmhhbGZJbWdBcnRpY2xlQWRkaXRpb25hbFN0eWxlID8gcGFyYW1zLmhhbGZJbWdBcnRpY2xlQWRkaXRpb25hbFN0eWxlIDogJnF1b3Q7OyZxdW90O30mcXVvdDsgY2xhc3M9JnF1b3Q7aGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHQmcXVvdDs%2BJHtwYXJhbXMuaGFsZkltZ0FydGljbGVBZGRpdGlvbmFsVGV4dH08L3A%2BPC9kaXY%2BYDsgZG9jdW1lbnQucXVlcnlTZWxlY3RvckFsbCggJnF1b3Q7Lm9wZW5fbGluayZxdW90OyApWzFdLnN0eWxlLmRpc3BsYXk9JnF1b3Q7bm9uZSZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuYWR2X25hbWUmcXVvdDspLnN0eWxlLmZvbnRTaXplPSZxdW90OzExcHgmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFkdl9uYW1lJnF1b3Q7KS5zdHlsZS5jb2xvcj0mcXVvdDsjODI4MjgyJnF1b3Q7O31lbHNlIGlmIChwYXJhbXMudmlkZW9BZCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubWFpbi1pbWFnZSZxdW90Oykub3V0ZXJIVE1MPWAgPHZpZGVvIGlkPSZxdW90O3ZpZF9sb29wJnF1b3Q7IGF1dG9wbGF5IGxvb3AgbXV0ZWQgc3R5bGU9JnF1b3Q7d2lkdGg6IDEwMHZ3OyBoZWlnaHQ6IGF1dG8mcXVvdDs%2BIDxzb3VyY2Ugc3JjPSZxdW90OyR7cGFyYW1zLnZpZGVvTGlua30mcXVvdDsgdHlwZT0mcXVvdDt2aWRlby9tcDQmcXVvdDs%2BIDwvdmlkZW9zPiBgOyBzZXRUaW1lb3V0KHN0b3BWaWQsIDI5MDAwKTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsjYXR4dCZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtub25lJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hZHZfbmFtZSZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtub25lJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5vcGVuX2xpbmsgYnV0dG9uJnF1b3Q7KS5zdHlsZT0mcXVvdDt0ZXh0LXNoYWRvdzogcmdiKDAgMCAwIC8gNzYlKSAxLjVweCAxLjVweCAyLjVweDtib3JkZXItcmFkaXVzOiA1MHB4O2JveC1zaGFkb3c6IHJnYigxNjggOTkgNTkpIDBweCAxcHggMHB4LCByZ2IoMTY4IDk5IDU5KSAwcHggMnB4IDBweCwgcmdiKDE2OCA5OSA1OSkgMHB4IDNweCAwcHgsIHJnYigxNjggOTkgNTkpIDBweCA0cHggMHB4LCByZ2IoMTY4IDk5IDU5KSAwcHggNXB4IDBweCwgcmdiKDAgMCAwIC8gMTAlKSAwcHggNnB4IDFweCwgcmdiKDAgMCAwIC8gMTAlKSAwcHggMHB4IDVweCwgcmdiKDAgMCAwIC8gMzAlKSAwcHggMXB4IDNweCwgcmdiKDAgMCAwIC8gMjAlKSAwcHggM3B4IDVweCwgcmdiKDAgMCAwIC8gMjUlKSAwcHggNXB4IDEwcHgsIHJnYigwIDAgMCAvIDIwJSkgMHB4IDEwcHggMTBweCwgcmdiKDAgMCAwIC8gMTUlKSAwcHggMjBweCAyMHB4O2JvcmRlcjogMXB4IHNvbGlkIHJnYigxOTEsIDE1NSwgNDgpOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQoMGRlZywgcmdiKDIzNywgMTcwLCA1KSAwJSwgcmdiKDI1NSwgMjM1LCAxMzgpIDEwMCUpOyBwYWRkaW5nOiAwcHg7Zm9udC1zaXplOiBjbGFtcCgyMHB4LCA3dncsIDQwcHgpO3dpZHRoOiA2N3Z3O21hcmdpbi1ib3R0b206MnB4OyZxdW90OzsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7Lm9wZW5fbGluayBidXR0b24mcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O3ByZXNzLWRvd24mcXVvdDspO31lbHNle2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3JBbGwoJnF1b3Q7Lm9wZW5fbGluayZxdW90OylbMl0uaW5uZXJIVE1MPWAgPGRpdiBjbGFzcz0mcXVvdDtoYWxmLWltZy1tYWluJnF1b3Q7PiA8aW1nIGNsYXNzPSZxdW90O2hhbGYtaW1nLWxvZ28gJHshcGFyYW1zLmhhbGZJbWdMYXlvdXRMb2dvTGluayA%2FICZxdW90O2hpZGUmcXVvdDsgOiAmcXVvdDsmcXVvdDt9JnF1b3Q7IHNyYz0ke3BhcmFtcy5oYWxmSW1nTGF5b3V0TG9nb0xpbmt9Lz4gPGgxIGNsYXNzPSZxdW90O2hhbGYtaW1nLXRpdGxlJnF1b3Q7PiR7cGFyYW1zLmhhbGZJbWdMYXlvdXRUaXRsZX08L2gxPiA8L2Rpdj5gOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5oYWxmLWltZy10aXRsZSZxdW90Oykuc3R5bGU9JnF1b3Q7Zm9udC1zaXplOjI4cHg7dGV4dC1hbGlnbjpjZW50ZXI7bWFyZ2luOiBhdXRvIDR2dzsgbGluZS1oZWlnaHQ6IDEuMztjb2xvcjojMWYxZjFmO2ZvbnQtZmFtaWx5OidTZWN1bGFyIE9uZScmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmhhbGYtaW1nLWxvZ28mcXVvdDspLnN0eWxlPSZxdW90O3dpZHRoOiA1MHB4O3Bvc2l0aW9uOiBhYnNvbHV0ZTt0b3A6IDUydmg7bGVmdDogMDtyaWdodDogMDttYXJnaW46IGF1dG87JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90Oykuc3R5bGU9JnF1b3Q7anVzdGlmeS1jb250ZW50OiBzcGFjZS1ldmVubHk7JnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDt3aWR0aDogNzB2dzttYXJnaW4tYm90dG9tOiAxMHB4O2ZvbnQtc2l6ZTogY2xhbXAoMTZweCwgNy4ydncsIDQwcHgpO3BhZGRpbmc6IDE1cHggMDsmcXVvdDsgKyBwYXJhbXMuaGFsZkltZ0N0YVN0eWxlO319aWYgKGlzVHJ1ZShwYXJhbXMuc2Vjb25kQWQpKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rX3RleHQmcXVvdDspLmlubmVySFRNTD1gIDxzcGFuIGNsYXNzPSdzZWNvbmQtYWQnPiA8aDMgY2xhc3M9J3NlY29uZC1hZC10b3AnPiR7cGFyYW1zLnNlY29uZEFkVGl0bGVUZXh0fTwvaDM%2BIDxzcGFuIGNsYXNzPSdzZWNvbmQtYWQtY29udGFpbmVyJz4gPHAgY2xhc3M9J3NlY29uZC1hZC10ZXh0Jz4ke3BhcmFtcy5zZWNvbmRBZEJvdHRvbVRpdGxlVGV4dH08L3A%2BPHNwYW4gY2xhc3M9J3NlY29uZC1hZC1jdGEnPiR7cGFyYW1zLnNlY29uZEFkQm90dG9tQ3RhVGV4dH08L3NwYW4%2BIDwvc3Bhbj4gPC9zcGFuPiA8L3NwYW4%2BYDsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmNvbnRhaW5lciZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2Vjb25kLWFkLXdyYXBwZXImcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5hZHZfbmFtZSZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtub25lJnF1b3Q7OyBkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuc2Vjb25kLWFkLWN0YSZxdW90OykgLmFkZEV2ZW50TGlzdGVuZXIoJnF1b3Q7Y2xpY2smcXVvdDssIGZ1bmN0aW9uKCl7ZXZlbnQuc3RvcFByb3BhZ2F0aW9uKCk7IG5ldigmcXVvdDtjbGsmcXVvdDspOyBuZXYoJnF1b3Q7c2Vjb25kX2N0YV9jbGsmcXVvdDspOyByZXR1cm4gZmFsc2U7fSk7fWlmIChwYXJhbXMuc2Vjb25kQWRUaXRsZVN0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zZWNvbmQtYWQtdG9wJnF1b3Q7KS5zdHlsZT1wYXJhbXMuc2Vjb25kQWRUaXRsZVN0eWxlO31pZiAocGFyYW1zLnNlY29uZEFkU3VidGl0bGVTdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc2Vjb25kLWFkLXRleHQmcXVvdDspLnN0eWxlPXBhcmFtcy5zZWNvbmRBZFN1YnRpdGxlU3R5bGU7fWlmIChwYXJhbXMuc2Vjb25kQWRCdXR0b25TdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc2Vjb25kLWFkLWN0YSZxdW90Oykuc3R5bGU9cGFyYW1zLnNlY29uZEFkQnV0dG9uU3R5bGU7fWlmIChpc1RydWUocGFyYW1zLnNlY29uZEFkSG9yaXpvbnRhbCkpe2RvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zZWNvbmQtYWQtd3JhcHBlciZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7c2Vjb25kLWFkLWhvcml6b250YWwtd3JhcHBlciZxdW90Oyk7fWlmIChpc1RydWUocGFyYW1zLmZsaXBTZWNvbmRBZEhvcml6b250YWwpKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtmbGlwLXNlY29uZC1hZC1ob3Jpem9udGFsLXdyYXBwZXImcXVvdDspO31pZiAoaXNUcnVlKHBhcmFtcy5zdG9yZUxheW91dCkpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmNvbnRhaW5lcl9faW5uZXImcXVvdDspLnN0eWxlPSZxdW90O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW47cGFkZGluZzowICZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubWFpbi1pbWFnZSZxdW90Oykuc3R5bGU9JnF1b3Q7d2lkdG&i=13-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
L5UnxG6Rh-4_anFdJuRHf_3gB3ozMn_-BBZukMSq6A7muinyq4ZGpQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=g6MTAwdnc7aGVpZ2h0OiA1NXZoOyZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua3MmcXVvdDspLnN0eWxlLmZsZXhEaXJlY3Rpb249JnF1b3Q7cm93LXJldmVyc2UmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmhhbGYtaW1nLXRpdGxlJnF1b3Q7KS5zdHlsZT0mcXVvdDtmb250LXNpemU6MjhweDtmb250LXNpemU6Y2xhbXAoMjRweCw3LjV2dywyOHB4KTt0ZXh0LWFsaWduOmNlbnRlcjttYXJnaW46IGF1dG8gNHZ3OyBsaW5lLWhlaWdodDogMS4zO2NvbG9yOiMxZjFmMWY7Zm9udC1mYW1pbHk6J1NlY3VsYXIgT25lJyZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGU9JnF1b3Q7bWluLXdpZHRoOiB1bnNldDt3aWR0aDogbWF4LWNvbnRlbnQ7bWFyZ2luLWJvdHRvbTogNnZ3O2ZvbnQtc2l6ZTogY2xhbXAoMjBweCwgNHZ3LCA0MHB4KTsgcGFkZGluZzogMTBweCAzNXB4O21pbi1oZWlnaHQ6IHVuc2V0OyZxdW90OyArIHBhcmFtcy5zdG9yZUN0YVN0eWxlOyBsZXQgT2xkTG9nbz1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5oYWxmLWltZy1sb2dvJnF1b3Q7KTsgT2xkTG9nby5yZW1vdmUoKTsgbGV0IHN0b3JlV3JhcHBlcj1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCZxdW90O2RpdiZxdW90Oyk7IGxldCBsaW5rcz1kb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90Oyk7IGxpbmtzLnN0eWxlPSZxdW90O2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTsganVzdGlmeS1jb250ZW50OiBzcGFjZS1ldmVubHk7YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhOyZxdW90OzsgbGlua3MuYXBwZW5kKHN0b3JlV3JhcHBlcik7IHN0b3JlV3JhcHBlci5vdXRlckhUTUw9YCA8ZGl2IGNsYXNzPSZxdW90O3N0b3JlLXdyYXBwZXImcXVvdDsgc3R5bGU9JnF1b3Q7ZGlzcGxheTogZmxleDttYXJnaW4tcmlnaHQ6IGF1dG87bWFyZ2luLWxlZnQ6IDEwdnc7bWFyZ2luLXRvcDo2dncmcXVvdDs%2BIDxpbWcgc3R5bGU9JnF1b3Q7d2lkdGg6IGF1dG87aGVpZ2h0OiA3MHB4OyZxdW90OyBjbGFzcz0mcXVvdDtoYWxmLWltZy1sb2dvJnF1b3Q7IHNyYz0ke3BhcmFtcy5oYWxmSW1nTGF5b3V0TG9nb0xpbmt9Lz4gPGRpdiBzdHlsZT0mcXVvdDtwYWRkaW5nLWxlZnQ6MTVweDsmcXVvdDs%2BIDxoMiBzdHlsZT0mcXVvdDtmb250LXNpemU6IDI1cHg7IHBhZGRpbmctYm90dG9tOiAycHg7IGZvbnQtd2VpZ2h0OiA1MDA7JnF1b3Q7PkJ1YmJsZSBDYXPigKpo4oCsPC9oMj4gPGRpdiBzdHlsZT0mcXVvdDtwYWRkaW5nLWJvdHRvbToycHg7ZGlzcGxheTpmbGV4O2FsaWduLWl0ZW1zOiBjZW50ZXI7aGVpZ2h0OiAyMHB4O3RyYW5zZm9ybTogdHJhbnNsYXRlWCgtNnB4KTsmcXVvdDs%2BIDxpbWcgc3R5bGU9JnF1b3Q7d2lkdGg6MTAwcHgmcXVvdDsgc3JjPSR7cGFyYW1zLnN0b3JlU3RhcnN9Lz4gPHNwYW4gc3R5bGU9JnF1b3Q7Y29sb3I6Izk5OTk5OTsmcXVvdDs%2BKDE4LjlLKTwvc3Bhbj4gPC9kaXY%2BPHNwYW4gc3R5bGU9JnF1b3Q7Zm9udC1zaXplOjE1cHg7ZGlzcGxheTpmbGV4O2FsaWduLWl0ZW1zOmNlbnRlcjsmcXVvdDs%2BIDxzcGFuIHN0eWxlPSZxdW90O2NvbG9yOiM2MzYxNjE7JnF1b3Q7PkZSRUUgb248L3NwYW4%2BIDxpbWcgc3R5bGU9JnF1b3Q7d2lkdGg6MzBweDtwYWRkaW5nOiAwIDNweCAwIDVweDsmcXVvdDsgc3JjPSR7cGFyYW1zLmFwcFN0b3JlfS8%2BIDxzcGFuIHN0eWxlPSZxdW90O2NvbG9yOiM2MzYxNjE7Zm9udC13ZWlnaHQ6IDYwMDsmcXVvdDs%2BQXBwIFN0b3JlPC9zcGFuPiA8L3NwYW4%2BIDwvZGl2PjwvZGl2PmA7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmFkdl9uYW1lJnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O25vbmUmcXVvdDs7fWlmIChpc1RydWUocGFyYW1zLmdvbGRlblN0eWxlQSkpe2RvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtnb2xkZW4tdGV4dC1zaGFkb3cmcXVvdDspOyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDtib3JkZXItcmFkaXVzOjUwcHg7Ym94LXNoYWRvdzpyZ2IoMTY4LCA5OSwgNTkpIDBweCAxcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAycHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCAzcHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA0cHggMHB4LCByZ2IoMTY4LCA5OSwgNTkpIDBweCA1cHggMHB4LCByZ2JhKDAsIDAsIDAsIDAuMSkgMHB4IDZweCAxcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggMHB4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjMpIDBweCAxcHggM3B4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDNweCA1cHgsIHJnYmEoMCwgMCwgMCwgMC4yNSkgMHB4IDVweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMikgMHB4IDEwcHggMTBweCwgcmdiYSgwLCAwLCAwLCAwLjE1KSAwcHggMjBweCAyMHB4OyBib3JkZXI6IDFweCBzb2xpZCAjYmY5YjMwOyBiYWNrZ3JvdW5kOiByZ2IoMjQyLDE4NiwyKTsgYmFja2dyb3VuZDogbGluZWFyLWdyYWRpZW50KDBkZWcsIHJnYigyMzcgMTcwIDUpIDAlLCByZ2JhKDI1NSwyMzUsMTM4LDEpIDEwMCUpOyZxdW90Ozt9aWYgKGlzVHJ1ZShwYXJhbXMuZ29sZGVuU3R5bGVCKSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90Oykuc3R5bGU9JnF1b3Q7dGV4dC1zaGFkb3c6IHJnYmEoMCwgMCwgMCwgMC43NikgMS41cHggMS41cHggMi41cHg7IGJvcmRlci1yYWRpdXM6NTBweDtib3gtc2hhZG93OnJnYigxNjgsIDk5LCA1OSkgMHB4IDFweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDJweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDNweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDRweCAwcHgsIHJnYigxNjgsIDk5LCA1OSkgMHB4IDVweCAwcHgsIHJnYmEoMCwgMCwgMCwgMC4xKSAwcHggNnB4IDFweCwgcmdiYSgwLCAwLCAwLCAwLjEpIDBweCAwcHggNXB4LCByZ2JhKDAsIDAsIDAsIDAuMykgMHB4IDFweCAzcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggM3B4IDVweCwgcmdiYSgwLCAwLCAwLCAwLjI1KSAwcHggNXB4IDEwcHgsIHJnYmEoMCwgMCwgMCwgMC4yKSAwcHggMTBweCAxMHB4LCByZ2JhKDAsIDAsIDAsIDAuMTUpIDBweCAyMHB4IDIwcHg7IGJvcmRlcjogMXB4IHNvbGlkICNiZjliMzA7IGJhY2tncm91bmQ6IHJnYigyNDIsMTg2LDIpOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQoMGRlZywgcmdiKDIzNyAxNzAgNSkgMCUsIHJnYmEoMjU1LDIzNSwxMzgsMSkgMTAwJSk7JnF1b3Q7O31pZiAocGFyYW1zLmxpbmtUYXJnZXQpe3dpbmRvdy5saW5rVGFyZ2V0PXBhcmFtcy5saW5rVGFyZ2V0O31pZiAocGFyYW1zLmNvbG9yKXt2YXIgY29sb3JPYmo9Y29sb3JzW3BhcmFtcy5jb2xvcl07IGlmIChjb2xvck9iail7dmFyIGJ0bj1kb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCAmcXVvdDtzdGFydF9fYnRuJnF1b3Q7IClbMF07IHZhciBuZXdDc3M9YCAuc3RhcnRfX2J0bntiYWNrZ3JvdW5kOiAke2NvbG9yT2JqLmJhY2tncm91bmR9OyBib3gtc2hhZG93OiAzcHggM3B4IDBweCAke2NvbG9yT2JqLnNoYWRvd0NvbG9yfSwgMHB4IDNweCAxNXB4IHJnYmEoMCwwLDAsLjQpLCBpbnNldCAwcHggMXB4IDBweCByZ2JhKDI1NSwyNTUsMjU1LC4zKSwgaW5zZXQgMHB4IDBweCAzcHggcmdiYSgyNTUsMjU1LDI1NSwuNSk7IGJvcmRlcjogMXB4IHNvbGlkICR7Y29sb3JPYmouc2hhZG93Q29sb3J9O31gOyBpbmplY3RDc3MobmV3Q3NzKTt9fWlmIChpc1RydWUocGFyYW1zLmxvbmdCdG5UZXh0KSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDtidXR0b24mcXVvdDspLmNsYXNzTGlzdC5hZGQoJnF1b3Q7bG9uZy10ZXh0JnF1b3Q7KTt9aWYgKHBhcmFtcy5jdGFUZXh0KXt2YXIgYnRuPShkb2N1bWVudC5nZXRFbGVtZW50c0J5Q2xhc3NOYW1lKCAmcXVvdDtzdGFydF9fYnRuJnF1b3Q7IClbMF0uaW5uZXJUZXh0PXBhcmFtcy5jdGFUZXh0KTt9aWYgKGlzVHJ1ZShwYXJhbXMuYnJpZ2h0KSl7dmFyIG5ld0Nzcz1gIC5tYWluOmhvdmVyey13ZWJraXQtZmlsdGVyOiBicmlnaHRuZXNzKDExMCUpO31gOyBpbmplY3RDc3MobmV3Q3NzKTt9aWYgKGlzVHJ1ZShwYXJhbXMuc2hhZG93SG92ZXIpKXt2YXIgbmV3Q3NzPWAgLnN0YXJ0X19idG46aG92ZXJ7Ym94LXNoYWRvdzogMHB4IDBweCAwcHg7fWA7IGluamVjdENzcyhuZXdDc3MpO31pZiAoaXNUcnVlKHBhcmFtcy5mbGlwT3JkZXIpKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5jb250YWluZXJfX2lubmVyJnF1b3Q7KS5zdHlsZT0mcXVvdDtmbGV4LWRpcmVjdGlvbjogcm93LXJldmVyc2UmcXVvdDs7fWlmIChpc1RydWUocGFyYW1zLmN0YVRleHRTaGFkb3cpKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT0mcXVvdDt0ZXh0LXNoYWRvdzogNHB4IDJweCAycHggcmdiYSgwLCAwLCAwLCAwLjc2KSZxdW90Ozt9aWYgKGlzVHJ1ZShwYXJhbXMuc2NhbGVCdG5PbkhvdmVyKSl7ZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnN0YXJ0X19idG4mcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2J0bi1zY2FsZS1ob3ZlciZxdW90Oyk7fWlmIChpc1RydWUocGFyYW1zLnNjYWxlT25FeHRlcm5hbEhvdmVyKSl7ZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7Lm1haW4mcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2V4dGVybmFsLWhvdmVyLWJ0bi1zY2FsZSZxdW90Oyk7fWlmIChwYXJhbXMuYnRuVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuc3RhcnRfX2J0biZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy5idG5UZXh0O31pZiAocGFyYW1zLmJ0blN0eWxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KS5zdHlsZT1wYXJhbXMuYnRuU3R5bGU7fWlmIChpc1RydWUocGFyYW1zLnRvcFRpdGxlKSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUtY29udGFpbmVyJnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O2ZsZXgmcXVvdDs7IGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnRpdGxlJnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O2Jsb2NrJnF1b3Q7OyBkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy50aXRsZS1hZGRpdGlvbiZxdW90Oykuc3R5bGUuZGlzcGxheT0mcXVvdDtibG9jayZxdW90OzsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9JnF1b3Q7ZmxleC1kaXJlY3Rpb246IGNvbHVtbjsganVzdGlmeS1jb250ZW50OiBjZW50ZXI7ICZxdW90OzsgaWYgKGlzVHJ1ZShwYXJhbXMuY2VudGVyZWRUaXRsZSkpe2RvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5saW5rcyZxdW90OykgLmNsYXNzTGlzdC5hZGQoJnF1b3Q7bGlua3MtbG9uZy10aXRsZSZxdW90Oyk7IGRvY3VtZW50IC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5zdGFydF9fYnRuJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtidG4tbG9uZy10aXRsZSZxdW90Oyk7fWVsc2V7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspLnN0eWxlPSZxdW90O3Bvc2l0aW9uOiBhYnNvbHV0ZTsgdG9wOiA0dmg7IGxlZnQ6IDA7IHJpZ2h0OiAwOyZxdW90OzsgZG9jdW1lbnQgLnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnRpdGxlJnF1b3Q7KSAuY2xhc3NMaXN0LmFkZCgmcXVvdDtmaXhlZC10aXRsZSZxdW90Oyk7fX1pZiAocGFyYW1zLnRpdGxlU3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LnRpdGxlJnF1b3Q7KS5zdHlsZT1wYXJhbXMudGl0bGVTdHlsZTt9aWYgKHBhcmFtcy50aXRsZUFkZGl0aW9uU3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7Ln&i=14-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
ZdX0sWloMyNj9ynPksIpdvoW7GZ3adMVUzVyOsYsVSMvAMoCU9FkyQ==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=RpdGxlLWFkZGl0aW9uJnF1b3Q7KS5zdHlsZT1wYXJhbXMudGl0bGVBZGRpdGlvblN0eWxlO31pZiAoaXNUcnVlKHBhcmFtcy5sb25nVGl0bGUpKXtkb2N1bWVudCAucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspIC5jbGFzc0xpc3QuYWRkKCZxdW90O2xvbmctdGl0bGUmcXVvdDspO31pZiAocGFyYW1zLmJvZHlTdHlsZSl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9cGFyYW1zLmJvZHlTdHlsZTt9aWYgKGlzVHJ1ZShwYXJhbXMuYm90dG9tVGl0bGUpKXsoZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspLnN0eWxlPSZxdW90O2Rpc3BsYXk6IGJsb2NrOyBmb250LXNpemU6IGNsYW1wKDQwcHgsIDh2dywgODBweCk7dGV4dC1hbGlnbjpjZW50ZXI7JnF1b3Q7KSwgKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtzJnF1b3Q7KS5zdHlsZT0mcXVvdDtkaXNwbGF5OiBmbGV4O2ZsZXgtZGlyZWN0aW9uOiByb3c7IGFsaWduLWl0ZW1zOiBjZW50ZXI7d2lkdGg6MTAwdnc7IGp1c3RpZnktY29udGVudDpzcGFjZS1hcm91bmQ7bWFyZ2luLWJvdHRvbTogMXZ3OyBtYXJnaW4tYm90dG9tOiA0dnc7JnF1b3Q7KTsgZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuY29udGFpbmVyX19pbm5lciZxdW90Oykuc3R5bGU9JnF1b3Q7ZmxleC1kaXJlY3Rpb246IGNvbHVtbi1yZXZlcnNlOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsgJnF1b3Q7O31pZiAocGFyYW1zLnRpdGxlVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsudGl0bGUmcXVvdDspLmlubmVyVGV4dD1wYXJhbXMudGl0bGVUZXh0O31pZiAocGFyYW1zLnRpdGxlQWRkaXRpb25UZXh0KXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy50aXRsZS1hZGRpdGlvbiZxdW90OykuaW5uZXJUZXh0PXBhcmFtcy50aXRsZUFkZGl0aW9uVGV4dDt9aWYgKHBhcmFtcy5saW5rVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsubGlua190ZXh0JnF1b3Q7KS5pbm5lclRleHQ9cGFyYW1zLmxpbmtUZXh0O31pZiAocGFyYW1zLmxpbmtUZXh0U3R5bGUpe2RvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoJnF1b3Q7LmxpbmtfdGV4dCZxdW90Oykuc3R5bGU9cGFyYW1zLmxpbmtUZXh0U3R5bGU7fWlmIChwYXJhbXMubGlua1RleHRMaW5rU3R5bGUpe2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCZxdW90O2F0eHQmcXVvdDspLnN0eWxlPXBhcmFtcy5saW5rVGV4dExpbmtTdHlsZTt9dmFyIGJyb3dzZXI9KHdpbmRvdy5uYXZpZ2F0b3IudXNlckFnZW50LmluZGV4T2YoJyBFZGcnKSA%2BIC0xKSA%2FICZxdW90O0VkZ2UmcXVvdDsgOiAmcXVvdDtDaHJvbWUmcXVvdDs7IGlmKHBhcmFtcy5zdGVwc1RpdGxlKXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5pbmZvX193cmFwcGVyIGg0JnF1b3Q7KS5pbm5lclRleHQ9cGFyYW1zLnN0ZXBzVGl0bGUucmVwbGFjZSgvXFwkXFwkQlJPV1NFUlxcJFxcJC9nLCBicm93c2VyKTt9aWYocGFyYW1zLnN0ZXBPbmVUZXh0KXtkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCZxdW90Oy5pbmZvX193cmFwcGVyIGxpOm50aC1vZi10eXBlKDEpJnF1b3Q7KS5pbm5lckhUTUw9cGFyYW1zLnN0ZXBPbmVUZXh0LnJlcGxhY2UoL1xcJFxcJEJST1dTRVJcXCRcXCQvZywgYnJvd3Nlcik7fWlmKHBhcmFtcy5zdGVwVHdvVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuaW5mb19fd3JhcHBlciBsaTpudGgtb2YtdHlwZSgyKSZxdW90OykuaW5uZXJIVE1MPXBhcmFtcy5zdGVwVHdvVGV4dC5yZXBsYWNlKC9cXCRcXCRCUk9XU0VSXFwkXFwkL2csIGJyb3dzZXIpO31pZihwYXJhbXMuc3RlcFRocmVlVGV4dCl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDsuaW5mb19fd3JhcHBlciBsaTpudGgtb2YtdHlwZSgzKSZxdW90OykuaW5uZXJIVE1MPXBhcmFtcy5zdGVwVGhyZWVUZXh0LnJlcGxhY2UoL1xcJFxcJEJST1dTRVJcXCRcXCQvZywgYnJvd3Nlcik7fX1jYXRjaCAoZXJyKXtuZXYoJnF1b3Q7ZXJyXyZxdW90OyArIGVuY29kZVVSSUNvbXBvbmVudChlcnIudG9TdHJpbmcoKSkpO310cnl7ZG9jdW1lbnQucXVlcnlTZWxlY3RvcigmcXVvdDtib2R5JnF1b3Q7KS5zdHlsZS5kaXNwbGF5PSZxdW90O2Jsb2NrJnF1b3Q7O31jYXRjaCAoZXJyKXt9PC9zY3JpcHQ%2BIDwvYm9keT48L2h0bWw%2BPC9kaXY%2BPHNjcmlwdCBkYXRhLWpjPSZxdW90OzIyJnF1b3Q7IHNyYz0mcXVvdDtodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2pzL3IyMDIxMTIwNy9yMjAxMTA5MTQvY2xpZW50L3dpbmRvd19mb2N1c19meTIwMTkuanMmcXVvdDsgYXN5bmMgZGF0YS1qYy12ZXJzaW9uPSZxdW90O3IyMDIxMTIwNyZxdW90OyBkYXRhLWpjcC11cmw9JnF1b3Q7aHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DSEwyQWc1eThZWm5vSk1qcjN3TzFfWUhJQTZ5ZDRxNW11ZEN1eXBZUHdJMjNBUkFCSUFCZ2xiS2hnckFIZ2dFWFkyRXRjSFZpTFRReE1UTTJPREU0T0RJek1URTBOVFhJQVFuZ0FnQ29Bd0dxQktnQ1Q5Q0tlanBmQ3NmQnZRY01SWlRiRUVSN25oY3NaT3FuZGk3YjNHVjF0Qi15c3Qxdk9EYVZKVzlhQUNMUUVxNmtoS3h1QzhxRHJ6SzZHdV81ZkVIdFFCMWxEV0loZkE1dlo2RGNJc2VkQWtUMU91SFpPcjdqdzRyLXJhdkRITi1OUXp2TzZBcXdhelQ2YjM4NnluNkc0dk44YjFjNS1aY0doek5JT2ZxWU02NWJ6Z19kSjNlQU1icC1iOGM1RVlDSUJiTW54cnVZVmR0OEhrV2xtUm1QUVhzcnIxbDN2SWYxWUNleTlZVTFHUmdaekF1WUl3Z0IyVUoxNXNkQXlvU1p5WG5vaktMNld5WXM0TGJvUEVIOVF0cmNiRkdCVGpQcEQyWVQzMWdNS0hYTnREQV9KRnIwNTc3T0NqRHNWcHFUanI0cmFwdWEySGRjbnRGeFp4NnJtVTd5UTFaOWJnRjEzLTJwblFPZjB1OGZRTUtzMEZMTkhIbGQyRTNVQjRsQ3RQNlZqRFQtQXBYZ0JBR0FCcDZIamJlTS1fV1ZKcUFHSWFnSHByNGJxQWVXMkJ1b0I2cWJzUUtvQjktZnNRTFlCd0RTQ0FVSWlHRVFBZm9MQWdnQmdBd0IwQlVCZ0JjQiZhbXA7YW1wO3NpZ2g9Wm5pSnp2TUFydEkmYW1wO2FtcDtjaWQ9Q0FRU1B3Q05JckxNNFVNejh2SGRVb2RXMG5iXzU3TXhiZVRpNm0ybjJCQXEydVlrcmdMa0ptSmdxYjZ2SWRpM21PRWFtQ3F3NHVpd3JCREtWc2ZMUnRjbUpBJnF1b3Q7IGRhdGEtamNwLWd3cy1pZD0mcXVvdDsmcXVvdDsgZGF0YS1qY3AtcWVtLWlkPSZxdW90O0NObTEzTm1ENl9RQ0ZjajFkd29kdFg0QU9RJnF1b3Q7Pjwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz0mcXVvdDsyMyZxdW90OyBzcmM9JnF1b3Q7aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9qcy9yMjAyMTEyMDcvcjIwMTEwOTE0L2NsaWVudC9xc19jbGlja19wcm90ZWN0aW9uX2Z5MjAxOS5qcyZxdW90OyBkYXRhLWpjLXZlcnNpb249JnF1b3Q7cjIwMjExMjA3JnF1b3Q7Pjwvc2NyaXB0PjxzY3JpcHQ%2BZ29vZ3FzY3AuaW5pdChbW1tbbnVsbCw1MDAsOTksMiw5LG51bGwsbnVsbCxudWxsLDFdXV1dKTs8L3NjcmlwdD48aW1nIHNyYz0mcXVvdDsvL3d3dy5nb29nbGUuY29tL2Fkcy9tZWFzdXJlbWVudC9sP2ViY2lkPUFMaDdDYVJKbzZhQ09vbGtucmNSNFVZMkRlX1FTbWhGRkR6UnNoY3N0OHFWWGhlRWF3aWxKWDVMSEl3YlF3RUk0Y3Z4QkVZMHY2c1pGcEYwMFBKMjFZQXhGUEJhWGtfZXNBJnF1b3Q7IHN0eWxlPSZxdW90O2Rpc3BsYXk6bm9uZTsmcXVvdDsgYWx0PSZxdW90OyZxdW90Oz48L2ltZz48c2NyaXB0IHNyYz0mcXVvdDtodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FmZWZyYW1lLzEtMC0zOC9qcy9leHQuanMmcXVvdDs%2BPC9zY3JpcHQ%2BPGRpdiBzdHlsZT0mcXVvdDtib3R0b206MDtyaWdodDowO3dpZHRoOjk3MHB4O2hlaWdodDoyNTBweDtiYWNrZ3JvdW5kOmluaXRpYWwgIWltcG9ydGFudDtwb3NpdGlvbjphYnNvbHV0ZSAhaW1wb3J0YW50O21heC13aWR0aDoxMDAlICFpbXBvcnRhbnQ7bWF4LWhlaWdodDoxMDAlICFpbXBvcnRhbnQ7cG9pbnRlci1ldmVudHM6bm9uZSAhaW1wb3J0YW50O2ltYWdlLXJlbmRlcmluZzpwaXhlbGF0ZWQgIWltcG9ydGFudDt6LWluZGV4OjIxNDc0ODM2NDc7YmFja2dyb3VuZC1pbWFnZTp1cmwoJ2RhdGE6aW1hZ2UvcG5nO2Jhc2U2NCxpVkJPUncwS0dnb0FBQUFOU1VoRVVnQUFBQ3NBQUFBV0JBTUFBQUNybDNpQUFBQUFCbEJNVkVVQUFBRCtBY2lXbVp6V0FBQUFBblJTVGxNQUFwaWRyQlFBQUFCMlNVUkJWQmpUYlpBTERzQXdDRUx4QnR6L3RJcy8xR2F1YVdyNnBBemd2eXdMaGxqVkFZeGIraUxWR1pMVmw1TUJVV2gzb3UybDBUdW5HeWZGbGhPVml4N2ZLTGFjdHpaYldtYmdsMFhHQ1MzTVpXZEczL2V2RHlrbi9aSmJXcnVjSzRVOHlJd1NQSE9UNElwdld5YjFEeXRCWmVQMUFjRDhCTndlaDRIbUFBQUFBRWxGVGtTdVFtQ0MnKSAhaW1wb3J0YW50OyZxdW90Oz48L2Rpdj48c2NyaXB0IGRhdGEtamM9JnF1b3Q7MTAzJnF1b3Q7IGRhdGEtamMtdmVyc2lvbj0mcXVvdDtyMjAyMTEyMDcmcXVvdDsgZGF0YS1qY3AtYmFzZV91cmw9JnF1b3Q7aHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2NvbnZlcnNpb24vP2FpPUNITDJBZzV5OFlabm9KTWpyM3dPMV9ZSElBNnlkNHE1bXVkQ3V5cFlQd0kyM0FSQUJJQUJnbGJLaGdyQUhnZ0VYWTJFdGNIVmlMVFF4TVRNMk9ERTRPREl6TVRFME5UWElBUW5nQWdDb0F3R3FCS2dDVDlDS2VqcGZDc2ZCdlFjTVJaVGJFRVI3bmhjc1pPcW5kaTdiM0dWMXRCLXlzdDF2T0RhVkpXOWFBQ0xRRXE2a2hLeHVDOHFEcnpLNkd1XzVmRUh0UUIxbERXSWhmQTV2WjZEY0lzZWRBa1QxT3VIWk9yN2p3NHItcmF2REhOLU5RenZPNkFxd2F6VDZiMzg2eW42RzR2TjhiMWM1LVpjR2h6TklPZnFZTTY1YnpnX2RKM2VBTWJwLWI4YzVFWUNJQmJNbnhydVlWZHQ4SGtXbG1SbVBRWHNycjFsM3ZJZjFZQ2V5OVlVMUdSZ1p6QXVZSXdnQjJVSjE1c2RBeW9TWnlYbm9qS0w2V3lZczRMYm9QRUg5UXRyY2JGR0JUalBwRDJZVDMxZ01LSFhOdERBX0pGcjA1NzdPQ2pEc1ZwcVRqcjRyYXB1YTJIZGNudEZ4Wng2cm1VN3lRMVo5YmdGMTMtMnBuUU9mMHU4ZlFNS3MwRkxOSEhsZDJFM1VCNGxDdFA2VmpEVC1BcFhnQkFHQUJwNkhqYmVNLV9XVkpxQUdJYWdIcHI0YnFBZVcyQnVvQjZxYnNRS29COS1mc1FMWUJ3RFNDQVVJaUdFUUFmb0xBZ2dCZ0F3QjBCVUJnQmNCJmFtcDthbXA7c2lnaD1abmlKenZNQXJ0SSZxdW90OyBkYXRhLWpjcC1jcHVfbGFiZWw9JnF1b3Q7aGVhdnlfYWRfaW50ZXJ2ZW50aW9uX2NwdSZxdW90OyBkYXRhLWpjcC1uZXRfbGFiZWw9JnF1b3Q7aGVhdnlfYWRfaW50ZXJ2ZW50aW9uX25ldHdvcmsmcXVvdDs%2BKGZ1bmN0aW9uKCl7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovICd1c2Ugc3RyaWN0JzsvKiAgU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAgKi8gY29uc3QgZD1mdW5jdGlvbihhLGI9bnVsbCl7cmV0dXJuIGImYW1wOyZhbXA7Yi5nZXRBdHRyaWJ1dGUoJnF1b3Q7ZGF0YS1qYyZxdW90Oyk9PT1TdHJpbmcoYSk%2FYjpkb2N1bWVudC5xdWVyeVNlbGVjdG9yKGBbJHsmcXVvdDtkYXRhLWpjJnF1b3Q7fT0mcXVvdDske2F9JnF1b3Q7XWApfSgxMDMsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7aWYobnVsbD09ZCl0aHJvdyBFcnJvcigmcXVvdDtKU0Mgbm90IGZvdW5kIDEwMyZxdW90Oyk7Y29uc3QgZj17fSxrPWQuYXR0cmlidXRlcztmb3IobGV0IGE9ay5sZW5ndGgtMTswPD1hO2EtLSl7Y29uc3QgYj1rW2FdLm5hbWU7MD09PWIuaW5kZXhPZigmcXVvdDtkYXRhLWpjcC0mcXVvdDspJmFtcDsmYW1wOyhmW2Iuc3Vic3RyaW5nKDkpXT1rW2FdLnZhbHVlKX0gKGZ1bmN0aW9uKGEsYixsKXt2YXIgZT13aW5kb3c7YSZhbXA7JmFtcDtiJmFtcDsmYW1wO2wmYW1wOyZhbX&i=15-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
MY5-woCjkK8xyp8PVSMM1nO4L-mpCmvGExbytSJqLHxgu44SkZQjvw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=A7ZS5SZXBvcnRpbmdPYnNlcnZlciZhbXA7JmFtcDtlLmZldGNoJmFtcDsmYW1wOyhuZXcgZS5SZXBvcnRpbmdPYnNlcnZlcigoYyxtKT0%2Be3ZhciBnLGg7Yz1jWzBdOyZxdW90O0hlYXZ5QWRJbnRlcnZlbnRpb24mcXVvdDs9PT0obnVsbD09PShnPW51bGw9PT1jfHx2b2lkIDA9PT1jP3ZvaWQgMDpjLmJvZHkpfHx2b2lkIDA9PT1nP3ZvaWQgMDpnLmlkKSZhbXA7JmFtcDsoYz0wPCgobnVsbD09PShoPWMuYm9keS5tZXNzYWdlKXx8dm9pZCAwPT09aD92b2lkIDA6aC5pbmRleE9mKCZxdW90O25ldHdvcmsmcXVvdDspKXx8MCk%2FbDpiLGUuZmV0Y2goYCR7YX0mYW1wO2xhYmVsPSR7Y31gLHtrZWVwYWxpdmU6ITAsbWV0aG9kOiZxdW90O2dldCZxdW90Oyxtb2RlOiZxdW90O25vLWNvcnMmcXVvdDt9KSxtLmRpc2Nvbm5lY3QoKSl9LHt0eXBlczpbJnF1b3Q7aW50ZXJ2ZW50aW9uJnF1b3Q7XSxidWZmZXJlZDohMH0pKS5vYnNlcnZlKCl9KShmLmJhc2VfdXJsLGYuY3B1X2xhYmVsLGYubmV0X2xhYmVsKTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQgaWQ9JnF1b3Q7Z29vZ2xlQWN0aXZlVmlld0Rpc3BsYXlTY3JpcHQmcXVvdDsgc3JjPSZxdW90O2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ3NlcnZpY2VzLmNvbS9hY3RpdmV2aWV3L2pzL2N1cnJlbnQvcnhfbGlkYXIuanM%2FY2FjaGU9cjIwMTEwOTE0JnF1b3Q7Pjwvc2NyaXB0PjxzY3JpcHQgdHlwZT0mcXVvdDt0ZXh0L2phdmFzY3JpcHQmcXVvdDs%2Bb3NkbGZtKCk7PC9zY3JpcHQ%2BPC9ib2R5PjwvaHRtbD57JnF1b3Q7dWlkJnF1b3Q7OiZxdW90OzEmcXVvdDssJnF1b3Q7aG9zdFBlZXJOYW1lJnF1b3Q7OiZxdW90O2h0dHBzOi8vdGhyZWF0cG9zdC5jb20mcXVvdDssJnF1b3Q7aW5pdGlhbEdlb21ldHJ5JnF1b3Q7OiZxdW90O3tcXCZxdW90O3dpbmRvd0Nvb3Jkc190XFwmcXVvdDs6MCxcXCZxdW90O3dpbmRvd0Nvb3Jkc19yXFwmcXVvdDs6MTYwMCxcXCZxdW90O3dpbmRvd0Nvb3Jkc19iXFwmcXVvdDs6MTIwMCxcXCZxdW90O3dpbmRvd0Nvb3Jkc19sXFwmcXVvdDs6MCxcXCZxdW90O2ZyYW1lQ29vcmRzX3RcXCZxdW90Ozo4LFxcJnF1b3Q7ZnJhbWVDb29yZHNfclxcJnF1b3Q7OjEyODUsXFwmcXVvdDtmcmFtZUNvb3Jkc19iXFwmcXVvdDs6MjU4LFxcJnF1b3Q7ZnJhbWVDb29yZHNfbFxcJnF1b3Q7OjMxNSxcXCZxdW90O3N0eWxlWkluZGV4XFwmcXVvdDs6XFwmcXVvdDthdXRvXFwmcXVvdDssXFwmcXVvdDthbGxvd2VkRXhwYW5zaW9uX3RcXCZxdW90Ozo4LFxcJnF1b3Q7YWxsb3dlZEV4cGFuc2lvbl9yXFwmcXVvdDs6MzE1LFxcJnF1b3Q7YWxsb3dlZEV4cGFuc2lvbl9iXFwmcXVvdDs6OTQyLFxcJnF1b3Q7YWxsb3dlZEV4cGFuc2lvbl9sXFwmcXVvdDs6MzE1LFxcJnF1b3Q7eEluVmlld1xcJnF1b3Q7OjEsXFwmcXVvdDt5SW5WaWV3XFwmcXVvdDs6MX0mcXVvdDssJnF1b3Q7cGVybWlzc2lvbnMmcXVvdDs6JnF1b3Q7e1xcJnF1b3Q7ZXhwYW5kQnlPdmVybGF5XFwmcXVvdDs6ZmFsc2UsXFwmcXVvdDtleHBhbmRCeVB1c2hcXCZxdW90OzpmYWxzZSxcXCZxdW90O3JlYWRDb29raWVcXCZxdW90OzpmYWxzZSxcXCZxdW90O3dyaXRlQ29va2llXFwmcXVvdDs6ZmFsc2V9JnF1b3Q7LCZxdW90O21ldGFkYXRhJnF1b3Q7OiZxdW90O3tcXCZxdW90O3NoYXJlZFxcJnF1b3Q7OntcXCZxdW90O3NmX3ZlclxcJnF1b3Q7OlxcJnF1b3Q7MS0wLTM4XFwmcXVvdDssXFwmcXVvdDtja19vblxcJnF1b3Q7OjEsXFwmcXVvdDtmbGFzaF92ZXJcXCZxdW90OzpcXCZxdW90OzBcXCZxdW90O319JnF1b3Q7LCZxdW90O3JlcG9ydENyZWF0aXZlR2VvbWV0cnkmcXVvdDs6ZmFsc2UsJnF1b3Q7aXNEaWZmZXJlbnRTb3VyY2VXaW5kb3cmcXVvdDs6ZmFsc2UsJnF1b3Q7Z29vZ19zYWZlZnJhbWVfaGx0JnF1b3Q7Ont9LCZxdW90O2VuY3J5cHRpb25Nb2RlJnF1b3Q7Om51bGx9XCIgc2Nyb2xsaW5nPVwibm9cIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCIgd2lkdGg9XCI5NzBcIiBoZWlnaHQ9XCIyNTBcIiBkYXRhLWlzLXNhZmVmcmFtZT1cInRydWVcIiBzYW5kYm94PVwiYWxsb3ctZm9ybXMgYWxsb3ctcG9wdXBzIGFsbG93LXBvcHVwcy10by1lc2NhcGUtc2FuZGJveCBhbGxvdy1zYW1lLW9yaWdpbiBhbGxvdy1zY3JpcHRzIGFsbG93LXRvcC1uYXZpZ2F0aW9uLWJ5LXVzZXItYWN0aXZhdGlvblwiIGFsbG93PVwiYXR0cmlidXRpb24tcmVwb3J0aW5nXCIgcm9sZT1cInJlZ2lvblwiIGFyaWEtbGFiZWw9XCJBZHZlcnRpc2VtZW50XCIgdGFiaW5kZXg9XCIwXCIgZGF0YS1nb29nbGUtY29udGFpbmVyLWlkPVwiMVwiIHN0eWxlPVwiYm9yZGVyOiAwcHg7IHZlcnRpY2FsLWFsaWduOiBib3R0b207XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tL2pzL2NvcmUvYnJpZGdlMy40OTMuMF9lbi5odG1sI2dvb2dfMTQ3Mjk0ODM5MFwiIGFsbG93ZnVsbHNjcmVlbj1cIlwiIGFsbG93PVwiYXV0b3BsYXk7YXR0cmlidXRpb24tcmVwb3J0aW5nXCIgaWQ9XCJnb29nXzE0NzI5NDgzOTBcIiBzdHlsZT1cImJvcmRlcjogMHB4OyBvcGFjaXR5OiAwOyBtYXJnaW46IDBweDsgcGFkZGluZzogMHB4OyBwb3NpdGlvbjogcmVsYXRpdmU7IGNvbG9yLXNjaGVtZTogbGlnaHQ7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tL2pzL2NvcmUvYnJpZGdlMy40OTMuMF9lbi5odG1sI2dvb2dfODI1MzUyMDk1XCIgYWxsb3dmdWxsc2NyZWVuPVwiXCIgYWxsb3c9XCJhdXRvcGxheTthdHRyaWJ1dGlvbi1yZXBvcnRpbmdcIiBpZD1cImdvb2dfODI1MzUyMDk1XCIgc3R5bGU9XCJib3JkZXI6IDBweDsgb3BhY2l0eTogMDsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDBweDsgcG9zaXRpb246IHJlbGF0aXZlOyBjb2xvci1zY2hlbWU6IGxpZ2h0O1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBzcmM9XCJodHRwczovL2ltYXNkay5nb29nbGVhcGlzLmNvbS9qcy9jb3JlL2JyaWRnZTMuNDkzLjBfZW4uaHRtbCNnb29nXzIwMTg2OTQ4NDRcIiBhbGxvd2Z1bGxzY3JlZW49XCJcIiBhbGxvdz1cImF1dG9wbGF5O2F0dHJpYnV0aW9uLXJlcG9ydGluZ1wiIGlkPVwiZ29vZ18yMDE4Njk0ODQ0XCIgc3R5bGU9XCJib3JkZXI6IDBweDsgb3BhY2l0eTogMDsgbWFyZ2luOiAwcHg7IHBhZGRpbmc6IDBweDsgcG9zaXRpb246IHJlbGF0aXZlOyBjb2xvci1zY2hlbWU6IGxpZ2h0O1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBzcmM9XCJodHRwczovL2NhMTQzOTFhODI0ZTQ2NDM4MGYwMWFiNGI2YzAyZDcyLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FmZWZyYW1lLzEtMC0zOC9odG1sL2NvbnRhaW5lci5odG1sXCIgc3R5bGU9XCJ2aXNpYmlsaXR5OiBoaWRkZW47IGRpc3BsYXk6IG5vbmU7XCI%2BPC9pZnJhbWU%2BXG48aWZyYW1lIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9zb2Rhci9zb2RhcjIvMjI1L3J1bm5lci5odG1sXCIgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIHN0eWxlPVwiZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT5cbjxpZnJhbWUgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9yZWNhcHRjaGEvYXBpMi9hZnJhbWVcIiB3aWR0aD1cIjBcIiBoZWlnaHQ9XCIwXCIgc3R5bGU9XCJkaXNwbGF5OiBub25lO1wiPjwvaWZyYW1lPlxuPGlmcmFtZSBpZD1cInBtLTg3XCIgc3JjPVwiaHR0cHM6Ly9hZHMucHVibWF0aWMuY29tL0FkU2VydmVyL2pzL3Nob3dhZC5qcz8jUElYJmFtcDtpdD0yJmFtcDtrZG50dWlkPTEmYW1wO25wPTAmYW1wO3A9MTU2ODU4JmFtcDtzPTYzMDkwNyZhbXA7YT0yNDQ2MDA4XCIgd2lkdGg9XCIwXCIgaGVpZ2h0PVwiMFwiIHNjcm9sbGluZz1cIm5vXCIgc3R5bGU9XCJoZWlnaHQ6IDBweDsgd2lkdGg6IDBweDsgZGlzcGxheTogbm9uZTtcIj48L2lmcmFtZT48L2JvZHk%2BPC9odG1sPiIsImJsYWNrbGlzdERhdGEiOnsiYWN0aW9uIjoxMCwiYWN0aW9uRGV0YWlscyI6ImFsZ2JpZC5hcHAiLCJyZXBvcnRSYXRpbyI6MSwicmVwb3J0TWFya3VwIjp0cnVlLCJpdGVtcyI6W3siaG9zdG5hbWUiOiJhbGdiaWQuYXBwIiwidG9rZW4iOiIiLCJhY3Rpb24iOjEwfSx7Imhvc3RuYW1lIjoiYWxnYmlkLmFwcCIsInRva2VuIjoiIiwiYWN0aW9uIjoxMH1dLCJtYXJrdXAiOiI8IS0tIHRydW5jYXRlZC4uLiAtLT49XCJcIjtmb3IobGV0IGM9MDtjPGIubGVuZ3RoO2MrKylhKz1TdHJpbmcuZnJvbUNoYXJDb2RlKGIuY2hhckNvZGVBdChjKV5cIlxcdTAwMDNcXHUwMDA3XFx1MDAwM1xcdTAwMDdcXGJcXHUwMDA0XFx1MDAwNFxcdTAwMDZcXHUwMDA1XFx1MDAwM1wiLmNoYXJDb2RlQXQoYyUxMCkpO3RoaXMuZz1KU09OLnBhcnNlKGEpfWNhdGNoKGIpe319fSxOO3ZhciBMYT1kb2N1bWVudCxNYT13aW5kb3c7dmFyIE5hPSEhd2luZG93Lmdvb2dsZV9hc3luY19pZnJhbWVfaWQ7bGV0IE89TmEmJndpbmRvdy5wYXJlbnR8fHdpbmRvdztjbGFzcyBPYXtjb25zdHJ1Y3RvcihhLGIpe3RoaXMuZXJyb3I9YTt0aGlzLmNvbnRleHQ9Yi5jb250ZXh0O3RoaXMubXNnPWIubWVzc2FnZXx8XCJcIjt0aGlzLmlkPWIuaWR8fFwianNlcnJvclwiO3RoaXMubWV0YT17fX19O2NvbnN0IFBhPVJlZ0V4cChcIl5odHRwcz86Ly8oXFxcXHd8LSkrXFxcXC5jZG5cXFxcLmFtcHByb2plY3RcXFxcLihuZXR8b3JnKShcXFxcP3wvfCQpXCIpO3ZhciBRYT1jbGFzc3tjb25zdHJ1Y3RvcihhLGIpe3RoaXMuZz1hO3RoaXMuaD1ifX0sUmE9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLnVybD1hO3RoaXMubT0hIWI7dGhpcy5kZXB0aD1udWxsfX07ZnVuY3Rpb24gUChhLGIpe2NvbnN0IGM9e307Y1thXT1iO3JldHVybltjXX1mdW5jdGlvbiBTYShhLGIsYyxkLGYpe2NvbnN0IGc9W107SihhLGZ1bmN0aW9uKGUsayl7KGU9VGEoZSxiLGMsZCxmKSkmJmcucHVzaChrK1wiPVwiK2UpfSk7cmV0dXJuIGcuam9pbihiKX0gZnVuY3Rpb24gVGEoYSxiLGMsZCxmKXtpZihudWxsPT1hKXJldHVyblwiXCI7Yj1ifHxcIiZcIjtjPWN8fFwiLCRcIjtcInN0cmluZ1wiPT10eXBlb2YgYyYmKGM9Yy5zcGxpdChcIlwiKSk7aWYoYSBpbnN0YW5jZW9mIEFycmF5KXtpZihkPWR8fDAsZDxjLmxlbmd0aCl7Y29uc3QgZz1bXTtmb3IobGV0IGU9MDtlPGEubGVuZ3RoO2UrKylnLnB1c2goVGEoYVtlXSxiLGMsZCsxLGYpKTtyZXR1cm4gZy5qb2luKGNbZF0pfX1lbHNlIGlmKFwib2JqZWN0XCI9PXR5cGVvZiBhKXJldHVybiBmPWZ8fDAsMj5mP2VuY29kZVVSSUNvbXBvbmVudChTYShhLGIsYyxkLGYrMSkpOlwiLi4uXCI7cmV0dXJuIGVuY29kZVVSSUNvbXBvbmVudChTdHJpbmcoYSkpfWZ1bmN0aW9uIFVhKGEpe2xldCBiPTE7Zm9yKGNvbnN0IGMgaW4gYS5oKWI9Yy5sZW5ndGg%2BYj9jLmxlbmd0aDpiO3JldHVybiAzOTk3LWItYS5pLmxlbmd0aC0xfSBmdW5jdGlvbiBWYShhLGIsYyl7Yj1iK1wiLy9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbVwiK2M7bGV0IGQ9VWEoYSktYy5sZW5ndGg7aWYoMD5kKXJldHVyblwiXCI7YS5nLnNvcnQoZnVuY3Rpb24oZyxlKXtyZXR1cm4gZy1lfSk7Yz1udWxsO2xldCBmPVwiXCI7Zm9yKGxldCBnPTA7ZzxhLmcubGVuZ3RoO2crKyl7Y29uc3QgZT1hLmdbZ10saz1hLmhbZV07Zm9yKGxldCBoPTA7aDxrLmxlbmd0aDtoKyspe2lmKCFkKXtjPW51bGw9PWM%2FZTpjO2JyZWFrfWxldCBsPVNhKGtbaF0sYS5pLFwiLCRcIik7aWYobCl7bD1mK2w7aWYoZD49bC5sZW5ndGgpe2QtPWwubGVuZ3RoO2IrPWw7Zj1hLmk7YnJlYWt9Yz1udWxsPT1jP2U6Y319fWE9XCJcIjtudWxsIT1jJiYoYT1mK1widHJuPVwiK2MpO3JldHVybiBiK2F9Y2xhc3MgUXtjb25zdHJ1Y3Rvcigpe3RoaXMuaT1cIiZcIjt0aGlzLmg9e307dGhpcy5qPTA7dGhpcy5nPVtdfX07ZnVuY3Rpb24gV2EoKXt2YXIgYT1SLGI9Uy5nb29nbGVfc3J0OzA8PWImJjE%2BPWImJihhLmc9Yil9ZnVuY3Rpb24gVChhLGIsYyxkLGYsZyl7&i=16-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
0qBL59_9L9H3aF-ZpM-XMabluKSMBPmx_FNoHDp334JpZOeWEEnzYg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=aWYoKGQ%2FYS5nOk1hdGgucmFuZG9tKCkpPChmfHwuMDEpKXRyeXtsZXQgZTtjIGluc3RhbmNlb2YgUT9lPWM6KGU9bmV3IFEsSihjLChoLGwpPT57dmFyIG09ZSxuPW0uaisrO2g9UChsLGgpO20uZy5wdXNoKG4pO20uaFtuXT1ofSkpO2NvbnN0IGs9VmEoZSxhLmgsXCIvcGFnZWFkL2dlbl8yMDQ%2FaWQ9XCIrYitcIiZcIik7ayYmKFwidW5kZWZpbmVkXCIhPT10eXBlb2YgZz9MKHIsayxnKTpMKHIsaykpfWNhdGNoKGUpe319Y2xhc3MgWGF7Y29uc3RydWN0b3IoKXt2YXIgYT12b2lkIDA9PT1hP01hOmE7dGhpcy5oPVwiaHR0cDpcIj09PWEubG9jYXRpb24ucHJvdG9jb2w%2FXCJodHRwOlwiOlwiaHR0cHM6XCI7dGhpcy5nPU1hdGgucmFuZG9tKCl9fTtsZXQgVT1udWxsO3ZhciBZYT0oKT0%2Be2NvbnN0IGE9ci5wZXJmb3JtYW5jZTtyZXR1cm4gYSYmYS5ub3cmJmEudGltaW5nP01hdGguZmxvb3IoYS5ub3coKSthLnRpbWluZy5uYXZpZ2F0aW9uU3RhcnQpOkRhdGUubm93KCl9LFphPSgpPT57Y29uc3QgYT1yLnBlcmZvcm1hbmNlO3JldHVybiBhJiZhLm5vdz9hLm5vdygpOm51bGx9O2NsYXNzICRhe2NvbnN0cnVjdG9yKGEsYil7dmFyIGM9WmEoKXx8WWEoKTt0aGlzLmxhYmVsPWE7dGhpcy50eXBlPWI7dGhpcy52YWx1ZT1jO3RoaXMuZHVyYXRpb249MDt0aGlzLnVuaXF1ZUlkPU1hdGgucmFuZG9tKCk7dGhpcy5zbG90SWQ9dm9pZCAwfX07Y29uc3QgVj1yLnBlcmZvcm1hbmNlLGFiPSEhKFYmJlYubWFyayYmVi5tZWFzdXJlJiZWLmNsZWFyTWFya3MpLFc9ZnVuY3Rpb24oYSl7bGV0IGI9ITEsYztyZXR1cm4gZnVuY3Rpb24oKXtifHwoYz1hKCksYj0hMCk7cmV0dXJuIGN9fSgoKT0%2Be3ZhciBhO2lmKGE9YWIpe3ZhciBiO2lmKG51bGw9PT1VKXtVPVwiXCI7dHJ5e2E9XCJcIjt0cnl7YT1yLnRvcC5sb2NhdGlvbi5oYXNofWNhdGNoKGMpe2E9ci5sb2NhdGlvbi5oYXNofWEmJihVPShiPWEubWF0Y2goL1xcYmRlaWQ9KFtcXGQsXSspLykpP2JbMV06XCJcIil9Y2F0Y2goYyl7fX1iPVU7YT0hIWIuaW5kZXhPZiYmMDw9Yi5pbmRleE9mKFwiMTMzN1wiKX1yZXR1cm4gYX0pO2Z1bmN0aW9uIGJiKGEpe2EmJlYmJlcoKSYmKFYuY2xlYXJNYXJrcyhgZ29vZ18ke2EubGFiZWx9XyR7YS51bmlxdWVJZH1fc3RhcnRgKSxWLmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X2VuZGApKX0gY2xhc3MgY2J7Y29uc3RydWN0b3IoKXt2YXIgYT1TO3RoaXMuaD1bXTt0aGlzLmk9YXx8cjtsZXQgYj1udWxsO2EmJihhLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWU9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlfHxbXSx0aGlzLmg9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlLGI9YS5nb29nbGVfbWVhc3VyZV9qc190aW1pbmcpO3RoaXMuZz1XKCl8fChudWxsIT1iP2I6MT5NYXRoLnJhbmRvbSgpKX1zdGFydChhLGIpe2lmKCF0aGlzLmcpcmV0dXJuIG51bGw7YT1uZXcgJGEoYSxiKTtiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGA7ViYmVygpJiZWLm1hcmsoYik7cmV0dXJuIGF9ZW5kKGEpe2lmKHRoaXMuZyYmXCJudW1iZXJcIj09PXR5cGVvZiBhLnZhbHVlKXthLmR1cmF0aW9uPShaYSgpfHxZYSgpKS1hLnZhbHVlO3ZhciBiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgO1YmJlcoKSYmVi5tYXJrKGIpOyF0aGlzLmd8fDIwNDg8dGhpcy5oLmxlbmd0aHx8IHRoaXMuaC5wdXNoKGEpfX19O2Z1bmN0aW9uIFgoYSl7bGV0IGI9YS50b1N0cmluZygpO2EubmFtZSYmLTE9PWIuaW5kZXhPZihhLm5hbWUpJiYoYis9XCI6IFwiK2EubmFtZSk7YS5tZXNzYWdlJiYtMT09Yi5pbmRleE9mKGEubWVzc2FnZSkmJihiKz1cIjogXCIrYS5tZXNzYWdlKTtpZihhLnN0YWNrKXthPWEuc3RhY2s7dHJ5ey0xPT1hLmluZGV4T2YoYikmJihhPWIrXCJcXG5cIithKTtsZXQgYztmb3IoO2EhPWM7KWM9YSxhPWEucmVwbGFjZSgvKChodHRwcz86XFwvLi4qXFwvKVteXFwvOl0qOlxcZCsoPzoufFxcbikqKVxcMi8sXCIkMVwiKTtiPWEucmVwbGFjZSgvXFxuICovZyxcIlxcblwiKX1jYXRjaChjKXt9fXJldHVybiBifSBmdW5jdGlvbiBkYihhLGIpe2xldCBjLGQ7dHJ5e2EuZyYmYS5nLmc%2FKGQ9YS5nLnN0YXJ0KCg5MDMpLnRvU3RyaW5nKCksMyksYz1iKCksYS5nLmVuZChkKSk6Yz1iKCl9Y2F0Y2goZil7Yj0hMDt0cnl7YmIoZCksYj1hLnMoOTAzLG5ldyBPYShmLHttZXNzYWdlOlgoZil9KSx2b2lkIDAsdm9pZCAwKX1jYXRjaChnKXthLm8oMjE3LGcpfWlmKGIpe2xldCBnLGU7bnVsbD09KGc9d2luZG93LmNvbnNvbGUpfHxudWxsPT0oZT1nLmVycm9yKXx8ZS5jYWxsKGcsZil9ZWxzZSB0aHJvdyBmO31yZXR1cm4gY31mdW5jdGlvbiBlYihhKXt2YXIgYj1ZO3JldHVybiguLi5jKT0%2BZGIoYiwoKT0%2BYS5hcHBseSh2b2lkIDAsYykpfSBjbGFzcyBmYntjb25zdHJ1Y3Rvcigpe3ZhciBhPVo7dGhpcy5pPVI7dGhpcy5oPW51bGw7dGhpcy5zPXRoaXMubzt0aGlzLmc9dm9pZCAwPT09YT9udWxsOmE7dGhpcy5qPSExfXBpbmdlcigpe3JldHVybiB0aGlzLml9byhhLGIsYyxkLGYpe2Y9Znx8XCJqc2Vycm9yXCI7bGV0IGc7dHJ5e2NvbnN0IHY9bmV3IFE7dmFyIGU9djtlLmcucHVzaCgxKTtlLmhbMV09UChcImNvbnRleHRcIixhKTtiLmVycm9yJiZiLm1ldGEmJmIuaWR8fChiPW5ldyBPYShiLHttZXNzYWdlOlgoYil9KSk7aWYoYi5tc2cpe2U9djt2YXIgaz1iLm1zZy5zdWJzdHJpbmcoMCw1MTIpO2UuZy5wdXNoKDIpO2UuaFsyXT1QKFwibXNnXCIsayl9dmFyIGg9Yi5tZXRhfHx7fTtiPWg7aWYodGhpcy5oKXRyeXt0aGlzLmgoYil9Y2F0Y2goeSl7fWlmKGQpdHJ5e2QoYil9Y2F0Y2goeSl7fWQ9djtoPVtoXTtkLmcucHVzaCgzKTtkLmhbM109aDtkPXI7aD1bXTtiPW51bGw7ZG97dmFyIGw9ZDtpZihJKGwpKXt2YXIgbT1sLmxvY2F0aW9uLmhyZWY7IGI9bC5kb2N1bWVudCYmbC5kb2N1bWVudC5yZWZlcnJlcnx8bnVsbH1lbHNlIG09YixiPW51bGw7aC5wdXNoKG5ldyBSYShtfHxcIlwiKSk7dHJ5e2Q9bC5wYXJlbnR9Y2F0Y2goeSl7ZD1udWxsfX13aGlsZShkJiZsIT1kKTtmb3IobGV0IHk9MCx6YT1oLmxlbmd0aC0xO3k8PXphOysreSloW3ldLmRlcHRoPXphLXk7bD1yO2lmKGwubG9jYXRpb24mJmwubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zJiZsLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucy5sZW5ndGg9PWgubGVuZ3RoLTEpZm9yKG09MTttPGgubGVuZ3RoOysrbSl7dmFyIG49aFttXTtuLnVybHx8KG4udXJsPWwubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW20tMV18fFwiXCIsbi5tPSEwKX12YXIgdT1oO2xldCBLPW5ldyBSYShyLmxvY2F0aW9uLmhyZWYsITEpO2w9bnVsbDtjb25zdCBhYT11Lmxlbmd0aC0xO2ZvcihuPWFhOzA8PW47LS1uKXt2YXIgcD11W25dOyFsJiZQYS50ZXN0KHAudXJsKSYmKGw9cCk7aWYocC51cmwmJiFwLm0pe0s9IHA7YnJlYWt9fXA9bnVsbDtjb25zdCBqYj11Lmxlbmd0aCYmdVthYV0udXJsOzAhPUsuZGVwdGgmJmpiJiYocD11W2FhXSk7Zz1uZXcgUWEoSyxwKTtpZihnLmgpe3U9djt2YXIgcT1nLmgudXJsfHxcIlwiO3UuZy5wdXNoKDQpO3UuaFs0XT1QKFwidG9wXCIscSl9dmFyIGJhPXt1cmw6Zy5nLnVybHx8XCJcIn07aWYoZy5nLnVybCl7dmFyIGNhPWcuZy51cmwubWF0Y2goeGEpLEM9Y2FbMV0sQWE9Y2FbM10sQmE9Y2FbNF07cT1cIlwiO0MmJihxKz1DK1wiOlwiKTtBYSYmKHErPVwiLy9cIixxKz1BYSxCYSYmKHErPVwiOlwiK0JhKSk7dmFyIENhPXF9ZWxzZSBDYT1cIlwiO0M9djtiYT1bYmEse3VybDpDYX1dO0MuZy5wdXNoKDUpO0MuaFs1XT1iYTtUKHRoaXMuaSxmLHYsdGhpcy5qLGMpfWNhdGNoKHYpe3RyeXtUKHRoaXMuaSxmLHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6YSxtc2c6WCh2KSx1cmw6ZyYmZy5nLnVybH0sdGhpcy5qLGMpfWNhdGNoKEspe319cmV0dXJuITB9fTtjbGFzcyBnYnt9O2xldCBSLFk7aWYoTmEmJiFJKE8pKXtsZXQgYT1cIi5cIitMYS5kb21haW47dHJ5e2Zvcig7MjxhLnNwbGl0KFwiLlwiKS5sZW5ndGgmJiFJKE8pOylMYS5kb21haW49YT1hLnN1YnN0cihhLmluZGV4T2YoXCIuXCIpKzEpLE89d2luZG93LnBhcmVudH1jYXRjaChiKXt9SShPKXx8KE89d2luZG93KX1PIT09d2luZG93JiYuMDE%2BTWF0aC5yYW5kb20oKSYmR2EoKTtjb25zdCBTPU8sWj1uZXcgY2I7dmFyIGhiPSgpPT57aWYoIVMuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nKXt2YXIgYT1aO2EuZz0hMTthLmghPWEuaS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlJiYoVygpJiZBcnJheS5wcm90b3R5cGUuZm9yRWFjaC5jYWxsKGEuaCxiYix2b2lkIDApLGEuaC5sZW5ndGg9MCl9fTsgKGE9PntSPW51bGwhPWE%2FYTpuZXcgWGE7XCJudW1iZXJcIiE9PXR5cGVvZiBTLmdvb2dsZV9zcnQmJihTLmdvb2dsZV9zcnQ9TWF0aC5yYW5kb20oKSk7V2EoKTtZPW5ldyBmYjtZLmg9Yj0%2Be3ZhciBjPU07MCE9PWMmJihiLmpjPVN0cmluZyhjKSxjPShjPUhhKGMsZG9jdW1lbnQuY3VycmVudFNjcmlwdCkpJiZjLmdldEF0dHJpYnV0ZShcImRhdGEtamMtdmVyc2lvblwiKXx8XCJ1bmtub3duXCIsYi5zaHY9Yyl9O1kuaj0hMDtcImNvbXBsZXRlXCI9PVMuZG9jdW1lbnQucmVhZHlTdGF0ZT9oYigpOlouZyYmSChTLFwibG9hZFwiLCgpPT57aGIoKX0pfSkoKTtmdW5jdGlvbiBpYigpe3ZhciBhLGI7Y29uc3QgYz13aW5kb3c7aWYoYy5nbWFTZGt8fChudWxsPT09KGE9Yy53ZWJraXQpfHx2b2lkIDA9PT1hPzA6YS5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMpKXJldHVybiBjO3RyeXtjb25zdCBkPXdpbmRvdy5wYXJlbnQ7aWYoZC5nbWFTZGt8fChudWxsPT09KGI9ZC53ZWJraXQpfHx2b2lkIDA9PT1iPzA6Yi5tZXNzYWdlSGFuZGxlcnMuZ2V0R21hVmlld1NpZ25hbHMpKXJldHVybiBkfWNhdGNoKGQpe31yZXR1cm4gbnVsbH0gZnVuY3Rpb24ga2IoYSxiPXt9LGM9KCk9Pnt9LGQ9KCk9Pnt9KXtjb25zdCBmPVN0cmluZyhNYXRoLmZsb29yKDIxNDc0ODM2NDcqeWEoKSkpO2xldCBnPTA7Y29uc3QgZT1rPT57dHJ5e3ZhciBoPVwib2JqZWN0XCI9PT10eXBlb2Ygay5kYXRhP2suZGF0YTpKU09OLnBhcnNlKGsuZGF0YSk7Zj09PWgucGF3X2lkJiYod2luZG93LmNsZWFyVGltZW91dChnKSx3aW5kb3cucmVtb3ZlRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixlKSxoLnNpZ25hbD9jKGguc2lnbmFsKTpoLmVycm9yJiZkKGguZXJyb3IpKX1jYXRjaChtKXtrPXttc2c6XCJwb3N0bWVzc2FnZUVycm9yXCIsZXJyOm0gaW5zdGFuY2VvZiBFcnJvcj9tLm1lc3NhZ2U6XCJub25FcnJvclwiLGRhdGE6bnVsbD09ay5kYXRhP1wibnVsbFwiOjUwMDxrLmRhdGEubGVuZ3RoP2suZGF0YS5zdWJzdHJpbmcoMCw1MDApOmsuZGF0YX07aD1nYjt2YXIgbD1cImxcIjtoLmwmJmguaGFzT3duUHJvcGVydHkobCl8fChsPW5ldyBoLGgubD1sKTtoPVtdOyFrLmVpZCYmIGgubGVuZ3RoJiYoay5laWQ9aC50b1N0cmluZygpKTtUKFIsXCJwYXdfc2lnc1wiLGssITAsdm9pZCAwLHZvaWQgMCl9fTt3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixlYihrPT57ZShrKX0pKTthLnBvc3RNZXNzYWdlKE9iamVjdC5hc3NpZ24oe3Bhd19pZDpmfSxiKSk7Zz13aW5kb3cuc2V0VGltZW91dCgoKT0%2Be3dpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGUpO2QoXCJQQVcgR01BIHBvc3RtZXNzYWdlIHRpbWVkIG91dC5cIil9LDIwMCl9O3ZhciBsYj1jbGFzcyBleHRlbmRzIER7fSxxYT1bNl07Y29uc3QgbWI9XCJwbGF0Zm9ybSBwbGF0Zm9ybVZlcnNpb24gYXJjaGl0ZWN0dXJlIG1vZGVsIHVhRnVsbFZlcnNpb24gYml0bmVzc1wiLnNwbGl0KFwiIFwiKTt2YXIgbmI9KCk9Pnt2YXIgYT13aW5kb3c7cmV0dXJuIGEubmF2aWdhdG9yJiZhLm5hdmlnYXRvci51c2VyQWdlbnREYXRhJiZcImZ1bmN0aW9uXCI9PT10eXBlb2YgYS5uYXZpZ2F0b3IudXNlckFnZW50RGF0YS5nZXRIaWdo&i=17-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
efr2MN3ED4dm0QZOQMCDki5jGvrhlacu41_6D45QiE4cUQU_wP2yyw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=RW50cm9weVZhbHVlcz9hLm5hdmlnYXRvci51c2VyQWdlbnREYXRhLmdldEhpZ2hFbnRyb3B5VmFsdWVzKG1iKS50aGVuKGI9Pnt2YXIgYz1uZXcgbGI7Yz1FKGMsMSxiLnBsYXRmb3JtKTtjPUUoYywyLGIucGxhdGZvcm1WZXJzaW9uKTtjPUUoYywzLGIuYXJjaGl0ZWN0dXJlKTtjPUUoYyw0LGIubW9kZWwpO2M9RShjLDUsYi51YUZ1bGxWZXJzaW9uKTtyZXR1cm4gRShjLDksYi5iaXRuZXNzKX0pOm51bGx9O2NsYXNzIG9ie2NvbnN0cnVjdG9yKCl7dGhpcy5wcm9taXNlPW5ldyBQcm9taXNlKGE9Pnt0aGlzLmc9YX0pfX07d2luZG93LnZpZXdSZXE9W107Y29uc3QgcGI9YT0%2Be2NvbnN0IGI9bmV3IEltYWdlO2Iuc3JjPWEucmVwbGFjZShcIiZhbXA7XCIsXCImXCIpO3dpbmRvdy52aWV3UmVxLnB1c2goYil9LHFiPWE9PntmZXRjaChhLHtrZWVwYWxpdmU6ITAsY3JlZGVudGlhbHM6XCJpbmNsdWRlXCIscmVkaXJlY3Q6XCJmb2xsb3dcIixtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSkuY2F0Y2goKCk9PntwYihhKX0pfSxyYj1hPT57d2luZG93LmZldGNoP3FiKGEpOnBiKGEpfTtNPTQyOyB3aW5kb3cudnU9YT0%2Be3ZhciBiLGMsZCxmO2NvbnN0IGc9SWEodmEpLGU9aWIoKTtnJiZudWxsIT0obnVsbD09PShiPW51bGw9PT1lfHx2b2lkIDA9PT1lP3ZvaWQgMDplLmdtYVNkayl8fHZvaWQgMD09PWI%2Fdm9pZCAwOmIuZ2V0Vmlld1NpZ25hbHMpJiYoYj1udWxsPT09KGM9bnVsbD09PWV8fHZvaWQgMD09PWU%2Fdm9pZCAwOmUuZ21hU2RrKXx8dm9pZCAwPT09Yz92b2lkIDA6Yy5nZXRWaWV3U2lnbmFscygpKSYmKGE9RyhhLFwiJm1zPVwiK2IpKTtjb25zdCBrPVtdO2M9KCk9Pntjb25zdCBoPW5ldyBvYjtrLnB1c2goaC5wcm9taXNlKTtyZXR1cm4gaC5nfTtpZihiPUlhKHdhKSl7Y29uc3QgaD1uYigpO2lmKG51bGwhPWgpe2NvbnN0IGw9YygpO2gudGhlbihtPT57YTp7QT0hMDt0cnl7dmFyIG49SlNPTi5zdHJpbmdpZnkobS50b0pTT04oKSx0YSk7YnJlYWsgYX1maW5hbGx5e0E9ITF9bj12b2lkIDB9bT1uO249W107Zm9yKHZhciB1PTAscD0wO3A8bS5sZW5ndGg7cCsrKXt2YXIgcT0gbS5jaGFyQ29kZUF0KHApOzI1NTxxJiYoblt1KytdPXEmMjU1LHE%2BPj04KTtuW3UrK109cX1tPWphKG4sMyk7MDxtLmxlbmd0aCYmKGE9RyhhLFwiJnVhY2g9XCIrbSkpO2woKX0pfX1pZihnJiZudWxsIT0obnVsbD09PShkPW51bGw9PT1lfHx2b2lkIDA9PT1lP3ZvaWQgMDplLndlYmtpdCl8fHZvaWQgMD09PWQ%2Fdm9pZCAwOmQubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzKSl7Y29uc3QgaD1jKCk7a2IobnVsbD09PShmPW51bGw9PT1lfHx2b2lkIDA9PT1lP3ZvaWQgMDplLndlYmtpdCl8fHZvaWQgMD09PWY%2Fdm9pZCAwOmYubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzLHt9LGw9PnthPUcoYSxcIiZcIitsKTtoKCl9LCgpPT57aCgpfSl9Ynx8Zz9Qcm9taXNlLmFsbChrKS50aGVuKCgpPT57cmIoYSl9KTpyYihhKX07fSkuY2FsbCh0aGlzKTs8L3NjcmlwdD48c2NyaXB0PnZ1KFwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haVxceDNkQ18yRE5nNXk4WVp2b0pNanIzd08xX1lISUE2eWQ0cTVtdWRDdXlwWVB3STIzQVJBQklBQmdsYktoZ3JBSGdnRVhZMkV0Y0hWaUxUUXhNVE0yT0RFNE9ESXpNVEUwTlRYSUFRbmdBZ0NvQXdHcUJLc0NUOURrVXJIbGsxc0VNbWNSWjgtU3JwX1NxMHFkUGdtN1VyOHFFY0VtXzJhVmhQRHVIX1VTLVN4bmM5R2xvUkN3cnVBUy1ORnd6eTJ3elVqVTlxUzJLemxBYW4xaXd3TjAxNE84aW04ZGlub29XZnZLUkI5QUllV1c0X3VLUHJDMGdHaWlTbXc2RUpyVDc2aGpvMkZTWVdLTDNEalY3Q1k3VEt3dnRWRGRWMkVZVHkwSDQ1eDZNWjYtWndFRW5tLXBpR1FPZU1RWGY5NTRZY2hkWmNLUmgxMlRKMVVYb2FwcUpDMUdvUldYSjMwM2JxUnptbklENHMwV3k3ZUtCSjJxN2UtREhyVDQ4bUhLc0h1aWZNMHgzeERhd0x3ZmFZVDFiUzJ6YjZBS3hGb19hOTgtbDZMZElVUDB5MDNhcERRUzNUOHZ6cExJSWQwSFN4S3pkUldNTEw4RWQxQUxoczhKa3FCaHdyRWR3XzYteDhXdmszc2NqQWVFZjBDRnp3TWVzbVNQa29rZHhqOVZOZG5nQkFHQUJ1Nlh3OVA5al9HdjFRR2dCaUdvQjZhLUc2Z0hsdGdicUFlcW03RUNxQWZmbjdFQzJBY0EwZ2dGQ0loaEVBR0FDZ1A2Q3dJSUFZQU1BZEFWQVlBWEFiSVhIQW9hRWhSd2RXSXROREV4TXpZNE1UZzRNak14TVRRMU5SaUUyM3NcXHgyNnNpZ2hcXHgzZGxkLVhNSjRXVGZRXFx4MjZ1YWNoX21cXHgzZFtVQUNIXVxceDI2Y2lkXFx4M2RDQVFTUHdDTklyTE00VU16OHZIZFVvZFcwbmJfNTdNeGJlVGk2bTJuMkJBcTJ1WWtyZ0xrSm1KZ3FiNnZJZGkzbU9FYW1DcXc0dWl3ckJES1ZzZkxSdGNtSkJnQlwiKTwvc2NyaXB0PjxzY3JpcHQ%2BdnUoXCJodHRwczovL2cuYWxnYmlkLmFwcC9ydGltcD9zaWRcXHgzZDYzYzUyMzE4LTVmNDQtMTFlYy04OTdiLTE2NjBlMzA0MzY5MFxceDI2ZFxceDNkdGhyZWF0cG9zdC5jb21cXHgyNmNyXFx4M2RncmRfZ2VuMTFfMl9fMFxceDI2YVxceDNkaW1wXFx4MjZwXFx4M2RZYnljZ3dBSk5Cc0tkX1hJQUFCLXRVWlZCVG9UaVZaUGRJaWxqQVxceDI2aW1cXHgzZDNFckRmWGg2YmVXUzhRNlMyOEF1aVNsRnB3ek9nMDB0MVNWR2kweVBKTlFybUFEci1PX1NmdjVWczM1OGdRS01EbktaNU1ILVJDQ2dfZ1d2N2ZoNGNlQmM5d0xyT2hxZDJBUTBFN3pCZmNETkVQenpTc3YxRE1ZWUxMSmNCeVpTUjBOa1Vkcmt0VngxNFgtaGZlQU1pRWlKdWdCNTd3WWdBZkQ0RXplWjBOYm1ER0NLVVBEV3pYaXhBMXdSSTdYX09JSUxwcF9LSTJjaDRYQ3dJbmNyYkRhbHRfSzR1WWhUVVJHTUtFUU5CMVVCcDRLNWxRN041Y0Z0eUtQdGhSLTJYME1KUFBhZDVrVnAwZlAtVVFIS2hFSHpkZFlhSElHbHpscWVEcS1ZQ3NwTkhiS3FtLTdCVVB0M3QxWmVmU2F3XCIpPC9zY3JpcHQ%2BPGRpdiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdJbm5lckNvbnRhaW5lclwic3R5bGU9XCJsZWZ0OjBweDt0b3A6MHB4O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7cG9zaXRpb246Zml4ZWQ7cG9pbnRlci1ldmVudHM6bm9uZTt6LWluZGV4Oi05OTk5O1wiPjwvZGl2PjxkaXYgc3R5bGU9XCJkaXNwbGF5OmlubGluZVwiY2xhc3M9XCJHb29nbGVBY3RpdmVWaWV3RWxlbWVudFwiZGF0YS1nb29nbGUtYXYtY3huPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdTRUS1BpV0dTMTZPZ0Z6NFBEN2haRjU0UWZMU2FpNUwwcURnb25lejUyVjJDcXJsTFdWcWJ5d2drbXF6U1B2eVdmMV9kbno2X0x0UnRCNXk5TVhfNlhOUSZhbXA7c2lnPUNnMEFyS0pTekpud0FKUjVBQmJWRUFFXCJkYXRhLWdvb2dsZS1hdi1hZGs9XCIxMzU2MjUxMDI2XCJkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YT1cImxhPTAmYW1wO3hkaT0wJmFtcDtcImRhdGEtZ29vZ2xlLWF2LW92ZXJyaWRlPVwiLTFcImRhdGEtZ29vZ2xlLWF2LWRtPVwiMlwiZGF0YS1nb29nbGUtYXYtaW1tZWRpYXRlIGRhdGEtZ29vZ2xlLWF2LWFpZD1cIjBcImRhdGEtZ29vZ2xlLWF2LW5haWQ9XCIxXCJkYXRhLWdvb2dsZS1hdi1zbGlmdD1cIlwiZGF0YS1nb29nbGUtYXYtY3BtYXY9XCJcImRhdGEtZ29vZ2xlLWF2LWJ0cj1cIlwiZGF0YS1nb29nbGUtYXYtaXRwbD1cIjIwXCJkYXRhLWdvb2dsZS1hdi1ycz1cIjRcImRhdGEtZ29vZ2xlLWF2LWZsYWdzPVwiWyZxdW90O3glMjc4NDQwJiMzOTs5ZWZvdG0oJmFtcDs3NTMzNzQlMmJlanZmLyUyNzg0NCZndDsmIzM5Ozl3dXZiJCZhbXA7NTY1MzMmZ3Q7IT18dnFjKSEyNzM3OTQmYW1wOyZsdDtxcXZiLyUmbHQ7MTczNTAyMCE9bmVodWAvITM2ND01MDUxITlhYmt7YSgkMTYwMjEwOjMmYW1wOyZsdDtjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJiMzOTs3NjQ2MzsyMSQ%2FZWJrcGIkJmFtcDswMzY2NzE3Jmd0OyomZ3Q7YmdpcGYrITM9NzEyMzYzJTlhaWh3YykhNzIwMiZsdDsyMTcmIzM5OzllZm90bSgmYW1wOzIwMDYxOzQ4JmFtcDsmZ3Q7YGRvcGIvJSZsdDsxNzA3MjAwIT04KCZhbXA7MjAwNTU3NT8mYW1wOyZndDtgZG9wYi8lJmx0OzE3MDY6MjEhPW5laHVgfiZxdW90O11cIj48IURPQ1RZUEUgaHRtbD48aHRtbCBsYW5nPVwiZW5cIj4gPGhlYWQ%2BIDxtZXRhIGNoYXJzZXQ9XCJVVEYtOFwiLz4gPG1ldGEgbmFtZT1cInZpZXdwb3J0XCIgY29udGVudD1cIndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjBcIi8%2BIDxtZXRhIGh0dHAtZXF1aXY9XCJYLVVBLUNvbXBhdGlibGVcIiBjb250ZW50PVwiaWU9ZWRnZVwiLz4gPG1ldGEgbmFtZT1cInJlZmVycmVyXCIgY29udGVudD1cIm5vLXJlZmVycmVyXCIvPiA8dGl0bGU%2BRG9jdW1lbnQ8L3RpdGxlPiA8bGluayBocmVmPVwiaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M%2FZmFtaWx5PVJvYm90bzo0MDAsNzAwJmRpc3BsYXk9c3dhcFwiIHJlbD1cInN0eWxlc2hlZXRcIi8%2BIDxsaW5rIGhyZWY9XCJodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9U2VjdWxhcitPbmUmZGlzcGxheT1zd2FwXCIgcmVsPVwic3R5bGVzaGVldFwiLz4gPHN0eWxlPi8qIHJlc2V0ICovIGFiYnIsIGFkZHJlc3MsIGFydGljbGUsIGFzaWRlLCBhdWRpbywgYiwgYmxvY2txdW90ZSwgYm9keSwgY2FudmFzLCBjYXB0aW9uLCBjaXRlLCBjb2RlLCBkZCwgZGVsLCBkZXRhaWxzLCBkZm4sIGRpdiwgZGwsIGR0LCBlbSwgZmllbGRzZXQsIGZpZ2NhcHRpb24sIGZpZ3VyZSwgZm9vdGVyLCBmb3JtLCBoMSwgaDIsIGgzLCBoNCwgaDUsIGg2LCBoZWFkZXIsIGhncm91cCwgaHRtbCwgaSwgaWZyYW1lLCBpbWcsIGlucywga2JkLCBsYWJlbCwgbGVnZW5kLCBsaSwgbWFyaywgbWVudSwgbmF2LCBvYmplY3QsIG9sLCBwLCBwcmUsIHEsIHNhbXAsIHNlY3Rpb24sIHNtYWxsLCBzcGFuLCBzdHJvbmcsIHN1Yiwgc3VtbWFyeSwgc3VwLCB0YWJsZSwgdGJvZHksIHRkLCB0Zm9vdCwgdGgsIHRoZWFkLCB0aW1lLCB0ciwgdWwsIHZhciwgdmlkZW97bWFyZ2luOiAwOyBwYWRkaW5nOiAwOyBib3JkZXI6IDA7IG91dGxpbmU6IDA7IGZvbnQtc2l6ZTogMTAwJTsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBiYWNrZ3JvdW5kOiAwIDA7fWJvZHl7bGluZS1oZWlnaHQ6IDE7fWFydGljbGUsIGFzaWRlLCBkZXRhaWxzLCBmaWdjYXB0aW9uLCBmaWd1cmUsIGZvb3RlciwgaGVhZGVyLCBoZ3JvdXAsIG1lbnUsIG5hdiwgc2VjdGlvbntkaXNwbGF5OiBibG9jazt9bmF2IHVse2xpc3Qtc3R5bGU6IG5vbmU7fWJsb2NrcXVvdGUsIHF7cXVvdGVzOiBub25lO31ibG9ja3F1b3RlOmFmdGVyLCBibG9ja3F1b3RlOmJlZm9yZSwgcTphZnRlciwgcTpiZWZvcmV7Y29udGVudDogXCJcIjsgY29udGVudDogbm9uZTt9YXttYXJnaW46IDA7IHBhZGRpbmc6IDA7IGZvbnQtc2l6ZTogMTAwJTsgdmVydGljYWwtYWxpZ246IGJhc2VsaW5lOyBiYWNrZ3JvdW5kOiAwIDA7fWluc3tiYWNrZ3JvdW5kLWNvbG9yOiAjZmY5OyBjb2xvcjogIzAwMDsgdGV4dC1kZWNvcmF0aW9uOiBub25lO31tYXJre2JhY2tncm91bmQtY29sb3I6ICNmZjk7IGNvbG9yOiAjMDAwOyBmb250LXN0eWxlOiBpdGFsaWM7IGZvbnQtd2VpZ2h0OiA3MDA7fWRlbHt0ZXh0LWRlY29yYXRpb246IGxpbmUtdGhyb3VnaDt9YWJiclt0aXRsZV0sIGRmblt0aXRsZV17Ym9yZGVyLWJvdHRvbTogMXB4IGRvdHRlZDsgY3Vyc29yOiBoZWxwO310YWJsZXtib3JkZXItY29sbGFwc2U6IGNvbGxhcHNlOyBib3JkZXItc3BhY2luZzogMDt9aHJ7ZGlzcGxheTogYmxvY2s7IGhlaWdodDogMXB4OyBib3JkZXI6IDA7IGJvcmRlci10b3A6IDFweCBzb2xpZCAjY2NjOyBtYXJnaW46IDFlbSAwOyBwYWRkaW5nOiAwO31pbnB1dCwgc2VsZWN0e3ZlcnRpY2FsLWFsaWduOiBtaWRkbGU7fTwvc3R5bGU%2BIDxzdHlsZT5odG1se2JveC1zaXppbmc6IGJvcmRlci1ib3g7fWJvZHl7Zm9udC1mYW1pbHk6&i=18-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
cQ-phr-FHo0fH9cptmmQGjp5VrB08Qwq_VCmBT4dzuFdAUW1evejTg==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=IFwiUm9ib3RvXCIsIHNhbnMtc2VyaWY7fWF7dGV4dC1kZWNvcmF0aW9uOiBub25lOyBjb2xvcjogIzAwMDAwMDt9dWwgbGl7ZGlzcGxheTogYmxvY2s7IHBhZGRpbmc6IDA7IG1hcmdpbjogMDt9LmNvbnRhaW5lcl9faW5uZXJ7d2lkdGg6IGNhbGMoMTAwdncgLSAxMHB4KTsgaGVpZ2h0OiBjYWxjKDEwMHZoIC0gMTBweCk7IG1hcmdpbjogNXB4IDVweCA1cHggNXB4OyBkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWFyb3VuZDsgYmFja2dyb3VuZC1jb2xvcjogdHJhbnNwYXJlbnQ7IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGN1cnNvcjogZGVmYXVsdDt9LnN0YXJ0X19idG57bWluLXdpZHRoOiAyMDdweDsgY3Vyc29yOiBwb2ludGVyOyBiYWNrZ3JvdW5kOiBsaW5lYXItZ3JhZGllbnQoIHRvIGJvdHRvbSwgcmdiYSgwLCAxOTIsIDE2LCAxKSAwJSwgcmdiYSgwLCAxNDcsIDksIDEpIDEwMCUgKTsgZm9udC1mYW1pbHk6IFwiU2VjdWxhciBPbmVcIiwgc2Fucy1zZXJpZjsgZGlzcGxheTogaW5saW5lLWJsb2NrOyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IHRleHQtdHJhbnNmb3JtOiB1cHBlcmNhc2U7IGNvbG9yOiAjZmZmOyBmb250LXdlaWdodDogYm9sZDsgYmFja2dyb3VuZC1jb2xvcjogIzAwYmEwZDsgcGFkZGluZzogMThweCA0NXB4OyBsZXR0ZXItc3BhY2luZzogMC4xZW07IHRleHQtc2hhZG93OiAxcHggMXB4IDJweCByZ2JhKDAsIDAsIDAsIDAuNzYpOyBib3JkZXI6IDFweCBzb2xpZCAjMDE0ZjA0OTQ7IGJvcmRlci1yYWRpdXM6IDEwcHg7IGJveC1zaGFkb3c6IDNweCAzcHggMHB4ICMwMTRmMDQ5NCwgMHB4IDNweCAxNXB4IHJnYmEoMCwgMCwgMCwgMC40KSwgaW5zZXQgMHB4IDFweCAwcHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjMpLCBpbnNldCAwcHggMHB4IDNweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNSk7IHRyYW5zaXRpb246IGJveC1zaGFkb3cgMjAwbXM7IHdpZHRoOiBjbGFtcCgyMDBweCwgNDB2dywgMzAwcHgpOyBwYWRkaW5nOiAxNHB4IDI1cHg7IGZvbnQtc2l6ZTogMjBweDsgZm9udC1zaXplOiBjbGFtcCgyMHB4LCA2dncsIDM4cHgpO30ubG9uZy10ZXh0e3dpZHRoOiBjbGFtcCgyMDBweCwgNDV2dywgMzUwcHgpO30uc3RhcnRfX2J0bjpmb2N1c3tvdXRsaW5lOiBub25lO30uc3RhcnRfX3dyYXBwZXJ7YWxpZ24taXRlbXM6IGNlbnRlcjsgZGlzcGxheTogZmxleDt9LmluZm97ZGlzcGxheTogZmxleDsgYWxpZ24taXRlbXM6IGZsZXgtZW5kO30uaW5mbyBoNHtmb250LXNpemU6IDE3cHg7IGxpbmUtaGVpZ2h0OiAyMXB4OyBmb250LXdlaWdodDogNzAwO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMThweDt9LmluZm9fX3N0ZXBzIHNwYW57Zm9udC13ZWlnaHQ6IDcwMDt9LmxvZ297bWFyZ2luLXRvcDogNjBweDsgbWluLXdpZHRoOiA3MHB4O30udGl0bGUtY29udGFpbmVye2Rpc3BsYXk6IGZsZXg7IGp1c3RpZnktY29udGVudDogY2VudGVyOyBmbGV4LWRpcmVjdGlvbjogY29sdW1uO30udGl0bGV7ZGlzcGxheTogYmxvY2s7IGZvbnQtc2l6ZTogY2xhbXAoMzBweCwgNHZ3LCA4MHB4KTsgdGV4dC1hbGlnbjogY2VudGVyOyBsaW5lLWhlaWdodDogMS4yOyBmb250LWZhbWlseTogYXV0bzt9LnRpdGxlLWFkZGl0aW9ue2ZvbnQtd2VpZ2h0OiA2MDA7fS5oaWRle2Rpc3BsYXk6IG5vbmU7fS5oYWxmLUltZy1BcnRpY2xlLW1haW57d2lkdGg6IDg4dnc7IGZvbnQtc2l6ZTogMTMuNXB4OyBsaW5lLWhlaWdodDogMS4yO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHR7bWFyZ2luLXRvcDogM3ZoO30uaGFsZi1JbWctQXJ0aWNsZS1hZGRpdGlvbmFsLXRleHQ6ZW1wdHl7ZGlzcGxheTogbm9uZTt9LnByZXNzLWRvd246YWN0aXZlLCAucHJlc3MtZG93bjpmb2N1cywgLnByZXNzLWRvd246dmlzaXRlZHt0cmFuc2Zvcm06IHRyYW5zbGF0ZVkoMXB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNzI5cHgpey5zdGFydF9fYnRue21pbi13aWR0aDogMjA3cHg7IHBhZGRpbmc6IDE2cHggMTBweDsgd2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzMDBweCk7IGZvbnQtc2l6ZTogNC43dnc7fS5sb25nLXRleHR7d2lkdGg6IGNsYW1wKDIxMHB4LCA0NXZ3LCAzNTBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNTAwcHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogOTZ2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxMjBweCl7LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiA4OXZoO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEwMHB4KXtoNHtkaXNwbGF5OiBub25lO319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDc5cHgpey5jb250YWluZXJfX2lubmVye2hlaWdodDogODR2aDt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4td2lkdGg6IDU5NnB4KXsuY29udGFpbmVyX19vdXRlcntoZWlnaHQ6IDEwMHZoOyAvKiBiYWNrZ3JvdW5kLWNvbG9yOiBncmV5OyAqLyBkaXNwbGF5OiBmbGV4OyBhbGlnbi1pdGVtczogY2VudGVyOyBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjt9LmNvbnRhaW5lcl9faW5uZXJ7aGVpZ2h0OiAxMDAlO30uaW5mb3toZWlnaHQ6IDEwMHZoO30uaW5mb19fd3JhcHBlcntkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBoZWlnaHQ6IDEwMCU7IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC13aWR0aDogNTk2cHgpey5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgxODBweCwgNTB2dywgMjUwcHgpOyBtaW4td2lkdGg6IDE3NXB4OyBtaW4taGVpZ2h0OiA1MHB4OyBwYWRkaW5nOiA5cHggMTNweDsgZm9udC1zaXplOiAxNnB4OyBmb250LXNpemU6IGNsYW1wKDE2cHgsIDV2dywgMzBweCk7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMTRweDsgbGluZS1oZWlnaHQ6IDE4cHg7fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAxNHB4O30ubG9nb3tmb250LXNpemU6IDEycHg7IG1hcmdpbi10b3A6IDQ1cHg7IG1pbi13aWR0aDogNTBweDt9fS5saW5rcy10cnktYWdhaW57ZmxleC1kaXJlY3Rpb246IHJvdy1yZXZlcnNlO31AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA0NThweCl7LmNvbnRhaW5lcl9faW5uZXJ7ZmxleC1kaXJlY3Rpb246IGNvbHVtbjt9Lmxpbmtze2ZsZXgtZGlyZWN0aW9uOiBpbmhlcml0O30ubGlua3MtdHJ5LWFnYWlue2ZsZXgtZGlyZWN0aW9uOiBjb2x1bW4tcmV2ZXJzZTt9LmluZm97bWFyZ2luLXRvcDogNnZtaW47IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGFsaWduLWl0ZW1zOiBjZW50ZXI7fS5sb2dve2ZvbnQtc2l6ZTogMTVweDsgbWFyZ2luLXRvcDogNnZtaW47IG1hcmdpbi1sZWZ0OiA3NSU7fS5pbmZvIGg0e2ZvbnQtc2l6ZTogMThweDsgbGluZS1oZWlnaHQ6IDEuM2VtO30uaW5mb19fc3RlcHN7Zm9udC1zaXplOiAxNXB4OyBsaW5lLWhlaWdodDogMS4yZW07fS5zdGFydF9fYnRuey8qIHdpZHRoOiAyMzBweDsgKi8gLyogcGFkZGluZzogMThweCA0MHB4OyAqLyAvKiBmb250LXNpemU6IDIwcHg7ICovIHdpZHRoOiA5NHZ3OyBwYWRkaW5nOiAyNHB4IDE0cHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgMTJ2dywgNDBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAyODBweCl7LnN0YXJ0X19idG57d2lkdGg6IDk1dnc7IG1pbi13aWR0aDogMTA2cHg7IHBhZGRpbmc6IDIwcHggNHB4OyBmb250LXNpemU6IDE4cHg7IGZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMjFweCk7fS5sb25nLXRleHR7Zm9udC1zaXplOiBjbGFtcCgxM3B4LCAxM3Z3LCAxOHB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDIwMHB4KXsubG9uZy10ZXh0e2ZvbnQtc2l6ZTogY2xhbXAoMTNweCwgMTN2dywgMTVweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiAxNTBweCl7LmxvbmctdGV4dHtmb250LXNpemU6IGNsYW1wKDEzcHgsIDEzdncsIDEzcHgpO319LmxvZ297Zm9udC1zaXplOiAxM3B4OyBtYXJnaW4tbGVmdDogNjAlO30uaW5mbyBoNHtmb250LXNpemU6IDE1cHg7IGxpbmUtaGVpZ2h0OiAyZW07fS5pbmZvX19zdGVwc3tmb250LXNpemU6IDEycHg7IGxpbmUtaGVpZ2h0OiAyZW07fS8qIFJFU1BPTlNJVkUgKi8gLnN0YXJ0X19hcnJvdywgLmxvZ297ZGlzcGxheTogbm9uZTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogMTYwcHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7LmxvZ297ZGlzcGxheTogYmxvY2s7fX0uY29udGFpbmVyX19pbm5lcntoZWlnaHQ6IDEwMHZoOyBoZWlnaHQ6IGNhbGMoMTAwdmggLSAxMHB4KTt9QG1lZGlhIHNjcmVlbiBhbmQgKG1pbi13aWR0aDogNTAwcHgpIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5zdGFydF9fYXJyb3d7ZGlzcGxheTogYmxvY2s7fS5zdGFydF9fYnRue3dpZHRoOiBjbGFtcCgyMDBweCwgNTB2dywgNTAwcHgpOyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDZ2dywgNjBweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMjQ5cHgpey5pbmZvX19zdGVwc3tkaXNwbGF5OiBmbGV4OyBmbGV4LWRpcmVjdGlvbjogY29sdW1uOyBqdXN0aWZ5LWNvbnRlbnQ6IHNwYWNlLWV2ZW5seTsgbGluZS1oZWlnaHQ6IGluaGVyaXQ7IGZvbnQtc2l6ZTogY2xhbXAoMTVweCwgNS41dncsIDE4cHgpO30uaW5mb19fd3JhcHBlcnsvKiBoZWlnaHQ6IDEwMCU7ICovIGRpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogY2VudGVyOyBtYXgtd2lkdGg6IDEwMHZ3OyBtYXgtd2lkdGg6IGNhbGMoMTAwdncgLSAxMHB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fS5pbmZve2ZsZXg6IDU1JTt9LnN0YXJ0e2ZsZXg6IDM1JTsgZGlzcGxheTogZmxleDsgZmxleDogdW5zZXQ7fS5sb2dve2Rpc3BsYXk6IGZsZXg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogMzUwcHgpey5pbmZvX193cmFwcGVye2xpbmUtaGVpZ2h0OiA3dmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNDlweCl7LmluZm9fX3N0ZXBze2Rpc3BsYXk6IGZsZXg7IGZsZXgtZGlyZWN0aW9uOiBjb2x1bW47IGp1c3RpZnktY29udGVudDogc3BhY2UtZXZlbmx5OyAvKiBsaW5lLWhlaWdodDogMjB2aDsgKi8gbGluZS1oZWlnaHQ6IDIwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDEuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDJ2aCwgMjJweCk7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLWhlaWdodDogNTAwcHgpIGFuZCAobWluLXdpZHRoOiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDMuNXZoLCAyMnB4KTsgbGluZS1oZWlnaHQ6IDEwdmg7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWluLXdpZHRoOiA1MDBweCkgYW5kIChtaW4taGVpZ2h0OiAyNTBweCl7Lm1haW4gbGksIC5tYWluIGg0LCAubWFpbiAubG9nb3tmb250LXNpemU6IGNsYW1wKDE2cHgsIDIuNXZ3LCAyMnB4KTt9fUBtZWRpYSBzY3JlZW4gYW5kIChtaW4taGVpZ2h0OiA1MDBweCl7LmxvZ297d2lkdGg6IDEwMHZ3O319LmxpbmtfdGV4dHtjb2xvcjogIzFhMGRhYjsgZm9udC1zaXplOiAxOXB4OyBmb250LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7IGN1cnNvcjogcG9pbnRlcjt9QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDIwMHB4KXsubGlua190ZXh0e3RyYW5zZm9ybTogdHJhbnNsYXRlWSgtNXB4KTt9&i=19-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
KVMdDPYPWMK-2aGyB-AO9DJNzc8qI2aGDakc29CHn5yjtFKMxj8fqw==
tag
math-aids-threatpost-tagan.adlightning.com/ 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://math-aids-threatpost-tagan.adlightning.com/tag?s=bl&d=fUBtZWRpYSBzY3JlZW4gYW5kIChtYXgtaGVpZ2h0OiAxNjBweCl7LmxpbmtfdGV4dHtmb250LXNpemU6IDE4cHg7fS5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4O319QG1lZGlhIHNjcmVlbiBhbmQgKG1heC1oZWlnaHQ6IDEyNXB4KXsubGlua190ZXh0e2Rpc3BsYXk6IG5vbmU7fX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogMTEwcHgpey5zdGFydF9fYnRue3BhZGRpbmc6IDlweCAxM3B4OyBmb250LXNpemU6IGNsYW1wKDIwcHgsIDEwdncsIDQwcHgpOyBsaW5lLWhlaWdodDogMS4yO30uYWR2X25hbWV7LyogZGlzcGxheTogbm9uZTsgKi99LmNvbnRhaW5lcl9faW5uZXJ7LyoganVzdGlmeS1jb250ZW50OiBjZW50ZXI7ICovfX1AbWVkaWEgc2NyZWVuIGFuZCAobWF4LWhlaWdodDogNzRweCl7LnN0YXJ0X19idG57cGFkZGluZzogNnB4IDEzcHg7IGZvbnQtc2l6ZTogY2xhbXAoMjBweCwgOXZ3LCA0MHB4KTsgbGluZS1oZWlnaHQ6IDE7IG1pbi1oZWlnaHQ6IHVuc2V0OyB3aWR0aDogODV2dzt9fUBtZWQ8IS0tIC4uLnRydW5jYXRlZCAtLT4iLCJtZXRob2RCbG9ja2VkIjoiaW5pdGlhbERGUFNGLXdyaXRlIn0sImJsb2NrZWQiOnRydWUsImNhbGxTdGFjayI6IkVycm9yXG4gICAgYXQgdjIgKGh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL21hdGgtYWlkcy10aHJlYXRwb3N0L2ItN2IxMjBhNS05Yjg3MWQ0ZS5qczoxOjI1MzIyKVxuICAgIGF0IHZ2IChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9iLTdiMTIwYTUtOWI4NzFkNGUuanM6MToyOTc2MylcbiAgICBhdCBodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9vcC5qczoxOjM0NTgyXG4gICAgYXQgT2JqZWN0LmJlZm9yZUluc2VydCAoaHR0cHM6Ly90YWdhbi5hZGxpZ2h0bmluZy5jb20vbWF0aC1haWRzLXRocmVhdHBvc3Qvb3AuanM6MTozNTI2NClcbiAgICBhdCBIVE1MRGl2RWxlbWVudC5uaS48Y29tcHV0ZWQ%2BLm5pLjxjb21wdXRlZD4ubmkuPGNvbXB1dGVkPiBbYXMgYXBwZW5kQ2hpbGRdIChodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9tYXRoLWFpZHMtdGhyZWF0cG9zdC9vcC5qczoxOjQzODQ2KVxuICAgIGF0IGhBIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvcHViYWRzX2ltcGxfMjAyMTEyMDYwMS5qczoxMDoxMDY4MjUpXG4gICAgYXQgbmV3IE5oIChodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9ncHQvcHViYWRzX2ltcGxfMjAyMTEyMDYwMS5qczoxMDoxMDM4OTUpXG4gICAgYXQgUmggKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzOjY6MzMzODgpXG4gICAgYXQgWWguV0YubyAoaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvZ3B0L3B1YmFkc19pbXBsXzIwMjExMjA2MDEuanM6MTA6MTg2NTkzKVxuICAgIGF0IFloLmwgKGh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dwdC9wdWJhZHNfaW1wbF8yMDIxMTIwNjAxLmpzOjEwOjE4NzM0OCkiLCJpbnRlcm1lZGlhdGVNYXJrdXAiOiIifQ%3D%3D&i=20-20&t=adltag_kxaha5kn_bA62L9oe2SB&r=e5a1d1e7a4833ddadaf68ed9487d76d&c=math-aids-threatpost&z=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
D2POxJleIt92FyXaxSi7iRHuNLtujALh
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
34034
x-cache
Hit from cloudfront
content-length
0
last-modified
Mon, 15 Jun 2020 18:35:10 GMT
server
AmazonS3
date
Fri, 17 Dec 2021 04:52:36 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
Vy2Kk9UO6IImUwGj3XmisA0O3kugzL6SPK0NR35Zdnz_kQpQAAAx4A==
59213326
unified.adsafeprotected.com/v2/906389/ Frame 3F81 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/906389/59213326?mon=59213336&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssb6dZGNqE8evW_D8hddHj7y6RBIuOc-0_WuiaRT3XOucfyopj-QGq-MnuUZLVa4AAQDT8OeWlI2wztOj9FFhnzElrCsxM1tWnfbGyFW2WRfufZ9JTewisGBDeQLt4vquGi62WqkjRI0jM5EiiOiuCnEw%26sig%3DCg0ArKJSzEdkYQygg25HEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986%3Bsz%3D0x0%3Bord%3D460298%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5NzUwNzg4NDI1Cg%3Bdc_cid%3D163491195%3Bdc_adid%3D515753485%3Bdc_vpaid%3D0%3B
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=6D2041BA-21B7-4482-901B-BBA9DFBE9031&adServerId=243&campaignId=22918&crID=kiaorikp&ucrid=6183026436333780262
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.31.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
150e52e02357f8edb5d468903d1e1cb4ab0ddc7ee5e4ac0ef442d6a6c97f0ec3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:49 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3706
ao
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
sv
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sv?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:48 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3015550468038922&correlator=3714838687644781&output=ldjh&impl=fifs&eid=31063898%2C31060033&vrg=2021120601&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20211217&iu_parts=22404337467%3A21707124336%2Cthreatpost-300x250-ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ris=2&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26hb_adid_oftmedia%3D6944c062a7c5ef5%26hb_bidder_oftmedia%3Doftmedia%26dyn_bids%3D0.00%26hb_adid%3D6944c062a7c5ef5%26hb_bidder%3Doftmedia&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fconti-gang-ransomware-attack-mcmenamins%252F177119%252F%26urlquery%3Dgoogfc%26contentid%3D177119%26category%3Dmalware-2%26contenttags%3D&cookie=ID%3Df2747d253dc8710f-2263253e0acd00c2%3AT%3D1639750787%3AS%3DALNI_MakOW_ZMOwFe83xXpo_rK3SYbBqHg&bc=31&abxe=1&lmt=1639750788&dt=1639750788473&dlt=1639750784251&idt=1737&frm=20&biw=1600&bih=1200&oid=2&adxs=1082&adys=416&adks=1414505084&ucis=2&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=75327613.1639750787&ga_sid=1639750787&ga_hid=1106044915&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
bd581fbe5fab16dfa38dd6dad2c981e2df9ebb554f78af9336056090f2c20259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12550
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3015550468038922&correlator=1967823044143211&output=ldjh&impl=fifs&eid=31063898%2C31060033&vrg=2021120601&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20211217&iu_parts=22404337467%3A21707124336%2Cthreatpost-300x600-ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ris=2&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26hb_adid_oftmedia%3D706315992d02db9%26hb_bidder_oftmedia%3Doftmedia%26dyn_bids%3D0.00%26hb_adid%3D706315992d02db9%26hb_bidder%3Doftmedia&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fconti-gang-ransomware-attack-mcmenamins%252F177119%252F%26urlquery%3Dgoogfc%26contentid%3D177119%26category%3Dmalware-2%26contenttags%3D&cookie=ID%3Df2747d253dc8710f-2263253e0acd00c2%3AT%3D1639750787%3AS%3DALNI_MakOW_ZMOwFe83xXpo_rK3SYbBqHg&bc=31&abxe=1&lmt=1639750788&dt=1639750788483&dlt=1639750784251&idt=1737&frm=20&biw=1600&bih=1200&oid=2&adxs=1082&adys=1685&adks=1356251026&ucis=3&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=75327613.1639750787&ga_sid=1639750787&ga_hid=1106044915&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
55d92a55f1fbafd95de12168ff7868ed095f56cc0dd401f9e71c81adecef2c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10430
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 74EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAc0Zg5y8YZnoJMjr3wO1_YHIA6yd4q5mudCuypYPwI23ARABIABglbKhgrAHggEXY2EtcHViLTQxMTM2ODE4ODIzMTE0NTXIAQngAgCoAwGqBKUCT9CKejpfCsfBvQcMRZTbEER7nhcsZOqndi7b3GV1tB-yst1vODaVJW9aACLQEq6khKxuC8qDrzK6Gu_5fEHtQB1lDWIhfA5vZ6DcIsedAkT1OuHZOr7jw4r-ravDHN-NQzvO6AqwazT6b386yn6G4vN8b1c5-ZcGhzNIOfqYM65bzg_dJ3eAMbp-b8c5EYCIBbMnxruYVdt8HkWlmRmPQXsrr1l3vIf1YCey9YU1GRgZzAuYIwgB2UJ15sdAyoSZyXnojKL6WyYs4LboPEH9QtrcbFGBTjPpD2YT31gMKHXNtDA_JFr0577OCjDsVpqTjr4rapua2HdcntFxZx6r20zT0c65hwWGNrsRan0vDY8CShSl_koFtJYjaJhiE6VaLh9kiMfgBAGABp6HjbeM-_WVJqAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAUIiGEQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00MTEzNjgxODgyMzExNDU1GITbew&sigh=YO1XJ56UqyY&uach_m=[UACH]&cid=CAQSPwCNIrLM4UMz8vHdUodW0nb_57MxbeTi6m2n2BAq2uYkrgLkJmJgqb6vIdi3mOEamCqw4uiwrBDKVsfLRtcmJBgB
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rtimp
g.algbid.app/ Frame 74EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.algbid.app/rtimp?sid=63c14900-5f44-11ec-a37b-f6d32e0ba794&d=threatpost.com&cr=grd_gen11_2&a=imp&p=YbycgwAJNBkKd_XIAAB-tYOPKNEOwgaQY5r7nQ&im=Mk9H0ILvKHchPhjo6R_bYWf5B_3uerZz5eIt-f4wKfAkJ9Cl4yZ0cBlEGkYW8GnG5GmZ9hg6ExChtW7j3ASCz-qIjsPtENTM4BkBAsRlYOISWaqbdU69A4WGP3R1htJHfLD8Xve2hXwucJMP6e_zUiRKdhGUNybLg1T49tEM3WmmaPUvE9qBWbxj-HeaTtcsDvQneryl8tc-iqu6bWvpDWYGN1KM7CoJ_0hiVY_m46kwVgEKhrhnd78XmehSyFsp4I7HpZz-TDwHb6AFP5qG-ZAxRHVHx5yOKVCHDmGR384I1js_B2KN7tqy8WykdE5v
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0
css
fonts.googleapis.com/ Frame 74EA 		4 KB
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:13:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
css
fonts.googleapis.com/ Frame 74EA 		1 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f007e99aae3723e918b449d1042ce4c387b13eaa71187e12ae222f19711e8c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 12:44:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 74EA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 74EA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:05 GMT
l
www.google.com/ads/measurement/ Frame 74EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJo6aCOolknrcR4UY2De_QSmhFFDzRshcst8qVXheEawilJX5LHIwbQwEI4cvxBEY0v6sZFpF00PJ21YAxFPBaXk_esA
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 74EA 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 15:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Dec 2022 15:13:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74EA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:19:49 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame C00C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 13:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
89225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 13:32:44 GMT
match
c1.adform.net/serving/cookie/ Frame 4798
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 17 Dec 2021 14:19:49 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 17 Dec 2021 14:19:49 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 35D4
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8335500312919157432
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8335500312919157432
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 17 Dec 2021 14:19:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug014:0:338
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8335500312919157432
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame ADD7 		43 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 17 Dec 2021 14:19:48 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 17 Dec 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1326970
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9_L6D7zeQuKE_3c34hYmZA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=116181
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 18 Dec 2021 22:36:10 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 94A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=175261bc-9c84-4400-aeac-79bc5a1977c6
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=175261bc-9c84-4400-aeac-79bc5a1977c6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 17 Dec 2021 14:19:49 GMT
Server
MT3 4133 baa842e master zrh-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=175261bc-9c84-4400-aeac-79bc5a1977c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Dec 2021 14:19:48 GMT
/
pixel.onaudience.com/ Frame 94A8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3c2b72cea1002c5a3ed02c88b1730d7b
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 94A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjdGMkZBMEYtQkNERS00MkUyLTg0RkYtNzczN0UyMTYyNjY0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 94A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHU1Cziwz_2coHAcaO-BZ8&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHU1Cziwz_2coHAcaO-BZ8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:453
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHU1Cziwz_2coHAcaO-BZ8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 94A8 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 16 Dec 2021 14:19:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 94A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
42 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 17 Dec 2021 14:19:49 GMT
Server
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Dec 2021 14:19:48 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E2AE 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3519748776729787&cust_params=domains%3Dthreatpost.com&ad_type=video&us_privacy&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1232260695&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=FAFFA137-B862-4484-A84B-8F5B8DFAB65E&nel=1&eid=44736293%2C44737473%2C44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2919&dt=1639750788558&cookie=ID%3Df2747d253dc8710f-2263253e0acd00c2%3AT%3D1639750787%3AS%3DALNI_MakOW_ZMOwFe83xXpo_rK3SYbBqHg&scor=1419167200742302&ged=ve4_td5_tt2_pd5_la5000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 883F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChwAzg5y8YZroJMjr3wO1_YHIA6yd4q5mudCuypYPwI23ARABIABglbKhgrAHggEXY2EtcHViLTQxMTM2ODE4ODIzMTE0NTXIAQngAgCoAwGqBKgCT9CfIPX9jdBjNRtPtsLbdqW6GQ4-LaXmh_88DEWnHMKe3hZBWdjjSQPkVW973j4IxevplfY3Cfl9FfdQb-Gxv0vU1xSU-aKNFrnjxwN2qrhiopbhBrFU1vBd4GTVQ_Ns2v-m5XiDvhZgvOnGRj4CSz30yHs0xsxEN6W3oOkCA0mW6KPmOAyV1n4zjIuAhHKz9mi2c9kgJNStzOETMlZHmBHhvr7hYVE-Wz4iOYPqkXmOcLG4Kvqa8EUErwb6DK7RfP9n0knACKPu4qZ6cghd1JTDoSQL_jcyW15SYmZY9Ld6mgQvMYmM5_f1KdrUrwaq3nC2-OI_TX_MGYWzN3FnE3C1o1885vjdo9Gf3PYGMPa4wv3I3SxuMaNKy4N5zvJCAWZHs57MSH7gBAGABu6Xw9P9j_Gv1QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIhhEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDExMzY4MTg4MjMxMTQ1NRiE23s&sigh=9XJpy-2vXbI&uach_m=[UACH]&cid=CAQSPwCNIrLM4UMz8vHdUodW0nb_57MxbeTi6m2n2BAq2uYkrgLkJmJgqb6vIdi3mOEamCqw4uiwrBDKVsfLRtcmJBgB
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rtimp
g.algbid.app/ Frame 883F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.algbid.app/rtimp?sid=63c2ddba-5f44-11ec-8307-6a749be8ef9e&d=threatpost.com&cr=grd_gen11_2__0&a=imp&p=YbycgwAJNBoKd_XIAAB-tY040b-zcbVqP-Hk0Q&im=qd2NHXTh_dLK-whYllYQM-7ABpQd77PTgXY8cbQ1UITnB_NKJRxWEUu8xh_nz3H8CIkmDF6nTFfrQ40uSJeEmd5yzi7c0jnDT1mUtrVtWr8Xxq9pHYg8Caye453I6rrIJDPlJSdaMpeW86XsTmAp71LekRSwMy4rGzlhAPvIeUcQlisgcPvMk5ZZQAFtxgikyQwyTZSDUoZFqW0U8T-mTQvjBv0fkSp3MBARa9g4cIP_m6mxEuYJf_g9AYrLan3n2M32xWzrEWhso34sUisggjb_Tbq-aw715AvUIA4iUtQb7ODF6708fICN3quE-9Kz
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0
css
fonts.googleapis.com/ Frame 883F 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:07:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
css
fonts.googleapis.com/ Frame 883F 		1 KB
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f007e99aae3723e918b449d1042ce4c387b13eaa71187e12ae222f19711e8c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 12:46:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 883F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 883F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 883F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 15:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Dec 2022 15:13:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 883F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:19:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 093F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_2DNg5y8YZvoJMjr3wO1_YHIA6yd4q5mudCuypYPwI23ARABIABglbKhgrAHggEXY2EtcHViLTQxMTM2ODE4ODIzMTE0NTXIAQngAgCoAwGqBKsCT9DkUrHlk1sEMmcRZ8-Srp_Sq0qdPgm7Ur8qEcEm_2aVhPDuH_US-Sxnc9GloRCwruAS-NFwzy2wzUjU9qS2KzlAan1iwwN014O8im8dinooWfvKRB9AIeWW4_uKPrC0gGiiSmw6EJrT76hjo2FSYWKL3DjV7CY7TKwvtVDdV2EYTy0H45x6MZ6-ZwEEnm-piGQOeMQXf954YchdZcKRh12TJ1UXoapqJC1GoRWXJ303bqRzmnID4s0Wy7eKBJ2q7e-DHrT48mHKsHuifM0x3xDawLwfaYT1bS2zb6AKxFo_a98-l6LdIUP0y03apDQS3T8vzpLIId0HSxKzdRWMLL8Ed1ALhs8JkqBhwrEdw_6-x8Wvk3scjAeEf0CFzwMesmSPkokdxj9VNdngBAGABu6Xw9P9j_Gv1QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggFCIhhEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDExMzY4MTg4MjMxMTQ1NRiE23s&sigh=ld-XMJ4WTfQ&uach_m=[UACH]&cid=CAQSPwCNIrLM4UMz8vHdUodW0nb_57MxbeTi6m2n2BAq2uYkrgLkJmJgqb6vIdi3mOEamCqw4uiwrBDKVsfLRtcmJBgB
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rtimp
g.algbid.app/ Frame 093F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.algbid.app/rtimp?sid=63c52318-5f44-11ec-897b-1660e3043690&d=threatpost.com&cr=grd_gen11_2__0&a=imp&p=YbycgwAJNBsKd_XIAAB-tUZVBToTiVZPdIiljA&im=3ErDfXh6beWS8Q6S28AuiSlFpwzOg00t1SVGi0yPJNQrmADr-O_Sfv5Vs358gQKMDnKZ5MH-RCCg_gWv7fh4ceBc9wLrOhqd2AQ0E7zBfcDNEPzzSsv1DMYYLLJcByZSR0NkUdrktVx14X-hfeAMiEiJugB57wYgAfD4EzeZ0NbmDGCKUPDWzXixA1wRI7X_OIILpp_KI2ch4XCwIncrbDalt_K4uYhTURGMKEQNB1UBp4K5lQ7N5cFtyKPthR-2X0MJPPad5kVp0fP-UQHKhEHzddYaHIGlzlqeDq-YCspNHbKqm-7BUPt3t1ZefSaw
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
115.128.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0
css
fonts.googleapis.com/ Frame 093F 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:09:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
css
fonts.googleapis.com/ Frame 093F 		1 KB
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f007e99aae3723e918b449d1042ce4c387b13eaa71187e12ae222f19711e8c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 12:47:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 093F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 093F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 093F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 15:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Dec 2022 15:13:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 093F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:19:49 GMT
bl-0af0356-8f563b60.js
tagan.adlightning.com/math-aids-threatpost/ Frame DCB5 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40d2015139bec53679695507c35864c4835acd9d796b651ea657cdb7f87a4bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:42:11 GMT
content-encoding
gzip
age
59859
x-cache
Hit from cloudfront
content-length
21287
x-amz-meta-git_commit
0af0356
last-modified
Thu, 16 Dec 2021 21:40:59 GMT
server
AmazonS3
etag
"e832ea89737ca9a521a094e001daca8c"
x-amz-version-id
O_1MoGWzQQbxsQd6XTFTAAx.FmDwnthk
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
I4r8RthBu4JcI0Ig18xpqZYEZKctZv6l9_BOc33lxEIDh_hrUU_mgw==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame DCB5 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 20:51:53 GMT
content-encoding
gzip
age
8702877
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Jzz5RKGf9hdS5U-Mam9U6FGXrU-KNIl0z02DYK6lQdiAnfYRrA19Tg==
css2
fonts.googleapis.com/ Frame DCB5 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:04:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:49 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DCB5 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 03:04:09 GMT
x-content-type-options
nosniff
age
40540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 17 Dec 2022 03:04:09 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DCB5 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:49:32 GMT
x-content-type-options
nosniff
age
163817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 Dec 2022 16:49:32 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame DCB5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:13:26 GMT
icon15.png
cdn.rtbrain.app/grd/ Frame 74EA 		680 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.rtbrain.app/grd/icon15.png
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4abf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868e5754d812ce238448ec9ea44a4db66bfef62cba0150e30df2579757668ef7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2333
cf-polished
origFmt=png, origSize=873
x-guploader-uploadid
ADPycdvEGpOJ3ODDeax7zf1Ta8LWane06telmNIjZdMNtKIFAldeW166ttlYjt0d8Ignv35MFgU6k_EkclKlncV6Gw
x-goog-storage-class
STANDARD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjP7ePuXItxVqdXfwgJ8CaxX19yBNWNafKA9Hvs3lj8hQYh%2BV0WV28qwJBsOCtfoZjWeGQsuBReaPmNNPdTx28G4BKIzcHo46SNl3G0X6o9hX94hsm7nUxC%2BCfNpfMDoYWwrRHBE6V0edsgpsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="icon15.webp"
content-type
image/webp
content-length
680
expires
Fri, 17 Dec 2021 14:40:56 GMT
last-modified
Sun, 15 Aug 2021 13:58:22 GMT
server
cloudflare
content-language
en
etag
"8eb8d8f45d9d11406a84977d4ac5e267"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=K2e4IQ==, md5=jrjY9F2dEUBqhJd9SsXiZw==
x-goog-generation
1629035902476439
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
873
accept-ranges
bytes
cf-ray
6bf0c9e35db82c42-FRA
cf-bgj
imgq:100,h2pri
track
aktrack.pubmatic.com/ Frame 3F81 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446008&wa=243&ts=1639750787&wc=22918&crId=kiaorikp&ucrid=6183026436333780262&impid=6D2041BA-21B7-4482-901B-BBA9DFBE9031&advertiser_id=8730&ecpm=0.522393&er=982&pfi=1&ch=3&it=5&vadFmt=6&vapi=2&sURL=threatpost.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-length
0
content-type
text/html
/
insight.adsrvr.org/enduser/video/ Frame 3F81 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=error&vec=900&ast=[ASSETURI]&imp=53d32657-39a8-488d-8162-2946922a2716&ag=ne6xjxo&crid=kiaorikp&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=pubmatic&uhow=135&agsa=&wp=0.474952&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=156858&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55GgAwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&testid=tv-6553-10vc&adpt=pubo&ipl=2446008&fpa=780&pcm=3&ict=Unknown&said=E9B4AD81-2255-4C9A-B6AD-C5E710159432&auct=1&grdc=CAE.&sfe=13f41c84&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dc_oe=ChMIwvWN2oPr9AIVYVTlCh1VpANcEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 3F81 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwvWN2oPr9AIVYVTlCh1VpANcEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
aktrack.pubmatic.com/ Frame EC90 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446008&wa=243&ts=1639750787&wc=22918&crId=kiaorikp&ucrid=6183026436333780262&impid=6D2041BA-21B7-4482-901B-BBA9DFBE9031&advertiser_id=8730&ecpm=0.522393&e=96&ier=%5Berrorcode%5D&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:49 GMT
content-length
0
content-type
text/html
bl-0af0356-8f563b60.js
tagan.adlightning.com/math-aids-threatpost/ Frame 09D3 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40d2015139bec53679695507c35864c4835acd9d796b651ea657cdb7f87a4bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:42:11 GMT
content-encoding
gzip
age
59859
x-cache
Hit from cloudfront
content-length
21287
x-amz-meta-git_commit
0af0356
last-modified
Thu, 16 Dec 2021 21:40:59 GMT
server
AmazonS3
etag
"e832ea89737ca9a521a094e001daca8c"
x-amz-version-id
O_1MoGWzQQbxsQd6XTFTAAx.FmDwnthk
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
qxoGdc2ma9ybq0Yk2bc1qpgtjGCVAd4fXxUSnZNKoBp7Bfxrh8BqHg==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame 09D3 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 20:51:53 GMT
content-encoding
gzip
age
8702877
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
WIm_d7nA5btwSOLACHcFNX_dNZbdZ3CzuVufAycYaNvgPAV1br6NJA==
8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v5/ Frame 74EA 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/secularone/v5/8QINdiTajsj_87rMuMdKyqDiOOg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de496ff4c85a684334f3a25b38b91c29b43aa696dd3dce7c061065c0b6d649dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:38:16 GMT
x-content-type-options
nosniff
age
204093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Thu, 23 Jul 2020 19:45:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 05:38:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 74EA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
238314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 74EA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
217543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 01:54:06 GMT
bl-0af0356-8f563b60.js
tagan.adlightning.com/math-aids-threatpost/ Frame AB5E 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40d2015139bec53679695507c35864c4835acd9d796b651ea657cdb7f87a4bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:42:11 GMT
content-encoding
gzip
age
59859
x-cache
Hit from cloudfront
content-length
21287
x-amz-meta-git_commit
0af0356
last-modified
Thu, 16 Dec 2021 21:40:59 GMT
server
AmazonS3
etag
"e832ea89737ca9a521a094e001daca8c"
x-amz-version-id
O_1MoGWzQQbxsQd6XTFTAAx.FmDwnthk
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lO508ISKrc9PlFzy_PV9FSef33KO3mW4UFGcjGICrTDupNS6siqALg==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame AB5E 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 20:51:53 GMT
content-encoding
gzip
age
8702877
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ulAFbQT3FZMfjOukT36n2YvfnfvgbHThg2DukQ4aOKsKfeghvwCPEw==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3015550468038922&correlator=2240129480516127&output=ldjh&impl=fifs&eid=31063898%2C31060033&vrg=2021120601&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20211217&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C970x90&ris=2&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D682137cf98adaef%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D682137cf98adaef%26hb_bidder%3Dappnexus&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fconti-gang-ransomware-attack-mcmenamins%252F177119%252F%26urlquery%3Dgoogfc%26contentid%3D177119%26category%3Dmalware-2%26contenttags%3D&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&bc=31&abxe=1&lmt=1639750789&dt=1639750789307&dlt=1639750784251&idt=1737&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=8&adks=4166723991&ucis=1&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=75327613.1639750787&ga_sid=1639750787&ga_hid=1106044915&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
4590341c1adee4ed5dc1276e8c8fdebc39a1dc881246ec7861cc36dc4597704d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12394
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 74EA 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
557ff88dd81f3d111bb9eeb343c80a44b20b65c6228f73987a2b313aa1d82634

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
anwrapper-1.999.0.js
acdn.adnxs-simple.com/vx/static/w/ Frame 9A56 		152 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 14:16:07 GMT
Server
nginx/1.13.10
ETag
W/"607d90a7-26103"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
43880
Expires
Sat, 17 Dec 2022 14:19:50 GMT
css
fonts.googleapis.com/ Frame 261D 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:07:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:50 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 261D 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:13:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 261D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:18:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 261D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 261D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Dec 2021 14:17:05 GMT
l
www.google.com/ads/measurement/ Frame 261D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7nSekN64q2c0IiksVJjIRmWK4PELNn0-HjUqJ6KgJj9EfGwWGsee7U_Lsb3paTgIvsZc-PgfosXuFW6l78j8wsFU9Zg
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 261D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Dec 2021 14:19:50 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 261D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 13:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 13:32:44 GMT
rtimp
g.algbid.app/ Frame 74EA 		0
0
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 74EA 		0
0
bl-0af0356-8f563b60.js
tagan.adlightning.com/math-aids-threatpost/ Frame 956C 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-0af0356-8f563b60.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40d2015139bec53679695507c35864c4835acd9d796b651ea657cdb7f87a4bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:42:11 GMT
content-encoding
gzip
age
59860
x-cache
Hit from cloudfront
content-length
21287
x-amz-meta-git_commit
0af0356
last-modified
Thu, 16 Dec 2021 21:40:59 GMT
server
AmazonS3
etag
"e832ea89737ca9a521a094e001daca8c"
x-amz-version-id
O_1MoGWzQQbxsQd6XTFTAAx.FmDwnthk
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
TmSTm1lAD3nOKqCGlLKRzfevtMl6spq22cayI1iYox4p4SRI_xeHHA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame 956C 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 20:51:53 GMT
content-encoding
gzip
age
8702878
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mZWRcO1IhyRQYXcK3267qhOjrPF4Q2vGixNM0WgB_5lGYXS4scuABQ==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 09D3 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 09D3 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 09D3 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 09D3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 09D3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
8461878762827838428
tpc.googlesyndication.com/simgad/ Frame 09D3 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8461878762827838428?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnkONcQILEy83oMfLZQZCL082O5Dg
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e93ac45969400d32abfd48d48ab6b0eb72ad6362eaecf873f96a29aa26358818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:46:33 GMT
x-content-type-options
nosniff
age
99197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54940
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 07:52:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Dec 2022 10:46:33 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 09D3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
16692
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 18 Dec 2021 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 09D3 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
16005
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 18 Dec 2021 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 09D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqMoYhZy8YYbbB62PjuwPxsquoA_MtbObZ6rP9o6tD9vZHhABIPmb8YQBYJWyoYKwB6AB3cuF5wLIAQKpAhfv6h4YA7M-4AIAqAMByAMIqgSdAk_QM9z47zmQEJJHrlk8vgb5QLAm9CvZ3trR_Yw3JDuejDLTcp-EkXqII7S-nnFpBoNunLAgwfD5iVmhkwQ9retSnWpq6aI9hMhNJJCJliLxQLKSEA6GRO6NF8vCZz8KzTzX1O_IQW4c8iMQj7CWG2kfVoIqAjMFKmg1aKW3E8QrP3onCk1De-i24H1cfaVAD-woBMHsLVgvDe1gVLYujO3PhbwxWtpfXTMITVIL5xijLn6vYu7Yw8-JSDS532L_jO3AVU1aP39x8H0NFbUeiBU5yOjq8BiR07MhH8Uf8wn_vwDGZLRcEc_eDHoUut4mmXUzVzmMcCg5IVVxC2o4Zrd72Ma3cApP7EiyOvK4qsPhtv9qV_DzwZjLIUGc2sAEkoSTiuUD4AQBoAYCgAeLtPqYAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIbrCtIIBwiAYRABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDExMzY4MTg4MjMxMTQ1NRiE23s&sigh=X0rCPbCcBjA&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
truncated
/ Frame 09D3 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bb57a3ddf9c64b7536b9d33c294f95a5ae15f9b82b7d2318f8c1a70b83b64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
id
id.sharedid.org/ Frame E6C4 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.52.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-52-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 26B3 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=116180
expires
Sat, 18 Dec 2021 22:36:10 GMT
date
Fri, 17 Dec 2021 14:19:50 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E9C2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 17 Dec 2021 14:19:50 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3D01 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 18 Dec 2021 14:19:52 GMT
Date
Fri, 17 Dec 2021 14:19:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F5A9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 18 Dec 2021 14:19:52 GMT
Date
Fri, 17 Dec 2021 14:19:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame C79F 		668 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
c00cf2b833e902c0c6e2573a146f4d33a663499163f17e5eca462eef43c95cda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 17 Dec 2021 14:19:50 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame 9F21 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 17 Dec 2021 14:19:50 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3BF9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=116180
expires
Sat, 18 Dec 2021 22:36:10 GMT
date
Fri, 17 Dec 2021 14:19:50 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1062 		668 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
c00cf2b833e902c0c6e2573a146f4d33a663499163f17e5eca462eef43c95cda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 17 Dec 2021 14:19:50 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ups.analytics.yahoo.com/ups/55986/ Frame E6C4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YbychwAMpscx0wBR&_origin=0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbychwAMpscx0wBR&_origin=0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbychwAMpscx0wBR&_origin=0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YbychwAMpscx0wBR&_origin=0&gdpr=0&gdpr_consent=&_test=YbychwAMpscx0wBR&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
date
Fri, 17 Dec 2021 14:19:51 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame E6C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=962356cb-c8b9-4f32-b6ee-f3ace453922c&_origin=1&gdpr=1&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=962356cb-c8b9-4f32-b6ee-f3ace453922c&_origin=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=962356cb-c8b9-4f32-b6ee-f3ace453922c&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/57304/ Frame E6C4
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2NTlkZDU3ZC01ZjQ0LTExZWMtOTllNC0wMjc5Yjk2NDgzN2M%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEP8cPIqNrcA7AQkq9SjozyU&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEP8cPIqNrcA7AQkq9SjozyU&google_cver=1&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEP8cPIqNrcA7AQkq9SjozyU&google_cver=1&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEP8cPIqNrcA7AQkq9SjozyU&google_cver=1&apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
date
Fri, 17 Dec 2021 14:19:51 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame AB5E 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AB5E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AB5E 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AB5E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AB5E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
css
fonts.googleapis.com/ Frame AB5E 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:05:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB5E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
16692
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 18 Dec 2021 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AB5E 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
16005
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 18 Dec 2021 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame AB5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQw6ee7UNIgOwix1LKxjhNFh2iBsah_aTMnRwzDK0QMcIAfkl49N-sWvoThERfGfXsaou7ljUIABkOCucYoFLaNP3kexQ
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame AB5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClvnRhZy8YaqjB_6DjuwPkumCoAebi9qXZrm40OaQDtvZHhABIPmb8YQBYJWyoYKwB6AB4K7W2AHIAQngAgCoAwHIAwqqBJ8CT9CGqgr_pfqcRWb_B5RPdWdtIuo0xy3mjf3HjbrZprARJj8uKxbrW7jJKUADFi5NJYLXD1eqp9NEn0AZ8jsH7KoG-MN3xURztB8aoQFLS-Mn3c5ijzjw4p1uHd679n18Xaxa5nTkyIZoxgs9kb25zV_c_m54v9GSKuFR9CBISOy0-3UYjsPpLq7-_ZPCGNpXMcrdM3rl0_AiLt7bWtULeCA4gEjcZm3NdxO6dAkMt3AVvrdAtnUJi7wTTbWg5tajgqSvPUTV0qtMMSlrW-V7BJPZSumHzfg5PYVmOd9w20l8QVQu5YHhiym60r_2pp9xx4zZ92DjAPt7qty3NV5k6w_KWwMPNy7HUD6YnI-Ybzuxy8RwGu0GqjkQ4Tw66QDABNrapbffA-AEAaAGLoAHiNGppwKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCsozLSCAcIgGEQARgdgAoDyAsB2BMDiBQC0BUBmBYBgBcBshceChwIABIUcHViLTQxMTM2ODE4ODIzMTE0NTUYhNt7&sigh=XcjMlNFuS8E&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
pack
rb.adnxs-simple.com/ Frame 9A56 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.214 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
57.ratbait.prod.ams1.adnexus.net
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:51 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
/
insight.adsrvr.org/enduser/vast/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?iid=79c0a65a-71d3-4268-abcd-a6e48f940c48&crid=kiaorikp&ttd_preview=0&wp=0.41406&t=1&aid=2492816610694944910&wpc=USD&sfe=13f41c83&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=1-NbxbBC-pHb6bR_-s6zNi9-jPIyWpwXBvi1J3Ai7l9Y.&bp=0.60891238328346863122&cf=2825436&fq=0&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=135&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=de&mlang=&svpid=7143&did=&rcxt=Other&lat=0.000000&lon=0.000000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome+-+Windows&vpb=PreRoll&dc=82&vcc=ELQBGLQBMgQIAggJOgQIAQgCQAFIAVACiAECoAGQA6gB4QHIAQHQAQPoAQKAAgOKAgwIAQgECAIIBQgDCAaaAgIIAqACAqgCAsACAg..&sv=appnexus&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571265&svi=7&cmp=1wh9o3t&vrtd=14%2c15&rurl=https%3a%2f%2fthreatpost.com%2fconti-gang-ransomware-attack-mcmenamins%2f177119%2f&tsig=Dg_8DBZp0dw-7eKYhOfAs1fjzMDhyk-VDgKcl5lehko.&c=CgdHZXJtYW55GgAwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=anor&ipl=17386655&fpa=680&pcm=3&grdc=CAE.&vc=3&said=8988257917664834960&ict=Unknown&auct=1&im=1&mc=8fd1d245-c4a7-47ff-86ff-7b2d812a5662
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
3722af644ebbd14b056e01aa1c10128d03ff9c009a459f91918d989878f8bb10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
s
googleads.g.doubleclick.net/pagead/drt/ Frame 60E5 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 17 Dec 2021 14:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
906
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
pubads.g.doubleclick.net/gampad/ Frame 50C1 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3855396323969119&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=4002501869&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=63B520F1-FC02-4BE9-93FA-A9ABBDA09ECB&nel=1&eid=44750604%2C44752052&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2876&dt=1639750790494&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=830964565895996&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/15719605356497274578/ Frame AB5E 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15719605356497274578/2076313506083323656
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
871014b142fa4114ce00c1fc9e7f314c3c1be1ee1bd750aff408ad1962a5fd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 18:30:35 GMT
x-content-type-options
nosniff
age
157756
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48402
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 15:13:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Dec 2022 18:30:35 GMT
truncated
/ Frame AB5E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
335ad8d33e09d5c3f8f681135ff3059d91b0f4f57d264d069c0af211d5ad667e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AB5E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c444fe399a06df7fe370afffa2a38a704e6db3a62f4f0dbe43f2855b858b466

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB5E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
238316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB5E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:22:37 GMT
x-content-type-options
nosniff
age
183434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 11:22:37 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 30CC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 18 Dec 2021 14:19:53 GMT
Date
Fri, 17 Dec 2021 14:19:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=956837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986;sz=0x0;ord=956837;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
996c77eef455d3ed555cfbb9a3b768a87efb8cda31892fe91782414b908e5605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1447
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 956C 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 956C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 956C 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 956C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 956C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
349541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 13 Dec 2022 13:14:10 GMT
css
fonts.googleapis.com/ Frame 956C 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 14:04:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 14:19:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 14:19:51 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 956C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
16693
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 18 Dec 2021 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 956C 		295 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
16006
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 18 Dec 2021 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 956C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnyl-pm6EH3QyCuytb8Ul5v9gvnBbJq65Wib7L3SJTRuhdTe2R_m1vgggpOymh2vELxE5XtQnWzKIlOgc2YdIfZekpGw
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 956C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDnG3hZy8Yd-EOpyw3gPksoL4B5uL2pdmubjQ5pAO29keEAEg-ZvxhAFglbKhgrAHoAHgrtbYAcgBBuACAKgDAaoEnAJP0F3BBaQhn8k3qEiKEddo9IyZwy42dRjAWV4xQ1cGCqeuNZj88UJKgSdm6_eEOulf_-A2wcUsPIcT1nUEQQuUbQFEsh0Ehvqw9Qwu8O5RiUn92oqUnHLxzkJbMUlqnPBny3P1KxZk3ZzE3NmQSsFPFYywxg1s7XpjjKxzsi5phU6iNeK0ZDoo7JrGZrjyYOP2PMgdjoCqVzDSqfpAlZu7rT1qElGQLsa4STmydGAAefTbeghQ3QsfVMMrf9lM6cG6X2UW5LOf8e72movSZ5mV_TTOvYr0Dc7_ey5rDruJzRtVpl3xFwKlnIDFbmSDkoUlUt2udkUzdxhZB4rrs9Rv_pbPQ-8AGnBLjphCVlnspFANKVDTH7A3RM9EqsAE2tqlt98D4AQBgAeI0amnAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENvEK9IIBwiAYRABGB2ACgPICwHYEwOIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDExMzY4MTg4MjMxMTQ1NRiE23s&sigh=fp-D3RSbzuU&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 09D3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Fri, 17 Dec 2021 14:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 956C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
529098e6237ce4b2c7604b8f82621ec7277eb38d11508f1a2b73531a71baf51e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 956C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 10:56:24 GMT
x-content-type-options
nosniff
age
271407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 956C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
238342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 20:07:29 GMT
59213326
unified.adsafeprotected.com/v2/906389/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/906389/59213326?mon=59213336&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst58aDvFfXIONfXhRxiw2FKOM_hjaijNrZLG27K5wcoe566DuvTf-_8BvQhSisyfcavUU4KNPid7J5UA_BDM1RWtSpORi0Ek5kPa7K8pCtVYMtqzjCuN5a5FbO9XmR87DHwjA8yiPP78DWS4EFR0Wb62g%26sig%3DCg0ArKJSzGCJWNl2-ONBEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323104986%3Bsz%3D0x0%3Bord%3D956837%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5NzUwNzkxMjY2Cg%3Bdc_cid%3D163491195%3Bdc_adid%3D515753485%3Bdc_vpaid%3D0%3B
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.31.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
33c8996ce27fa6f25e538ead260e2c13189678b05ccae773103cacf04f6570a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:51 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3704
sd
eu-u.openx.net/w/1.0/ Frame C79F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 17 Dec 2021 14:19:51 GMT
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Dec 2021 14:19:50 GMT
sd
us-u.openx.net/w/1.0/ Frame C79F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C79F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C79F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=72e10cee-34e5-7fdc-c51e-1ca0388db0f1&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C79F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU4ZWRmMjQtZmQ5Mi0yMTc4LWQwZmUtNDYxOWYyNmY3ZTkx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C79F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1062
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 17 Dec 2021 14:19:51 GMT
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Dec 2021 14:19:50 GMT
sd
us-u.openx.net/w/1.0/ Frame 1062
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1SuVkNp5z8DOI5XH0Cvay9t8wpHOKZbB0HvcKbdt
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1062
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6173820910399809685
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 1062 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=72e10cee-34e5-7fdc-c51e-1ca0388db0f1&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1062 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU4ZWRmMjQtZmQ5Mi0yMTc4LWQwZmUtNDYxOWYyNmY3ZTkx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1062
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASA-YQqHbtBY8aKiBeLlO4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:50 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
PugMaster
image6.pubmatic.com/AdServer/ Frame 26B3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6829497&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6f13e8462e8551e9b881fce3dc6f6195a3d9d227226bb2e8cd975d9c2a58c4fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1580
content-type
text/html; charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
811ff8a27837825863f62853d3240d7bb18531e3ead18a5aac1651395a167e2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|65|64|88|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1702
Expires
Fri, 17 Dec 2021 14:19:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 17 Dec 2021 14:19:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame F5A9 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3c32298d-adc2-4d5f-bc87-8029af33f737
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3D01 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
48206797-3801-45c5-8c3e-49dde0853d19
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B504
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e8f579fad9385f7a738037357269ff061791fabc7e910b99efceee2d61debb6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|57|111|188|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1503
Expires
Fri, 17 Dec 2021 14:19:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 17 Dec 2021 14:19:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
Connection
keep-alive
vpaid.2021.12.06-18.16-53fa379.js
static.adsafeprotected.com/ias/v1/ Frame E8C8 		176 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
hyJglT2AMtiKneQgCKziicxwLGehBl.d
content-encoding
gzip
etag
W/"a646de29f94b35023f777c84e6559a47"
age
154565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 08 Dec 2021 16:04:48 GMT
server
AmazonS3
date
Wed, 15 Dec 2021 19:23:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
g4WXXVTHPs8pEhYwQuM17utCsVmFgF4uBKhUP6_GCWuDA8KJ76SQYA==
async_usersync
ib.adnxs.com/ Frame 30CC 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
05c58051-7f69-4101-a57c-b80889f23f55
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 956C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Fri, 17 Dec 2021 14:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pack
rb.adnxs-simple.com/ Frame 9A56 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.214 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
57.ratbait.prod.ams1.adnexus.net
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:51 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3015550468038922&bg=!DwylDEjNAAZKWFskSlg7ACkAdvg8WpWVwimrfHMO6GKcnU3engn3gOj5iJ1h44mDQ_MtrbiqVQiV5AIAAAitUgAAAQVoAQcKAB5E_W4VjeDzZdTZru2VH6cGutMHqBI0WdZmy81z46-ZArsq0LVdd_zvYTytv4duJyG5sUAHLebzFXtODfbIpWohDwIgBUfA_Xf7zqv5hDNCpwcjzdD9lzzCs6pV8IwoPKQJcaw_R14QByAMgiIW1oxlw3RfjsDDjr6Cu65rcyjLRSezDCAVnbAv97irSHgAwfByI0-jcSFHpCz0IELq0rSA5VwWqIc6UVZj4sNuSOFZAPZF6leyODimyjDtOV740WM-B8r9_JI1Wl6uL6BWjJwCY0MUgOVidlfmNafmPd4MqgbrJ8QYm0w3xNz5p0gQ5O09Nd4anCNEiemYPSZoATbXc8-XAdXhL0fROvid_LvA1njoEmwT9Hoyy2o9DWJHOSKmm-qEbaobrRKxg5RgIcwo3gxT0hsJZ665Qe7-OeW8QmSS_CYWAN0SEsyosJPXszjRjtlpX_-xp-anduog8yP8PK6Wm_tWffe2IUW4aAk0a53TLTZ091V1LAu2rFQ5CL8ROe_vbTWm6WZijVfFr0JRPx64-6w-OEv_fCZre45uozlTeElI1Twzhher1WyxTQS8EJaDnRd5GvkcH9KTpHP0f3usJsw_JIXT08muyS4w4iMmH-RTXm-3qnR7I4NLatcrbd3HdX7hhiGzM6KjvAIyypVfYuFrjzI-3IVge9I3AXmNCXbmQuCHvTr581pmEN6_NPPvLZDeA_aF2AnkQcBEtr8n9FSWwP5OQZQuvku9D7bOW7rL0E70J1IHCIefgsFzotkp_y1KKryCHda4PEX1E2R6U8Srw3di3_CjFKUIvgaX8BHjEVBTSnG71bPPVTzFkMfqCvs5eFF-UWjVDBRswGHSfdbHnWIAuEFG5j4k9mmnoJotrsIvPOhyfWgsLG_P9UM-LVvpG2dFMiTWz4i3T8AxiBX9RxKFeGKTs3WdvR8kcEnypNn3Jy3_pwoF_YHotL6ly8RRhlXzfCg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EE3C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042676020962916494
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042676020962916494
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 17 Dec 2021 14:19:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug002:0:700
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 17 Dec 2021 14:19:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042676020962916494
Artemis
aud.pubmatic.com/AdServer/ Frame 26B3
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 17 Dec 2021 14:19:51 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 26B3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 26B3 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6bf0c9f329364dbe-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 26B3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.236.81.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-81-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 26B3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=962356cb-c8b9-4f32-b6ee-f3ace453922c
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=962356cb-c8b9-4f32-b6ee-f3ace453922c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:405
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=962356cb-c8b9-4f32-b6ee-f3ace453922c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 26B3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6173820910399809685
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6173820910399809685
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:337
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6173820910399809685
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 26B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9214095078257359212&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9214095078257359212&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:695
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2e381666-46dc-4182-a659-e38fa2530f22
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9214095078257359212&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 26B3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV
42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:469
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 26B3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PzYHU0ZE2uUgk3SZs4H3Fimbc2PuweQ-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PzYHU0ZE2uUgk3SZs4H3Fimbc2PuweQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PzYHU0ZE2uUgk3SZs4H3Fimbc2PuweQ-~A&gdpr=0&gdpr_consent=
date
Fri, 17 Dec 2021 14:19:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ybych0bBg2VgARZg0q0o9AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8D1D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 8D1D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JH81JHZ1FQJPEHSBMSC1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FB6VB8VYBK6HJD63Y8S3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybych_K5fBzNs49oaoDLeAAABIkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:51 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8D1D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642342792
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642342792
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1642342792
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 8D1D 		85 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1639750792.959347,VS0,VE93
x-served-by
cache-fra19166-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
cookiesync
bttrack.com/pixel/ Frame 8D1D 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8D1D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ybych-K5fBzNs49oaoDLeAAA%261161
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:51 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1775
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:49:26 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B504 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B504
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QQAG9FJTDD5ZEMV9R70C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M7N595YEWM40J1BK7H4M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B504
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ybych0bBg2VgARZg0q0o9AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP9foEBGpwmWO7wLrKMO0v4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B504
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758875873757384
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758875873757384
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978758875873757384
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame B504 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
CookieIndex
rtb.adentifi.com/ Frame B504 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.254.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-254-118.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
bridge
cm.adgrx.com/ Frame B504 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-5
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B504 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ybych0bBg2VgARZg0q0o9AAA%261111
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:51 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1775
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:49:26 GMT
skeleton.js
pixel.adsafeprotected.com/db2/video/906389/59213326/ Frame 9A56 		40 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/906389/59213326/skeleton.js?videoId=8c275dd280996800663676218d61dacf&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&adsafe_type=abdq&adsafe_jsinfo=br:c
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.242.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154008f409ce895349d780096618cb2a454f04ff325461861f28f9431182df6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
content-encoding
gzip
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
X-Server-Name
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
skeleton.js
pixel.adsafeprotected.com/fwjsvid/st/906389/59213326/ Frame 9A56 		229 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/fwjsvid/st/906389/59213326/skeleton.js?videoId=8c275dd280996800663676218d61dacf&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst58aDvFfXIONfXhRxiw2FKOM_hjaijNrZLG27K5wcoe566DuvTf-_8BvQhSisyfcavUU4KNPid7J5UA_BDM1RWtSpORi0Ek5kPa7K8pCtVYMtqzjCuN5a5FbO9XmR87DHwjA8yiPP78DWS4EFR0Wb62g&sig=Cg0ArKJSzGCJWNl2-ONBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213336&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=60de15e7-b2f5-435c-a988-82b1fdfd2cd9&adsafe_par=&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.242.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a786a11fada4fe77a67639b066594244bc82963082552220530d3c98670e0933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
content-encoding
gzip
x-server-name
app25.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 60E5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
URL: https://ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 17 Dec 2021 14:19:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 17 Dec 2021 14:19:51 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
file.mp4
r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,i...
134 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3596A5A10BF82420D2618BB3CC3BB6461B6DF714.02F7D1C7C8C933D894B6923C473C953F57563A16/key/cms1/cms_redirect/yes/mh/Vz/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:19::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 14:47:33 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1110717/1110718
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1110718
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3596A5A10BF82420D2618BB3CC3BB6461B6DF714.02F7D1C7C8C933D894B6923C473C953F57563A16/key/cms1/cms_redirect/yes/mh/Vz/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
655
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame 9A56 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=mute&imp=79c0a65a-71d3-4268-abcd-a6e48f940c48&ag=ne6xjxo&crid=kiaorikp&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=appnexus&uhow=135&agsa=&wp=0.41406&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=7143&rlangs=de&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55GgAwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=anor&ipl=17386655&fpa=680&pcm=3&ict=Unknown&said=8988257917664834960&auct=1&grdc=CAE.&sfe=13f41c87&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:51 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dc_oe=ChMIyJ6724Pr9AIVsMi7CB0IqQ4HEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame 9A56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJ6724Pr9AIVsMi7CB0IqQ4HEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E8C8 		0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst58aDvFfXIONfXhRxiw2FKOM_hjaijNrZLG27K5wcoe566DuvTf-_8BvQhSisyfcavUU4KNPid7J5UA_BDM1RWtSpORi0Ek5kPa7K8pCtVYMtqzjCuN5a5FbO9XmR87DHwjA8yiPP78DWS4EFR0Wb62g&sig=Cg0ArKJSzGCJWNl2-ONBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.png
unified.adsafeprotected.com/ Frame E8C8 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS8ifX0sImNiIjoxNjM5NzUwNzkxNDQzLCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjEsImhlYWRlcnMiOnsiaGVhZGVyOCI6Imlhc28ifSwiY3VzdG9tIjp7ImN1c3RvbTciOiI5MDYzODkiLCJjdXN0b204IjoiNTkyMTMzMjYiLCJjdXN0b20xMSI6IjIwMjEuMTIuMDYtMTguMTYtNTNmYTM3OSIsInhzaWQiOiI2MGRlMTVlNy1iMmY1LTQzNWMtYTk4OC04MmIxZmRmZDJjZDkiLCJjdXN0b20xOSI6ImJsb2NrZWQifX0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.31.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.js
pixel.adsafeprotected.com/db2/video/906389/59213326/ Frame 9A56 		92 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/906389/59213326/skeleton.js?ias_callback=__IntegralAS_6ff079d276c4044e8428a9b77a4504ff_3355&videoId=8c275dd280996800663676218d61dacf&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst58aDvFfXIONfXhRxiw2FKOM_hjaijNrZLG27K5wcoe566DuvTf-_8BvQhSisyfcavUU4KNPid7J5UA_BDM1RWtSpORi0Ek5kPa7K8pCtVYMtqzjCuN5a5FbO9XmR87DHwjA8yiPP78DWS4EFR0Wb62g&sig=Cg0ArKJSzGCJWNl2-ONBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213336&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=60de15e7-b2f5-435c-a988-82b1fdfd2cd9&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:6ff079d2-76c4-044e-8428-a9b77a4504ff,c:x40qJ5,sl:inView,em:true,fr:true,thd:1,mn:app25ie,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:4,fm:sRRpdhu+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e*.906389-59213326%7C1e1%7C1e2%7C1f%7C1g%7C1h,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:28,oid:664b056a-5f44-11ec-a96f-064defe2639d,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/906389/59213326/skeleton.js?videoId=8c275dd280996800663676218d61dacf&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst58aDvFfXIONfXhRxiw2FKOM_hjaijNrZLG27K5wcoe566DuvTf-_8BvQhSisyfcavUU4KNPid7J5UA_BDM1RWtSpORi0Ek5kPa7K8pCtVYMtqzjCuN5a5FbO9XmR87DHwjA8yiPP78DWS4EFR0Wb62g&sig=Cg0ArKJSzGCJWNl2-ONBEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213336&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=60de15e7-b2f5-435c-a988-82b1fdfd2cd9&adsafe_par=&logTestResults=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.242.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d66be3c3bd5d5167aa1cb396b3e37b90433bbbc7da0142cccff342b0651b1c77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
content-encoding
gzip
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
application/javascript;charset=utf-8
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame B762 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
6675082
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
syEHQ6oXyToz5IlU9004AFbQpb8w6FOZDQ39nVO0HLaN7zWb-PeYGg==
skeleton.js
static.adsafeprotected.com/
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/906389/59213326/skeleton.js?videoId=8c275dd280996800663676218d61dacf&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pc...
  • https://static.adsafeprotected.com/skeleton.js
17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
2600:9000:223f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
age
14103836
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
amW7y6-2ADKK9RmAAOV7-JMuOL6Q3K27A-eUDJWmeFNxsucZVJNx_A==

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-server-name
app26.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=6ff079d2-76c4-044e-8428-a9b77a4504ff&tv=%7Bc:x40qJy,pingTime:-4,time:56,type:m,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:27%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-68,tp:adImpression,sl:undefined,ad_duration:15,width:400,height:225,volume:0,integral_timeToDecision:100,integral_didBlock:true,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:-68,tp:adError,sl:i,ad_duration:15,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:56,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:27,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B47~100%5D,as:%5B47~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRRpdhu+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e*.906389-59213326%7C1e1%7C1e2%7C1f%7C1g%7C1h,idMap:1e*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=6ff079d2-76c4-044e-8428-a9b77a4504ff&tv=%7Bc:x40qJz,pingTime:-1,time:57,type:u,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:27%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-68,tp:adImpression,sl:undefined,ad_duration:15,width:400,height:225,volume:0,integral_timeToDecision:100,integral_didBlock:true,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:-68,tp:adError,sl:i,ad_duration:15,width:400,height:225,volume:0%7D%5D%7D,ndt:0,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:57,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:27,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B48~100%5D,as:%5B48~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRRpdhu+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e*.906389-59213326%7C1e1%7C1e2%7C1f%7C1g%7C1h,idMap:1e*,rmeas:1,rend:1,renddet:env,lt:4%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=6ff079d2-76c4-044e-8428-a9b77a4504ff&tv=%7Bc:x40qJN,pingTime:-2,time:71,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2474,beZ:2475,mfA:2477,cmA:2479,inA:2480,inZ:2486,prA:2486,prZ:2496,si:2502,poA:2503,poZ:2528,cmZ:2528,mfZ:2528,loA:2539,loZ:2541,ltA:2545,ltZ:2545%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:400.225,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:27%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-68,tp:adImpression,sl:undefined,ad_duration:15,width:400,height:225,volume:0,integral_timeToDecision:100,integral_didBlock:true,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:-68,tp:adError,sl:i,ad_duration:15,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:72,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:27,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B63~100%5D,as:%5B63~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRRpdhu+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e*.906389-59213326%7C1e1%7C1e2%7C1f%7C1g%7C1h,idMap:1e*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:env,slid:%5Bcnx-ad-slot-923ef089-3e81-4e15-8e09-7383a40ea904,cnx_bid_slot_8bbf0045-d1b5-4932-8809-eebb3ac187f2%5D,sinceFw:41,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
file.mp4
r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... 		160 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednds.c.2mdn.net/videoplayback/id/265e84e4b9e1f8ab/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595654/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3596A5A10BF82420D2618BB3CC3BB6461B6DF714.02F7D1C7C8C933D894B6923C473C953F57563A16/key/cms1/cms_redirect/yes/mh/Vz/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5ednds/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:19::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=131072-

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Dec 2021 14:47:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 131072-1110717/1110718
client-protocol
quic
cache-control
private, max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
979646
expires
Fri, 17 Dec 2021 14:19:52 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=6ff079d2-76c4-044e-8428-a9b77a4504ff&tv=%7Bc:x40qON,pingTime:-10,time:381,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639750791893%7C%7C4405a9e70067d3953e9b78b04534847b%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C1c5371e19bbd0f310e4d9d6aee8f2515%7C%7C12b20b1a1e6aa5c721e5af3130a5a3b7%7C%7Caf95b41f522eb2d47b5d036316702e10%7C%7Cb4dd3a81e15ddad955da06b284faa8bb%7C%7C84aa30f67116cb421b09ba64c4732625%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usync.html
eus.rubiconproject.com/ Frame 2FF4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D652 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 8121 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 17 Dec 2021 14:19:52 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
beacon
ap.lijit.com/ Frame 5975 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13394437
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
nginx
Date
Fri, 17 Dec 2021 14:19:52 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1
sync
eb2.3lift.com/ Frame D77B
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
a23bc08165f126a071a8b42c36fead9f0a5ca30070a7dcafc0ebd97aa3e40762

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-type
text/html; charset=utf-8
content-length
458
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.html
public.servenobid.com/ Frame DB9B 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges
bytes
etag
"32347ab14bd5257f1f3d2e210ba82276"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
I2NOiuaZhaUggOdlVAbHxxM+fyszFdNtUejsCmQNUqk9pYTqPAoVFS8G9+tcGqpqJwBsFgrWUjU=
x-amz-request-id
4PVFCTWYZGT62VA6
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield
0qpC8YQAAAACar/Acb+jcRqaDG7dBeCObQU1TMDRFREdFMTkyMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0iJy8YQAAAABxqen5oMY/QaBfzOmEatbYRlJBRURHRTEwMTYAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Fri, 17 Dec 2021 14:19:52 GMT
2000891.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 3DF2
Redirect Chain
  • https://sync.serverbid.com/ss/2000891.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
Keep-Alive
Cache-Control
max-age=63561
Content-Length
4947
Content-Type
text/html
Last-Modified
Wed, 20 Nov 2019 20:29:05 GMT
Accept-Ranges
bytes
etag
"1b0ebac83fe30af80513039edbdf566f"
x-amz-request-id
tx00000000000000dc678ae-0061bc4351-d18d4c2-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
185
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1639750792.dop216.fr8.t,1639750792.cds228.fr8.shn,1639750792.dop216.fr8.t,1639750792.cds227.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
cache-control
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47C8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=116178
expires
Sat, 18 Dec 2021 22:36:10 GMT
date
Fri, 17 Dec 2021 14:19:52 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 41FA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 18 Dec 2021 14:19:54 GMT
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
pack
rb.adnxs-simple.com/ Frame 9A56 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.214 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
57.ratbait.prod.ams1.adnexus.net
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:52 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
/
insight.adsrvr.org/enduser/video/ Frame 9A56 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=error&vec=901&ast=[ASSETURI]&imp=79c0a65a-71d3-4268-abcd-a6e48f940c48&ag=ne6xjxo&crid=kiaorikp&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=appnexus&uhow=135&agsa=&wp=0.41406&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=7143&rlangs=de&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55GgAwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=anor&ipl=17386655&fpa=680&pcm=3&ict=Unknown&said=8988257917664834960&auct=1&grdc=CAE.&sfe=13f41c87&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dc_oe=ChMIyJ6724Pr9AIVsMi7CB0IqQ4HEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 9A56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJ6724Pr9AIVsMi7CB0IqQ4HEAAYACD72vpN;met=1;ecn1=1;etm1=0;eid1=200015;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FDB8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f96d800a51302368ea00721e2481eedf256301b608b05815b8a2d71a713f6259

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|3|196|230|88|39
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1620
Expires
Fri, 17 Dec 2021 14:19:52 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame 41FA 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d709beab-b1c8-4f1b-a046-4e4ff8bff4ab
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D77B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=nOthDzhfp&dongle=u6nf
eb2.3lift.com/ Frame D77B
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=nOthDzhfp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=nOthDzhfp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=nOthDzhfp&dongle=u6nf
date
Fri, 17 Dec 2021 14:19:52 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame D77B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHYA-nrslkmhOsEGMoAXhjc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHYA-nrslkmhOsEGMoAXhjc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHYA-nrslkmhOsEGMoAXhjc&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D77B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI1MzI1NDI3OTY4ODMwNDAxNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI1MzI1NDI3OTY4ODMwNDAxNw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTI1MzI1NDI3OTY4ODMwNDAxNw%3D%3D
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame D77B 		0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=9253254279688304017&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6B12CDA49AB8410FAC978FFA68BE278B Ref B: FRAEDGE1414 Ref C: 2021-12-17T14:19:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXTWDuEoEsdk4FTZbbGOQ==
xuid
eb2.3lift.com/ Frame D77B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/9253254279688304017?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CKNcn.FE2oRbW6gFIjNUtlBmyDoTySrtPEXXYV34tw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CKNcn.FE2oRbW6gFIjNUtlBmyDoTySrtPEXXYV34tw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 17 Dec 2021 14:19:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CKNcn.FE2oRbW6gFIjNUtlBmyDoTySrtPEXXYV34tw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame D77B 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=9253254279688304017&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-142-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame D77B 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=9253254279688304017&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F3D8963242184EF1814F06E19CF28892 Ref B: FRAEDGE1213 Ref C: 2021-12-17T14:19:52Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame D77B
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=9253254279688304017
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9253254279688304017&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9253254279688304017&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TBSAF5M7PB5JF5CMQHCH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=9253254279688304017&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D77B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 2FF4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65510a60dfbadc9acd584b249701f0a1c7a542a684d35ea9f614781862cf9aa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23273
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Fri, 17 Dec 2021 20:47:45 GMT
Ybych0bBg2VgARZg0q0o9AAABFcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FDB8 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ybych0bBg2VgARZg0q0o9AAABFcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame FDB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame FDB8 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.11.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-11-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FDB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Dec 2021 14:19:51 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame FDB8 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193670.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
usermatchredir
ssum-sec.casalemedia.com/ Frame FDB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDPxBne_YMRVPeBFNDAOZiI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame FDB8 		85 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1639750793.621169,VS0,VE185
x-served-by
cache-fra19166-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
casale
match.adsrvr.org/track/cmf/ Frame FDB8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FDB8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ybych0bBg2VgARZg0q0o9AAA%261111
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1774
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:49:26 GMT
v2
fra1-ib.adnxs.com/vast_track/ Frame EC90 		0
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQmEnLxhAAAAABGOWKr6f0OYIhmDnLxhAAAAACC35I6dASgAMMAIOOc3QMyyYUjD6pcCUJ-ZpQhY4dYBYgJERWgBcAF4AIABAogBAZABkAOYAeEBoAEAqAG35I6dAbABAQ..&s=97fb8513d7a0a8fbf4ad2a281a202d032c9dcef1&event_type=4&error_code=%5Berrorcode%5D&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ba2ddd35-fd64-4657-8290-f4a9d8cd68ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame DD73 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
81dd0de2e048b9a9c47af5e5598bf46a6dc5957d41407002a9e13a9f312d0929

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"02b42fa7e9eee99ae8ddda5f36e57858b"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame D6FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 17 Dec 2021 14:19:51 GMT
/
onetag-sys.com/usync/ Frame 6792 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame B2AA 		773 B
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
99e55d8e185bde7966b628c884332800106a265b3977725c80325cd1e057ef9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-type
text/html
content-length
773
usermatch
ssum-sec.casalemedia.com/ Frame D3C3 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
973bb6bedf0d83c9570d6c610bee89bf811aea738de0fa3ddf5a022890fa9476

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|4|65|81|190|5|196|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1455
Expires
Fri, 17 Dec 2021 14:19:52 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
sync
ads.servenobid.com/ Frame DB9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=9214095078257359212
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=9214095078257359212
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d2f6a017-2bf4-447c-8077-afaa22d86acf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=9214095078257359212
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame DB9B
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame DB9B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2640057995
  • https://sync.1rx.io/usersync/tradedesk/962356cb-c8b9-4f32-b6ee-f3ace453922c
  • https://sync.targeting.unrulymedia.com/csync/RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
date
Fri, 17 Dec 2021 14:19:52 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfb3eb0522f1b4b219fd3e147683b8fc1003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame DB9B 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-124-230.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame DB9B
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=978758875873757384
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=978758875873757384
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=978758875873757384
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame DB9B 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame DB9B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=e2c25946-2f80-4e76-ba6f-09d9472a68df&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=e2c25946-2f80-4e76-ba6f-09d9472a68df&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=e2c25946-2f80-4e76-ba6f-09d9472a68df&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame DB9B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-zGYGNCBE2uGJAG7cA47C5oZX0h0hY8wzYlcHxJc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-zGYGNCBE2uGJAG7cA47C5oZX0h0hY8wzYlcHxJc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-zGYGNCBE2uGJAG7cA47C5oZX0h0hY8wzYlcHxJc-~A
date
Fri, 17 Dec 2021 14:19:52 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame F5A9 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
416ef10f-0a7c-4449-a6ad-f55528ee0eff
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3D01 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e265ddf7-6c9d-4451-bd93-b0d269f71700
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame D3C3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame D3C3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9192358177570622074
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9192358177570622074
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9192358177570622074
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame D3C3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1639837192&gdpr=1
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame D3C3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1edwR9q1KhfO73AQ0Oc_HNuwJ0bO5XMW0Lc7NCa1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1edwR9q1KhfO73AQ0Oc_HNuwJ0bO5XMW0Lc7NCa1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Dec 2021 14:19:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=1edwR9q1KhfO73AQ0Oc_HNuwJ0bO5XMW0Lc7NCa1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
ib.adnxs.com/ Frame D3C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ix
ad4m.at/ad/sim/ Frame D3C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
us.php
gu.dyntrk.com/adx/ie/ Frame D3C3 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193670.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
noop
px.owneriq.net/ Frame D3C3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6930371921316669386&uid=Q6930371921316669386&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame D3C3 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Ybych0bBg2VgARZg0q0o9AAABFcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame B2AA 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=532837942268189448&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ Frame B2AA 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.32.46.11 , France, ASN16276 (OVH, FR),
Reverse DNS
ip11.ip-213-32-46.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
/
rtb-csync.smartadserver.com/redir/ Frame B2AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1639750793.770284,VS0,VE0
x-served-by
cache-fra19166-FRA
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame B2AA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_uid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_uid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=25005a97-90f0-4722-b7ee-6b0addc30661&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=
Date
Fri, 17 Dec 2021 14:19:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame B2AA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c555caa7-1b45-4bfa-8863-b1ef49638d91&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c555caa7-1b45-4bfa-8863-b1ef49638d91&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c555caa7-1b45-4bfa-8863-b1ef49638d91&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5275045
content-length
0
expires
Fri, 17 Dec 2021 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 30CC 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c1e1f26e-f647-492c-a701-4c3e415a9b0d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 2FF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
um
cs.emxdgt.com/ Frame 44A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 14F0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Fri, 17 Dec 2021 14:19:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
uc.html
go.sonobi.com/ Frame 2F96 		43 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-128
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
cm
gift-connect-d.openx.net/w/1.0/ Frame CF41 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 17 Dec 2021 14:19:52 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 26F9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=116178
expires
Sat, 18 Dec 2021 22:36:10 GMT
date
Fri, 17 Dec 2021 14:19:52 GMT
vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 3DF2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9214095078257359212
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9214095078257359212
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
058ac789-273e-4118-b13c-0e1cb3afda4a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=9214095078257359212
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 3DF2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ybych0bBg2VgARZg0q0o9AAA%261111
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ybych0bBg2VgARZg0q0o9AAA%261111
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=Ybych0bBg2VgARZg0q0o9AAA%261111
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Fri, 17 Dec 2021 14:19:52 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 3DF2
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c76cb7cbd35baf8ec242c663
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c76cb7cbd35baf8ec242c663
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
0

Redirect headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c76cb7cbd35baf8ec242c663
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 3DF2 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 3DF2
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP659dd57d-5f44-11ec-99e4-0279b964837c
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP659dd57d-5f44-11ec-99e4-0279b964837c
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP659dd57d-5f44-11ec-99e4-0279b964837c
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:52 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP659dd57d-5f44-11ec-99e4-0279b964837c
date
Fri, 17 Dec 2021 14:19:52 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/ Frame 3DF2
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
cache-control
no-cache
content-length
0
56939
i6.liadm.com/s/ Frame 3DF2
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242&_li_chk=true&previous_uuid=9bf7274da6d04a66aa02062de05daa36
  • https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:53 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
335f16cf23af6d63
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
Date
Fri, 17 Dec 2021 14:19:53 GMT
Connection
keep-alive
trace-id
abe67ff9f4f6cd94
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
rubicon
match.adsrvr.org/track/cmf/ Frame 2FF4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2FF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hBSEE0VVgtMS1GMkQ2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hBSEE0VVgtMS1GMkQ2
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hBSEE0VVgtMS1GMkQ2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2FF4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbychwAMpscx0wBR
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbychwAMpscx0wBR
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1639750793.902024,VS0,VE0
x-served-by
cache-fra19166-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YbychwAMpscx0wBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 2FF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk0YTU1ZmQ1MTdkMTlhMzc0MmI4Zjg0YzJjNzE4NTliYzVkMWJlNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk0YTU1ZmQ1MTdkMTlhMzc0MmI4Zjg0YzJjNzE4NTliYzVkMWJlNQ
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk0YTU1ZmQ1MTdkMTlhMzc0MmI4Zjg0YzJjNzE4NTliYzVkMWJlNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2FF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ULBJKds8lpcoMA1NmWOatA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6710060050963310893
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6710060050963310893
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Fri, 17 Dec 2021 14:19:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6710060050963310893
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 2FF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN0NBF9N9p12cFuAPBbU2Ns&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN0NBF9N9p12cFuAPBbU2Ns&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN0NBF9N9p12cFuAPBbU2Ns&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 2FF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXAHA4UX-1-F2D6&sigv=1&esig=2~b07b39691d7a7b6454d431d5a8735ca87ed4bd13
0
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXAHA4UX-1-F2D6&sigv=1&esig=2~b07b39691d7a7b6454d431d5a8735ca87ed4bd13
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXAHA4UX-1-F2D6&sigv=1&esig=2~b07b39691d7a7b6454d431d5a8735ca87ed4bd13
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adview
securepubads.g.doubleclick.net/pagead/ Frame AB5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C01-chZy8YaqjB_6DjuwPkumCoAebi9qXZrm40OaQDtvZHhABIPmb8YQBYJWyoYKwB6AB4K7W2AHIAQngAgCoAwGqBJ8CT9CGqgr_pfqcRWb_B5RPdWdtIuo0xy3mjf3HjbrZprARJj8uKxbrW7jJKUADFi5NJYLXD1eqp9NEn0AZ8jsH7KoG-MN3xURztB8aoQFLS-Mn3c5ijzjw4p1uHd679n18Xaxa5nTkyIZoxgs9kb25zV_c_m54v9GSKuFR9CBISOy0-3UYjsPpLq7-_ZPCGNpXMcrdM3rl0_AiLt7bWtULeCA4gEjcZm3NdxO6dAkMt3AVvrdAtnUJi7wTTbWg5tajgqSvPUTV0qtMMSlrW-V7BJPZSumHzfg5PYVmOd9w20l8QVQu5YHhiym60r_2pp9xx4zZ92DjAPt7qty3NV5k6w_KWwMPNy7HUD6YnI-Ybzuxy8RwGu0GqjkQ4Tw66QDABNrapbffA-AEAaAGLoAHiNGppwKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCsozLSCAcIgGEQARgdgAoDyAsB2BMDiBQC0BUBmBYBgBcBshceChwIABIUcHViLTQxMTM2ODE4ODIzMTE0NTUYhNt7&sigh=gQPtck1ofXA&vt=1&template_id=484&uach_m=[]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame AB5E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBCXv5vBYe_dRQ0Og06g6Sdfcn08uhTMA4Fn5FZ3i-KA0Hct3VOazA7fgTtuHt0BZsjUqzm6FaBBeh7sOiRS1HiToREDGRoTDwk1F3DXg-03fsl04FjNy7GPBkG8AngdNWX-P-b0DDcA&sai=AMfl-YQGVYs6hTQaTWSufvuWoodCfGWJCXBYXbkova_gn0rFbTO9HX4UcmwsVIKWFwswjJvqDpKXe-rHMbQhE9hpaJcfOwoFo-WoBRD-UXKf9EUBWWIXPo67rChMipTH&sig=Cg0ArKJSzH19h3Uc29HVEAE&cid=CAASFeRoN9zr3VUZl2VbCX-2yJn3LpEkkQ&id=ampim&o=1082,416&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=507&tls=1512&g=100&h=100&tt=1512&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1414505084
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 14F0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65510a60dfbadc9acd584b249701f0a1c7a542a684d35ea9f614781862cf9aa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23273
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Fri, 17 Dec 2021 20:47:45 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 956C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDnG3hZy8Yd-EOpyw3gPksoL4B5uL2pdmubjQ5pAO29keEAEg-ZvxhAFglbKhgrAHoAHgrtbYAcgBBuACAKgDAaoEnAJP0F3BBaQhn8k3qEiKEddo9IyZwy42dRjAWV4xQ1cGCqeuNZj88UJKgSdm6_eEOulf_-A2wcUsPIcT1nUEQQuUbQFEsh0Ehvqw9Qwu8O5RiUn92oqUnHLxzkJbMUlqnPBny3P1KxZk3ZzE3NmQSsFPFYywxg1s7XpjjKxzsi5phU6iNeK0ZDoo7JrGZrjyYOP2PMgdjoCqVzDSqfpAlZu7rT1qElGQLsa4STmydGAAefTbeghQ3QsfVMMrf9lM6cG6X2UW5LOf8e72movSZ5mV_TTOvYr0Dc7_ey5rDruJzRtVpl3xFwKlnIDFbmSDkoUlUt2udkUzdxhZB4rrs9Rv_pbPQ-8AGnBLjphCVlnspFANKVDTH7A3RM9EqsAE2tqlt98D4AQBgAeI0amnAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENvEK9IIBwiAYRABGB2ACgPICwHYEwOIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDExMzY4MTg4MjMxMTQ1NRiE23s&sigh=fp-D3RSbzuU&vt=1&template_id=492&uach_m=[]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 956C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqNkfvuLNqn9BYJSr_HAEwmKO0YaS2g_bXE5IZoXFv1bNkEFl_b4WaZ0z0IJMLC2kmLGhULc-axIIGf1f1ydmUl8Aw-adqnOMFnTlK-xVVRWz1RapeQa4XGHnXnWsjed8JB9Zu4V1dfw&sai=AMfl-YTfujT93QAJUiqJx3pS6BYzZjqu8YVAWr6HY7uxMZ6zoGvDHR1N9rNjdDUDvqtXHa0Lcx2QpXtXyITHMPfdi61Jv0V-bjaIsQ90V7tuXw_x1SMjOQejFB82GUN7&sig=Cg0ArKJSzDNXnet1HF7SEAE&cid=CAASFeRou8Ti-mBrFoJeGAHfbnldtt1YQg&id=ampim&o=315,8&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,0,1009,1009&tos=0,0,0,1009,0&tfs=288&tls=1297&g=100&h=100&tt=1297&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4166723991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 14F0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&khaos=KXAHA4UX-1-F2D6
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 71BC 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=232078076992821&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=35DDE651-08BF-4072-B0FD-946BEC124B2D&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2834&dt=1639750792545&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=2080959087648363&ged=ve4_td9_tt6_pd9_la9000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
async_usersync
ib.adnxs.com/ Frame 41FA 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:53 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
131a4528-e8ba-49d3-8283-ed4fbd13c368
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=9214095078257359212
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=9214095078257359212
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:53 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6b48c2e8-3719-4895-bc9f-24871ad9c75f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=9214095078257359212
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
  • https://rtb.gumgum.com/usersync?b=bsw&i=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=fa39ba2a-54f1-4f5d-b922-494164a3cb9c
Date
Fri, 17 Dec 2021 14:19:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame DD73
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%289m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9&obuid=ENC(9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D9m_0_UUso6P6fo0ttKMLt...
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=c555caa7-1b45-4bfa-8863-b1ef49638d91&obUid=9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-&platformId=GUMGU18H7EL9NI653I7DPEH51
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=c555caa7-1b45-4bfa-8863-b1ef49638d91&obUid=9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-&platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:56 GMT
Cache-Control
no-cache
X-TraceId
db0e4df2d207c149d5ba2d23ec83fac3
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.outbrain.com/cookie-sync?p=criteo&uid=c555caa7-1b45-4bfa-8863-b1ef49638d91&obUid=9m_0_UUso6P6fo0ttKMLtThXB2pJdcMuWVyca_7wCnHk4a2dOaqXeyN9p_Y2itN-&platformId=GUMGU18H7EL9NI653I7DPEH51
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1885239
content-length
0
expires
Fri, 17 Dec 2021 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=85dca89e-1cf0-478a-a265-0c4df0ddb1b7
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=85dca89e-1cf0-478a-a265-0c4df0ddb1b7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:54 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=85dca89e-1cf0-478a-a265-0c4df0ddb1b7
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-82c63a78-c667-48b1-56d3-da8abee694be$ip$78.47.208.26
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-82c63a78-c667-48b1-56d3-da8abee694be$ip$78.47.208.26
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-82c63a78-c667-48b1-56d3-da8abee694be$ip$78.47.208.26
Date
Fri, 17 Dec 2021 14:19:54 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-udo4EihE2pdFRvBkvxJkRIj3SCfPNyKPYrOK~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-udo4EihE2pdFRvBkvxJkRIj3SCfPNyKPYrOK~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 17 Dec 2021 14:19:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-udo4EihE2pdFRvBkvxJkRIj3SCfPNyKPYrOK~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=679c15a4-5f44-11ec-a568-0feef643c50a
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=679c15a4-5f44-11ec-a568-0feef643c50a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=679c15a4-5f44-11ec-a568-0feef643c50a
Date
Fri, 17 Dec 2021 14:19:53 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
679c15a5-5f44-11ec-a568-0feef643c50a
services
sync.technoratimedia.com/ Frame DD73 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:54 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1054332494
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame DD73 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=9kbxoNjiKYGQhNZUWLQ7&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OLLMJ4G6TTKNFFVSR2RNBHFUVKXJRITOJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9kbxoNjiKYGQhNZUWLQ7&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9kbxoNjiKYGQhNZUWLQ7&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:54 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:54 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=9kbxoNjiKYGQhNZUWLQ7&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=6b215664-179e-45f1-ae3b-d977f397aa33
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=6b215664-179e-45f1-ae3b-d977f397aa33
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=6b215664-179e-45f1-ae3b-d977f397aa33
date
Fri, 17 Dec 2021 14:19:54 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003&rndcb=5402700076
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_pa...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=5289f59392dd464e90469e0cf2586c85&ssp=adconductor&bsw_param=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/fa39ba2a-54f1-4f5d-b922-494164a3cb9c?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
date
Fri, 17 Dec 2021 14:19:53 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfb3eb0522f1b4b219fd3e147683b8fc1003
content-type
text/html
usersync
rtb.gumgum.com/ Frame DD73
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=jDHl6imc5qvq&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=jDHl6imc5qvq&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=jDHl6imc5qvq&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-685df6f7b9-j848m
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame DD73 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-length
0
sync
ads.servenobid.com/ Frame DD73 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.199.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-199-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 3CB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 17 Dec 2021 14:19:53 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&gdpr=0&gdpr_consent=
Expires
Fri, 17 Dec 2021 14:19:52 GMT
usersync
rtb.gumgum.com/ Frame 8059
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Fri, 17 Dec 2021 14:19:53 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1639750794.884220,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8442 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83ZDdkOGIzMC0yODc5LTQxMTYtOGNhNS0zZTAxNzFjYWUxYTk=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Fri, 17 Dec 2021 14:19:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BDF8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=116177
expires
Sat, 18 Dec 2021 22:36:10 GMT
date
Fri, 17 Dec 2021 14:19:53 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 46BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 17 Dec 2021 14:19:52 GMT
usersync
rtb.gumgum.com/ Frame A4CB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=962356cb-c8b9-4f32-b6ee-f3ace453922c&t=1642342793
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=962356cb-c8b9-4f32-b6ee-f3ace453922c&t=1642342793
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=962356cb-c8b9-4f32-b6ee-f3ace453922c&t=1642342793
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 3EC1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Dec 2021 14:19:53 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Fri, 17 Dec 2021 14:19:53 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
um
cs.emxdgt.com/ Frame A5FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Fri, 17 Dec 2021 14:19:53 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame A446
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YbycisCo5sEAAKhqR4QAAAAA
552 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YbycisCo5sEAAKhqR4QAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Fri, 17 Dec 2021 14:19:54 GMT
content-type
text/html
content-length
552
server
nginx

Redirect headers

Server
nginx
Date
Fri, 17 Dec 2021 14:19:54 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YbycisCo5sEAAKhqR4QAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
m-ad130.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":63,"gdpr":true,"ipv4":"0.0.0.0","key":"YbycisCo5sEAAKhqR4QAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad130"}
X-SO-Key
YbycisCo5sEAAKhqR4QAAAAA
X-SO-IP
78.47.208.26
X-SO-Cluster-ID
63
X-SO-Upstream-ID
m-ad130
usersync
rtb.gumgum.com/ Frame C93C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=jzFFrtrdmFldaoJODWpV&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=jzFFrtrdmFldaoJODWpV&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-104-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Fri, 17 Dec 2021 14:19:55 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 17 Dec 2021 14:19:53 GMT Fri, 17 Dec 2021 14:19:53 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=jzFFrtrdmFldaoJODWpV&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 26B3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156858&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame BDF8 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77068871&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:53 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 3EC1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65510a60dfbadc9acd584b249701f0a1c7a542a684d35ea9f614781862cf9aa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23272
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Fri, 17 Dec 2021 20:47:45 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 3EC1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KXAHA4UX-1-F2D6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E2AE 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2111057355531351&cust_params=domains%3Dthreatpost.com&ad_type=video&us_privacy=1---&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1232260695&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=FAFFA137-B862-4484-A84B-8F5B8DFAB65E&nel=1&eid=44736293%2C44737473%2C44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2919&dt=1639750794039&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=2720751170542581&ged=ve4_td10_tt7_pd10_la10000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts5_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 50C1 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3024357118288110&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=4002501869&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=63B520F1-FC02-4BE9-93FA-A9ABBDA09ECB&nel=1&eid=44750604%2C44752052&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2876&dt=1639750795559&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=1826778933522702&ged=ve4_td12_tt9_pd12_la12000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame EC90 		688 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
90370c759efb343d874c6917b539ffd8003b859225749f8a56877f4a64e9f884

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:57 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
494
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&pid=UtoSgNdAUmJ66&cb=2&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:57 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
ET2WJBM89XGD9GDA4SF8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
hT5tZ0A-dHWr1Ph5xXGYavleeggPFKWr76JkC6DWU0zxIm-VgEufrA==
g
capi.connatix.com/rtb/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:19:57 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
prebid
ib.adnxs.com/ut/v3/ Frame E6C4 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c19eabbdebd38b7e2873f4439e52ba33457a026ce69153df189207d1e7402de3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:58 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0c77b3ed-454d-4c28-bc3f-b1f4122a2cd7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame E6C4 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 17 Dec 2021 14:19:57 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://threatpost.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
mvo
tag.1rx.io/rmp/216476/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame E6C4 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2245587554aa368bf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%22d2bf0996-7289-4420-b440-2007975e0144%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2246748db3763da56%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e92b5a44f4d903251099d4fa2402f27f5fdde6a1cdae942eca358a5f2ccd3d2

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.26], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 17 Dec 2021 14:19:58 GMT
translator
hbopenbid.pubmatic.com/ Frame E6C4 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
53c6b8fe686636510364065a37cf12a43d4e00c5bc4d6f4e8cbcaddfd3333bcb

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
content-type
application/json
avjp
teachingaids-d.openx.net/v/1.0/ Frame E6C4 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5d4726ee-a525-4d69-84db-5f6bdbd43196&nocache=1639750797370&gdpr=0&pubcid=a14d33b7-9d62-402b-9fc8-d4485caa830c&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2Cd2bf0996-7289-4420-b440-2007975e0144%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:57 GMT
via
1.1 google
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame E6C4 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame E6C4 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4c1f660e07ede02cbcc3bdfab0c19a98c736318b138858147f32fbf1761636e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
90c47dce-df88-4566-857e-f4a9f9b1d1b0
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame E6C4 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2255d6c9b4be58bdf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%22d2bf0996-7289-4420-b440-2007975e0144%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256eb93dac8e7e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00257bd7cbfbff3eff8c30a842676396dda0a4c09f91c039492695f19aedc40f

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.26], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 17 Dec 2021 14:19:58 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame E6C4 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.225.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-225-48.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
mvo
tag.1rx.io/rmp/233098/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216475/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
avjp
teachingaids-d.openx.net/v/1.0/ Frame E6C4 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bbcbfca2-e684-4a3b-b317-b2e0e8b68902&nocache=1639750797383&gdpr=0&pubcid=a14d33b7-9d62-402b-9fc8-d4485caa830c&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C5877ef11-45e0-4bab-8185-2efbc6e60612%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
via
1.1 google
server
OXGW/17.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/233148/0/ Frame E6C4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cache
prebid.adnxs.com/pbc/v1/ Frame E6C4 		63 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
806cef2bb1b2a0085ffac25fd426a7109ee3435cd377228afafb59ee12f3be09

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame EC90 		576 KB
576 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff1558c75d3dd6106e2c794075083bd1dd9c53b239e7a2de6e2df6e7ca5e0440

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=1315443-1905036

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
last-modified
Tue, 14 Dec 2021 10:39:11 GMT
age
89595
etag
"58ab306ddc28464438d0b38e336bc90b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1315443-1905036/4702372
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
589594
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/c13acad6-2779-4e7e-bd26-252a58591dac/895da5fc-a4ef-4d3f-96c0-1834367e4934_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Fri, 17 Dec 2021 14:19:58 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
cache
prebid.adnxs.com/pbc/v1/ Frame E6C4 		63 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
91fb8f2903a5cd9f2303bc7507598419f2797925cfb6969ddea6bc2dc37d22ca

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
63
cache
prebid.adnxs.com/pbc/v1/ Frame EC90 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache?uuid=32b9ac9b-22a5-4c97-aae3-598659875bce
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
646231f9abc7ce05cb12d7b047e44c7e954501aa7d2a4ca84aab84dcadd79df7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
cache
prebid.adnxs.com/pbc/v1/ Frame EC90 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbc/v1/cache?uuid=13fe6fc0-7275-40ca-a27b-a463048f2fca
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
7e9d46113f4bafb53bc3320e8e3b8ef6ae14a3f2b434c50f32ce6b0b5c8e6c0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/xml
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
ab
fra1-ib.adnxs.com/ Frame EC90
Redirect Chain
  • https://fra1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQmOnLxhAAAAABGFv0oC5VPEFxmNnLxhAAAAACCa5I6dASgAMMAIOOc3QMyyYUjD6pcCUKOZpQhY4dYBYgJERWgBcAF4AIABAogBApABkAOYAeEBoAEAqAGa5I6dAbABAQ..&s=1cebb...
  • https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLnD_BM5wcAAAMA1gAFAQiNufKNBhCF_6qS0PyU4hcY7PLRkfzUwu...
11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLnD_BM5wcAAAMA1gAFAQiNufKNBhCF_6qS0PyU4hcY7PLRkfzUwu9_KjYJVWo4Xf112j8REVVgFzEr1T8ZAAAAIFyPH0AhEVVgFzEr1T8pVWoJJAAxARvArkfpPzCjmaUIOOc3QMAISFJQmuSOnQFYy496YABo6KWpAXia2QWAAQGKAQNVU0SSAQEG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKYCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKACSZ0PTEmYWlkPTE3MTI1ODYwMDEzNTg3MDA0MjEmd3BjPVVTRCZzZmU9MTNmNDFjOGUmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNHhlQkJsZ0ZmYlFQeEdMQWNZbnpseW9LUS11UjhiYXZOZnAyOFp5T0tFYy4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9TWlkUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUU9BQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjU4JnN2aT03AS9oPTF3aDlvM3QmdnJ0ZD0xNCUyYzE1JnJ1cmw9ZUooJTNhJTJmJTJmdGguEAIIJTJmmlIDECUyZjE3YVT00wElMmYmdHNpZz04Wng5cXRrdFZKZFBGRkVtNHNhUVN4WTdJdmJ4eHJrR2NETjJkREFQSndnLiZjPUNnZEhaWEp0WVc1NUdnQXdBamdDU0FCUUFZQUJBSWdCQXBBQkFBLi4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk0uJmR1cnM9VXZBWHZzJmNycmVscj0mYWRwdD1hbm9yJmlwbD0xNzM4NjY1OSZmcGE9Njc5JnBjbT0zJmdyZGM9Q0FFLiZ2Yz0zJnNhaWQ9NjQ3NzMxNzI3MzM4MDQ5NzgyJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1ZBU1RfSU1QUkVTU0lPTklEEiQyNWE0YmYzOC1lMTY1LTQ4ZGYtODI0Zi0wMjkyOWJmNTYzNDSAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHR0cHM6Ly9pbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkE6gAAEfSZBZ_BGPTIxaHQ5MjQyJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfSR7VFREX1ZBU1RfUEFSQU2lbxB9GhMxN0GyBDYwvWYEKgRB-hg6DW9ydGItEW7wZcAD4KgByAMA2AO21bcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDc4LjQ3LjIwOC4yNqgEALIEEAgCEAQYkAMg4QEoAjAAOAO4BADABADIBADaBAIIAeAEAPAEmsGuWIgFAZgFAKAF9qHw7a-Szf4IwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AaN2AHaBhYKEAkSGQFgEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMWm0CLoHDwFTSBgAIAAwADi9BkAAyAea2QXSBw0VgQFCCNoHBgknROAHAOoHAggA8AfU_QKKCAIQAA..&s=d6cff330748ba2aea91bbc6c34db40a166d0a45e
Protocol
HTTP/1.1
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bed4d22acd1310898d93c5f6323ac56c43c5c4efb90207765f4b7531cd3267f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
X-Creative-ID
329495066
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8ed718ff-40a0-4c1e-b6de-d2d8bcb896bc
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/xml; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:58 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
82466ad8-03f2-45a4-83d2-f1b21dbb2acc
Server
nginx/1.17.9
Access-Control-Allow-Origin
https://threatpost.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://fra1-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&e=wqT_3QLnD_BM5wcAAAMA1gAFAQiNufKNBhCF_6qS0PyU4hcY7PLRkfzUwu9_KjYJVWo4Xf112j8REVVgFzEr1T8ZAAAAIFyPH0AhEVVgFzEr1T8pVWoJJAAxARvArkfpPzCjmaUIOOc3QMAISFJQmuSOnQFYy496YABo6KWpAXia2QWAAQGKAQNVU0SSAQEG8OWYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQDYAtNH4ALX9zfqAkZodHRwczovL3RocmVhdHBvc3QuY29tL2NvbnRpLWdhbmctcmFuc29td2FyZS1hdHRhY2stbWNtZW5hbWlucy8xNzcxMTkv8gKYCQoTVFREX1ZBU1RfUEFSQU1FVEVSUxKACSZ0PTEmYWlkPTE3MTI1ODYwMDEzNTg3MDA0MjEmd3BjPVVTRCZzZmU9MTNmNDFjOGUmcHVpZD0mdGRpZD0wMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMAEHCQHwhiZwaWQ9cGo1NDlrbiZhZz1uZTZ4anhvJmFkdj03a24zMXRyJnNpZz0xNHhlQkJsZ0ZmYlFQeEdMQWNZbnpseW9LUS11UjhiYXZOZnAyOFp5T0tFYy4mYnA9MC42MDg5MTIzODMyODM0Njg2MzEyMiZjZj0yODI1NDM2JmZxPTAmdGRfcz10aC5AAVQmcmNhdHM9bXZrJm1jYXQ9Jm1zdGU9NmQBPCZtZmxkPTQmbXNzaT0mbWYBBvBYdWhvdz0xMzUmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1kZSZtbGFuZz0mc3YhIxQ3MTQzJmQhW0RyY3h0PU90aGVyJmxhdD0wLjAFAQwmbG9uGQ0cdG1wYz0mZGEBMRR2cD0wJm8Bomhvc3Y9JmJmZmk9NDEmbWs9R29vZ2xlJm1kbD0JfggrLSsRn5h2cGI9TWlkUm9sbCZkYz04MiZ2Y2M9RUxRQkdMUUJNZ1FJQWdnSk8BCPBeUWdDUUFGSUFWQUNpQUVDb0FHUUE2Z0I0UUhJQVFIUUFRUG9BUU9BQWdPS0Fnd0lBUWdFQ0FJSUJRZ0RDQWFhQWdJSUFxQUNBcWdDQXNBQ0FnLi4mc3Y9YXBwbmV4dXNBIxRpPTMxMjFBFthpPTE4MzIwNCZjbXBpPTIwMzc4OTkmYWdpPTEwNDcwNjYwJmNyaWRpPTIxNTcxMjU4JnN2aT03AS9oPTF3aDlvM3QmdnJ0ZD0xNCUyYzE1JnJ1cmw9ZUooJTNhJTJmJTJmdGguEAIIJTJmmlIDECUyZjE3YVT00wElMmYmdHNpZz04Wng5cXRrdFZKZFBGRkVtNHNhUVN4WTdJdmJ4eHJrR2NETjJkREFQSndnLiZjPUNnZEhaWEp0WVc1NUdnQXdBamdDU0FCUUFZQUJBSWdCQXBBQkFBLi4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk0uJmR1cnM9VXZBWHZzJmNycmVscj0mYWRwdD1hbm9yJmlwbD0xNzM4NjY1OSZmcGE9Njc5JnBjbT0zJmdyZGM9Q0FFLiZ2Yz0zJnNhaWQ9NjQ3NzMxNzI3MzM4MDQ5NzgyJmljdD1Vbmtub3duJmF1Y3Q9MSZpbT0xJm1jPThmZDFkMjQ1LWM0YTctNDdmZi04NmZmLTdiMmQ4MTJhNTY2MvICPQoVVFREX1ZBU1RfSU1QUkVTU0lPTklEEiQyNWE0YmYzOC1lMTY1LTQ4ZGYtODI0Zi0wMjkyOWJmNTYzNDSAAwCIAwGQAwCYAxegAwGqA8QBCpcBaHR0cHM6Ly9pbnNpZ2h0LmFkc3J2ci5vcmcvZW5kdXNlci92YXN0Lz9paWQ9JHtUVERfVkE6gAAEfSZBZ_BGPTIxaHQ5MjQyJnR0ZF9wcmV2aWV3PSR7SVNfUFJFVklFV30md3A9JHtBVUNUSU9OX1BSSUNFfSR7VFREX1ZBU1RfUEFSQU2lbxB9GhMxN0GyBDYwvWYEKgRB-hg6DW9ydGItEW7wZcAD4KgByAMA2AO21bcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDc4LjQ3LjIwOC4yNqgEALIEEAgCEAQYkAMg4QEoAjAAOAO4BADABADIBADaBAIIAeAEAPAEmsGuWIgFAZgFAKAF9qHw7a-Szf4IwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXh1gH6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AaN2AHaBhYKEAkSGQFgEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcHMWm0CLoHDwFTSBgAIAAwADi9BkAAyAea2QXSBw0VgQFCCNoHBgknROAHAOoHAggA8AfU_QKKCAIQAA..&s=d6cff330748ba2aea91bbc6c34db40a166d0a45e
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 5FAB 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=5254F485-7446-412D-A850-03FC30763827&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame C84C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=5254F485-7446-412D-A850-03FC30763827&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=34772
expires
Fri, 17 Dec 2021 23:59:30 GMT
date
Fri, 17 Dec 2021 14:19:58 GMT
vary
Accept-Encoding
/
insight.adsrvr.org/enduser/vast/ Frame 5FAB 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?t=1&iid=e49d9ef0-5bcd-4f71-bee1-5a31718663ac&crid=21ht9242&wp=0.476778&aid=1&wpc=USD&sfe=13f41c8d&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=1Vbqnz0ECf0geXC2zrlOYLbzE_WkL0_uhYVt_t5NePlE.&bp=0.60891238328346863122&cf=2825436&fq=0&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=135&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=156858&did=&rcxt=Other&lat=49.450000&lon=11.020000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&vpb=MidRoll&dc=16&vcc=CAEQtAEYtAEyCggCCAUICQgGCAQ6BAgBCAJAAUgBUAKIAQKgAZADqAHhAcgBAdABA-gBA4ACA4oCCAgCCAMIBQgGmgICCAKgAgOoAgGwAgC4AgDAAgA.&sv=pubmatic&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571258&svi=12&cmp=1wh9o3t&vrtd=14,15&rurl=https%3a%2f%2fthreatpost.com%2fconti-gang-ransomware-attack-mcmenamins%2f177119%2f&tsig=9eM9Ey9EuPXGgvVswZoPvbI86tB5MigGh___eMO7SSg.&c=CgdHZXJtYW55GgAwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=pubo&ipl=2446008&fpa=783&pcm=3&grdc=CAE.&vc=3&said=022E9DE9-3F80-4667-AC92-AFF730C87BE9&ict=Unknown&auct=1&im=1&mc=8fd1d245-c4a7-47ff-86ff-7b2d812a5662
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=5254F485-7446-412D-A850-03FC30763827&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
ad0cc7be6bc21f378b931273b46d15f25dd9d06ab990fadd5c61f99f690a0ebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=645769;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ Frame 5FAB 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=645769;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=5254F485-7446-412D-A850-03FC30763827&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
f61a0000cea1417e8b404084ce2f004677a6f6e6494185efd1c1c9ac15b7ab12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1446
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
59213329
unified.adsafeprotected.com/v2/906389/ Frame 5FAB 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/906389/59213329?mon=59213341&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssdSXUCVfqNjI5AcPoF_L0XZeSgnXChSF-6HI2oqYqUIMlMU_I9bb62vmMjw3pqphxX1qpseTwRD-gaqsz19yECyqne99iMS19mpR6m7gLOHOAGTOjkySwup9qGMEAM5-_WSYOruppHwYz7tvkFae5YrA%26sig%3DCg0ArKJSzER-beNKegr3EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891%3Bsz%3D0x0%3Bord%3D645769%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5NzUwNzk4NjAyCg%3Bdc_cid%3D163131182%3Bdc_adid%3D515409227%3Bdc_vpaid%3D0%3B
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?embedded=1&pubId=156858&siteId=630907&adId=2446008&vtype=1&imprId=5254F485-7446-412D-A850-03FC30763827&adServerId=243&campaignId=22918&crID=21ht9242&ucrid=12824810715055717997
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.31.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a2e27afd1ef8ac4bcee653bc6bd171516d7b66b4022b429bd8570b2b0458503f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3700
PugMaster
image6.pubmatic.com/AdServer/ Frame C84C 		1000 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16922110&p=156858&s=630907&a=2446008&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7370d2f0365e8a6c8fb15cb73125570372163ca40525f6a740409a78c494ca07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1000
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1099
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
1 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 17 Dec 2021 14:19:58 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug001:0:478
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbychwAMpscx0wBR&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Fri, 17 Dec 2021 14:19:58 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1639750799.650282,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
ids
idsync.frontend.weborama.fr/ Frame C84C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2930308176
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
35.201.81.244 -, , ASN (),
Reverse DNS
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
via
1.1 google
last-modified
Fri, 17 Dec 2021 14:19:58 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7F2FA0F-BCDE-42E2-84FF-7737E2162664
date
Fri, 17 Dec 2021 14:19:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
F7F2FA0F-BCDE-42E2-84FF-7737E2162664
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C84C 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F7F2FA0F-BCDE-42E2-84FF-7737E2162664?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame C84C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_1f77de5c-8138-4ee3-86ab-9997aa875de3&bsw_param=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:478
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fa39ba2a-54f1-4f5d-b922-494164a3cb9c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 17 Dec 2021 14:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C84C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9192358177570622074&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9192358177570622074&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:983
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9192358177570622074&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame C84C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F7F2FA0F-BCDE-42E2-84FF-7737E2162664&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame C84C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:622
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:57 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
track
aktrack.pubmatic.com/ Frame 5FAB 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446008&wa=243&ts=1639750798&wc=22918&crId=21ht9242&ucrid=12824810715055717997&impid=5254F485-7446-412D-A850-03FC30763827&advertiser_id=8730&ecpm=0.524032&er=982&pfi=1&ch=3&it=5&vadFmt=6&vapi=2&sURL=threatpost.com&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
content-length
0
content-type
text/html
/
insight.adsrvr.org/enduser/video/ Frame 5FAB 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=error&vec=900&ast=[ASSETURI]&imp=e49d9ef0-5bcd-4f71-bee1-5a31718663ac&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=jba&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=pubmatic&uhow=135&agsa=&wp=0.476778&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=156858&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55GgAwAjgBSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=pubo&ipl=2446008&fpa=783&pcm=3&ict=Unknown&said=022E9DE9-3F80-4667-AC92-AFF730C87BE9&auct=1&grdc=CAE.&sfe=13f41c8e&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dc_oe=ChMI5Zz73oPr9AIVt-ERCB0TYw3sEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame 5FAB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zz73oPr9AIVt-ERCB0TYw3sEAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
aktrack.pubmatic.com/ Frame EC90 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156858&s=630907&a=2446008&wa=243&ts=1639750798&wc=22918&crId=21ht9242&ucrid=12824810715055717997&impid=5254F485-7446-412D-A850-03FC30763827&advertiser_id=8730&ecpm=0.524032&e=96&ier=%5Berrorcode%5D&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
content-length
0
content-type
text/html
anwrapper-1.999.0.js
acdn.adnxs-simple.com/vx/static/w/ Frame BA39 		152 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 14:16:07 GMT
Server
nginx/1.13.10
ETag
W/"607d90a7-26103"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
43880
Expires
Sat, 17 Dec 2022 14:19:58 GMT
pack
rb.adnxs-simple.com/ Frame BA39 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.214 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
57.ratbait.prod.ams1.adnexus.net
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:58 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
/
insight.adsrvr.org/enduser/vast/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?iid=25a4bf38-e165-48df-824f-02929bf56344&crid=21ht9242&ttd_preview=0&wp=0.413452&t=1&aid=1712586001358700421&wpc=USD&sfe=13f41c8e&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=pj549kn&ag=ne6xjxo&adv=7kn31tr&sig=14xeBBlgFfbQPxGLAcYnzlyoKQ-uR8bavNfp28ZyOKEc.&bp=0.60891238328346863122&cf=2825436&fq=0&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&uhow=135&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=de&mlang=&svpid=7143&did=&rcxt=Other&lat=0.000000&lon=0.000000&tmpc=&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome+-+Windows&vpb=MidRoll&dc=82&vcc=ELQBGLQBMgQIAggJOgQIAQgCQAFIAVACiAECoAGQA6gB4QHIAQHQAQPoAQOAAgOKAgwIAQgECAIIBQgDCAaaAgIIAqACAqgCAsACAg..&sv=appnexus&pidi=3121&advi=183204&cmpi=2037899&agi=10470660&cridi=21571258&svi=7&cmp=1wh9o3t&vrtd=14%2c15&rurl=https%3a%2f%2fthreatpost.com%2fconti-gang-ransomware-attack-mcmenamins%2f177119%2f&tsig=8Zx9qtktVJdPFFEm4saQSxY7IvbxxrkGcDN2dDAPJwg.&c=CgdHZXJtYW55GgAwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&adpt=anor&ipl=17386659&fpa=679&pcm=3&grdc=CAE.&vc=3&said=647731727338049782&ict=Unknown&auct=1&im=1&mc=8fd1d245-c4a7-47ff-86ff-7b2d812a5662
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
8601f000d7818718e1f6b8d2c3adf777855ac2776688b841966fb3a3e079869c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4C9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 18 Dec 2021 14:20:00 GMT
Date
Fri, 17 Dec 2021 14:19:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 4C9C 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:58 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7b0e06b3-65a0-4d97-b846-bbd2bc51383b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=911950;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891;sz=0x0;ord=911950;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
39ac3a5f5a6e85547dcb01d55809b6740c2daba01195a718000ec90001266ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1445
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
59213329
unified.adsafeprotected.com/v2/906389/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/906389/59213329?mon=59213341&omidPartner=%5BOMIDPARTNER%5D&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=%%TTD_SITE%%&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss73U9qJ5qDWTOodcKwwIsNsDV5QBTnzamymYa9fBPyL49Kkn_Bs4mlbYE03espcNE_mHFDkuVKMRH9r07rORhkd2WnRN7IGSHnZQusorqzj6UZ5AU88teU1fHrMMmn-li00Qfcoqm6qr8xM1L9LFv-Vw%26sig%3DCg0ArKJSzIOfL7dOtY-dEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&originalVast=https://ad.doubleclick.net/ddm/pfadx/N195005.279382INVITEMEDIAINC.D39/B26982132.323069891%3Bsz%3D0x0%3Bord%3D911950%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdk_apis%3D%5BAPIFRAMEWORKS%5D%3Bdc_omid_p%3D%5BOMIDPARTNER%5D%3Bgdpr%3D%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_ves%3DdGltZXN0YW1wOiAxNjM5NzUwNzk4Nzg4Cg%3Bdc_cid%3D163131182%3Bdc_adid%3D515409227%3Bdc_vpaid%3D0%3B
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.31.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
088ed39e95425cbaff55ed401e370502dd3a53e41cb98e206c2e417c0b070f49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3699
vpaid.2021.12.06-18.16-53fa379.js
static.adsafeprotected.com/ias/v1/ Frame 7D7F 		176 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
hyJglT2AMtiKneQgCKziicxwLGehBl.d
content-encoding
gzip
etag
W/"a646de29f94b35023f777c84e6559a47"
age
154572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 08 Dec 2021 16:04:48 GMT
server
AmazonS3
date
Wed, 15 Dec 2021 19:23:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
c9f-PDh4308--kgTFxk18797z683XNKea87_NeZ7fLdEZ1bbMT-Hgw==
pack
rb.adnxs-simple.com/ Frame BA39 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.214 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
57.ratbait.prod.ams1.adnexus.net
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:58 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
skeleton.js
pixel.adsafeprotected.com/db2/video/906389/59213329/ Frame BA39 		40 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/906389/59213329/skeleton.js?videoId=c0be374f0494dce9a1ff1967de537deb&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&adsafe_type=abdq&adsafe_jsinfo=br:c
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.242.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154008f409ce895349d780096618cb2a454f04ff325461861f28f9431182df6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
content-encoding
gzip
x-server-name
app23.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
X-Server-Name
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
skeleton.js
pixel.adsafeprotected.com/fwjsvid/st/906389/59213329/ Frame BA39 		229 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/fwjsvid/st/906389/59213329/skeleton.js?videoId=c0be374f0494dce9a1ff1967de537deb&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss73U9qJ5qDWTOodcKwwIsNsDV5QBTnzamymYa9fBPyL49Kkn_Bs4mlbYE03espcNE_mHFDkuVKMRH9r07rORhkd2WnRN7IGSHnZQusorqzj6UZ5AU88teU1fHrMMmn-li00Qfcoqm6qr8xM1L9LFv-Vw&sig=Cg0ArKJSzIOfL7dOtY-dEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213341&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=68942c01-d8d9-4535-9279-b76aeaceaf36&adsafe_par=&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.12.06-18.16-53fa379.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.242.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1f9d39659e13ef6c39ab72080d15b2e58fbc62bf06bb6d2d9bb90ccd1f0f1246

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
file.mp4
r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,i...
64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/817A2BE16D80366AF019EDB64F7CE352A5A8F65C.817A515C9134B2BB1F54F8565B9F50BDDD96EFBE/key/cms1/cms_redirect/yes/mh/xK/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:3c::7 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 10 Dec 2021 14:42:37 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2230821/2230822
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2230822
Expires
Fri, 17 Dec 2021 14:19:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/817A2BE16D80366AF019EDB64F7CE352A5A8F65C.817A515C9134B2BB1F54F8565B9F50BDDD96EFBE/key/cms1/cms_redirect/yes/mh/xK/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
655
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame BA39 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=mute&imp=25a4bf38-e165-48df-824f-02929bf56344&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=appnexus&uhow=135&agsa=&wp=0.413452&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=7143&rlangs=de&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55GgAwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=anor&ipl=17386659&fpa=679&pcm=3&ict=Unknown&said=647731727338049782&auct=1&grdc=CAE.&sfe=13f41c8e&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:58 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dc_oe=ChMI27uG34Pr9AIVq9gRCB273gr6EAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame BA39 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI27uG34Pr9AIVq9gRCB273gr6EAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7D7F 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss73U9qJ5qDWTOodcKwwIsNsDV5QBTnzamymYa9fBPyL49Kkn_Bs4mlbYE03espcNE_mHFDkuVKMRH9r07rORhkd2WnRN7IGSHnZQusorqzj6UZ5AU88teU1fHrMMmn-li00Qfcoqm6qr8xM1L9LFv-Vw&sig=Cg0ArKJSzIOfL7dOtY-dEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.png
unified.adsafeprotected.com/ Frame 7D7F 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vdGhyZWF0cG9zdC5jb20vY29udGktZ2FuZy1yYW5zb213YXJlLWF0dGFjay1tY21lbmFtaW5zLzE3NzExOS8ifX0sImNiIjoxNjM5NzUwNzk4MzM2LCJpYXNfc2luZ2xldGFnIjp0cnVlLCJpYXNfc2luZ2xldGFnX291dGNvbWUiOjEsImhlYWRlcnMiOnsiaGVhZGVyOCI6Imlhc28ifSwiY3VzdG9tIjp7ImN1c3RvbTciOiI5MDYzODkiLCJjdXN0b204IjoiNTkyMTMzMjkiLCJjdXN0b20xMSI6IjIwMjEuMTIuMDYtMTguMTYtNTNmYTM3OSIsInhzaWQiOiI2ODk0MmMwMS1kOGQ5LTQ1MzUtOTI3OS1iNzZhZWFjZWFmMzYiLCJjdXN0b20xOSI6ImJsb2NrZWQifX0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.31.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-31-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 14:19:58 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.js
pixel.adsafeprotected.com/db2/video/906389/59213329/ Frame BA39 		92 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/db2/video/906389/59213329/skeleton.js?ias_callback=__IntegralAS_9f496b6d3c2a6acb9e720cb6669cf1cd_1307&videoId=c0be374f0494dce9a1ff1967de537deb&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss73U9qJ5qDWTOodcKwwIsNsDV5QBTnzamymYa9fBPyL49Kkn_Bs4mlbYE03espcNE_mHFDkuVKMRH9r07rORhkd2WnRN7IGSHnZQusorqzj6UZ5AU88teU1fHrMMmn-li00Qfcoqm6qr8xM1L9LFv-Vw&sig=Cg0ArKJSzIOfL7dOtY-dEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213341&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=68942c01-d8d9-4535-9279-b76aeaceaf36&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fthreatpost.com%2F&adsafe_type=f&adsafe_jsinfo=,id:9f496b6d-3c2a-6acb-9e72-0cb6669cf1cd,c:x40svq,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-6d588df4d9-qnc7m,rg:ie,pt:2-5-15,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,vc:jv3,nbld:0,mtim:3,fm:sRRpf3L+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m11%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m2%7C1m3%7C1m4%7C1m5%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o%7C1p%7C1q11%7C1r*.906389-59213329%7C1r1%7C1r2,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:env,smm:ibgm,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:fwjsvid,et:32,oid:6a65e426-5f44-11ec-8be4-a686adad75fb,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/906389/59213329/skeleton.js?videoId=c0be374f0494dce9a1ff1967de537deb&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss73U9qJ5qDWTOodcKwwIsNsDV5QBTnzamymYa9fBPyL49Kkn_Bs4mlbYE03espcNE_mHFDkuVKMRH9r07rORhkd2WnRN7IGSHnZQusorqzj6UZ5AU88teU1fHrMMmn-li00Qfcoqm6qr8xM1L9LFv-Vw&sig=Cg0ArKJSzIOfL7dOtY-dEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&bundleId=[BUNDLEID]&ias_xappb=%%TTD_SITE%%&mode=strict&mon=59213341&redirectedRetries=0&vastVersion=2&xmapp=0&xmtp=v&xsId=68942c01-d8d9-4535-9279-b76aeaceaf36&adsafe_par=&logTestResults=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.242.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-242-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
925e1a0ef57e451e202a9eda282c303a97404b34d4d9a991872949cfb68fd1a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
content-encoding
gzip
x-server-name
app24.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
application/javascript;charset=utf-8
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 40D5 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
6675089
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
zWdFacueFwPy0i4WbFGcr36pKCylR5DmqIiNb73Lv1ABEf-hlzFQJQ==
skeleton.js
static.adsafeprotected.com/
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/906389/59213329/skeleton.js?videoId=c0be374f0494dce9a1ff1967de537deb&apiframeworks=[APIFRAMEWORKS]&blockedAdTracking=https://googleads4.g.doubleclick.net/pc...
  • https://static.adsafeprotected.com/skeleton.js
17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
2600:9000:223f:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
age
14103843
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ZjnV5ySUFg6YgfAOedSwAY1me5b37NWygxpndROuhIlajOz4zg-Hdw==

Redirect headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
x-server-name
app25.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=9f496b6d-3c2a-6acb-9e72-0cb6669cf1cd&tv=%7Bc:x40svQ,pingTime:-4,time:57,type:m,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:31%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-13,tp:adImpression,sl:undefined,ad_duration:30,width:400,height:225,volume:0,integral_timeToDecision:42,integral_didBlock:true,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:-13,tp:adError,sl:i,ad_duration:30,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:57,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:31,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~100%5D,as:%5B50~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRRpf3L+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m11%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m2%7C1m3%7C1m4%7C1m5%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o%7C1p%7C1q11%7C1r*.906389-59213329%7C1r1%7C1r2,idMap:1r*,rmeas:1,rend:1,renddet:env%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=9f496b6d-3c2a-6acb-9e72-0cb6669cf1cd&tv=%7Bc:x40svR,pingTime:-1,time:58,type:u,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:31%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-13,tp:adImpression,sl:undefined,ad_duration:30,width:400,height:225,volume:0,integral_timeToDecision:42,integral_didBlock:true,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:-13,tp:adError,sl:i,ad_duration:30,width:400,height:225,volume:0%7D%5D%7D,ndt:0,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:58,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:31,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~100%5D,as:%5B51~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRRpf3L+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m11%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m2%7C1m3%7C1m4%7C1m5%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o%7C1p%7C1q11%7C1r*.906389-59213329%7C1r1%7C1r2,idMap:1r*,rmeas:1,rend:1,renddet:env,lt:4%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=9f496b6d-3c2a-6acb-9e72-0cb6669cf1cd&tv=%7Bc:x40sw1,pingTime:-2,time:68,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:266,beZ:267,mfA:268,cmA:270,inA:270,inZ:275,prA:275,prZ:293,si:298,poA:300,poZ:321,cmZ:321,mfZ:321,loA:329,loZ:332,ltA:333,ltZ:333%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:400.225,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:31%7D%5D,ve:%7BvEventCount:2,vEvents:%5B%7Bt:-13,tp:adImpression,sl:undefined,ad_duration:30,width:400,height:225,volume:0,integral_timeToDecision:42,integral_didBlock:true,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:-13,tp:adError,sl:i,ad_duration:30,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:68,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:31,wc:0.0.1600.1200,ac:1199.974.400.225,am:v,cc:1199.974.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B61~100%5D,as:%5B61~400.225%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:sRRpf3L+11%7C12%7C13%7C1411%7C1421%7C143%7C144%7C145%7C1461%7C147%7C148%7C15%7C161%7C17%7C181%7C19%7C1a1%7C1b%7C1c%7C1d11%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m11%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m2%7C1m3%7C1m4%7C1m5%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o%7C1p%7C1q11%7C1r*.906389-59213329%7C1r1%7C1r2,idMap:1r*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:env,slid:%5Bcnx-ad-slot-58f7b962-6ba7-44e6-af68-3abb1daf5c8a,cnx_bid_slot_1c6066c0-108d-42cb-80fa-d05e0eab0d55%5D,sinceFw:34,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
file.mp4
r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... 		225 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/06a777dbebe3c9d3/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3783595358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/817A2BE16D80366AF019EDB64F7CE352A5A8F65C.817A515C9134B2BB1F54F8565B9F50BDDD96EFBE/key/cms1/cms_redirect/yes/mh/xK/mip/2a01:4f8:150:2008:35::1/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1639750357/mv/m/mvi/2/pl/49/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::7 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=65536-

Response headers

date
Fri, 17 Dec 2021 14:19:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Dec 2021 14:42:37 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 65536-2230821/2230822
client-protocol
quic
cache-control
private, max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2165286
expires
Fri, 17 Dec 2021 14:19:59 GMT
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pack
rb.adnxs-simple.com/ Frame BA39 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.214 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
57.ratbait.prod.ams1.adnexus.net
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://threatpost.com
date
Fri, 17 Dec 2021 14:19:59 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
/
insight.adsrvr.org/enduser/video/ Frame BA39 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=error&vec=901&ast=[ASSETURI]&imp=25a4bf38-e165-48df-824f-02929bf56344&ag=ne6xjxo&crid=21ht9242&cf=2825436&fq=0&t=1&td_s=threatpost.com&rcats=mvk&mcat=&mste=threatpost.com&mfld=4&mssi=&mfsi=&sv=appnexus&uhow=135&agsa=&wp=0.413452&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=7143&rlangs=de&mlang=&did=&rcxt=Other&tmpc=&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=MidRoll&c=CgdHZXJtYW55GgAwAjgCSABQAYABAIgBApABAA..&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnM.&durs=UvAXvs&crrelr=&npt=&mk=Google&mdl=Chrome%20-%20Windows&adpt=anor&ipl=17386659&fpa=679&pcm=3&ict=Unknown&said=647731727338049782&auct=1&grdc=CAE.&sfe=13f41c8e&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:59 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
dc_oe=ChMI27uG34Pr9AIVq9gRCB273gr6EAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
ade.googlesyndication.com/ddm/activity/ Frame BA39 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI27uG34Pr9AIVq9gRCB273gr6EAAYACCu3uRN;met=1;ecn1=1;etm1=0;eid1=200015;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 71BC 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1554385114717308&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=35DDE651-08BF-4072-B0FD-946BEC124B2D&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2834&dt=1639750798541&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=2601754437491060&ged=ve4_td15_tt12_pd15_la15000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
fra1-ib.adnxs.com/vast_track/ Frame EC90 		0
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/vast_track/v2?info=agAAAAMArgAFAQmOnLxhAAAAABGFv0oC5VPEFxmNnLxhAAAAACCa5I6dASgAMMAIOOc3QMyyYUjD6pcCUKOZpQhY4dYBYgJERWgBcAF4AIABAogBApABkAOYAeEBoAEAqAGa5I6dAbABAQ..&s=1cebb3c289418d27a8d2386af42af25a882c67f1&event_type=4&error_code=%5Berrorcode%5D&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Dec 2021 14:19:59 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
76e0ee68-b9ca-4416-8067-02f0de296aba
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=906389&asId=9f496b6d-3c2a-6acb-9e72-0cb6669cf1cd&tv=%7Bc:x40sAy,pingTime:-10,time:349,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639750798698%7C%7Cfdf561c19c8669ba5a2968677d9e84d7%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C5300e053824f6807f868e2c98f272c77%7C%7Ca3431e722250d74222057e4138ccab74%7C%7C27788bb2ad1c7c35576cff1ff50da28c%7C%7Cd5977f5ffe99c9ed68e3192585ce5967%7C%7C0c14cec0d848c1feb4a7dc00151ca759%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.205.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-205-140.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Dec 2021 14:19:59 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E2AE 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1201813464231484&cust_params=domains%3Dthreatpost.com&ad_type=video&us_privacy=1---&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1232260695&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=FAFFA137-B862-4484-A84B-8F5B8DFAB65E&nel=1&eid=44736293%2C44737473%2C44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2919&dt=1639750800043&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=2135894085101783&ged=ve4_td16_tt13_pd16_la16000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:20:00 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
abt
capi.connatix.com/tr/ Frame EC90 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=143023
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.25.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-25-210.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 17 Dec 2021 14:20:00 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 50C1 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=366237373127444&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=4002501869&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=63B520F1-FC02-4BE9-93FA-A9ABBDA09ECB&nel=1&eid=44750604%2C44752052&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2876&dt=1639750802039&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=3592829504474654&ged=ve4_td18_tt15_pd18_la18000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame EC90 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Dec 2021 14:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 71BC 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1269713278119516&cust_params=domains%3Dthreatpost.com&ad_type=video&sdkv=h.3.493.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=3321539204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=35DDE651-08BF-4072-B0FD-946BEC124B2D&nel=1&eid=44750604&top=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&url=https%3A%2F%2Fthreatpost.com%2Fconti-gang-ransomware-attack-mcmenamins%2F177119%2F&loc=about%3Ablank&dlt=1639750784359&idt=2834&dt=1639750804544&cookie=ID%3Df2747d253dc8710f%3AT%3D1639750787%3AS%3DALNI_MbPid7txzloUulYlM5w6RlCUB-2zw&scor=607195964814192&ged=ve4_td21_tt18_pd21_la21000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 14:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3c2b72cea1002c5a3ed02c88b1730d7b
Domain
g.algbid.app
URL
https://g.algbid.app/rtimp?sid=63c14900-5f44-11ec-a37b-f6d32e0ba794&d=threatpost.com&cr=grd_gen11_2&gid=&a=imload&p=YbycgwAJNBkKd_XIAAB-tYOPKNEOwgaQY5r7nQ&r=672707842&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2ylFPlVt5XkhIoO7-D8-n6zfdFG9gAYoan6b7wDUS4kjgx2OhCNAOFT0TdUsQ8fvRi6wyrGk3Hp3Rm9sTmoqEqA&sig=Cg0ArKJSzJSEJQWzGLW5EAE&id=lidartos&mcvt=157&p=0,0,250,970&mtos=157,157,157,157,157&tos=157,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4166723991&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1639750787737&rpt=1925&ec=0&met=mue&wmsd=0

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 string| gAMP_urlhost string| gAMP_urlpath string| gAMP_urlquery string| gAMP_contentid string| gAMP_category string| gAMP_contenttags number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad300x250ATF object| ad300x250ATF2 object| ad728x90ATFTAB object| ad728x90STICKY object| ad300x250ATFTAB object| ad300x250ATF2TAB object| ad320x50ATF object| ad300x250ATFM object| ad300x250ATF2M object| ad2x2skin object| adGoogleAdXInterstitial number| gBrowserWidth object| desktopAdUnits object| tabletAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount function| _0x10e398 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| googletag function| _0x306c object| pbjs function| _0x5af4 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| $ function| jQuery object| gdprDynamicStrings object| kss object| gdprStrings object| sNew object| s0 object| dataLayer boolean| jQueryMigrateHelperHasSentDowngrade object| cnx_usr_storage object| ggeac object| google_js_reporting_queue object| PYB1Fw2 function| PYB1Fw3 object| xop object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| apstagLOADED function| __uspapi function| __uspOpenUI function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI object| google_tag_manager object| gf_global function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format object| gform undefined| __gf_keyup_timeout function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| Placeholders object| kasperskyDynamicaReCaptchaData object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| jQuery11240745169102682397 object| wp object| gf_form_conditional_logic string| gf_number_format function| do_callback object| player_instance_aa88b42860484feda08ac5cfbd4f3c2f object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins boolean| creativeVendorLibraryLoaded object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| twq undefined| google_measure_js_timing object| google_reactive_ads_global_state object| C1r80r function| C1r80b function| xblacklist object| MZ1D6o2 function| MZ1D6o3 function| xblocker object| recaptcha function| cnxProxyTask object| twttr object| ID5 function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| PublisherCommonId object| gaplugins object| gaGlobal object| gaData number| google_global_correlator object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| closure_lm_300676 object| sas object| apntag object| _ADAGIO object| GoogleGcLKhOms boolean| DFPSFMessageEnabled object| ampInaboxIframes object| ampInaboxPendingMessages object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests function| cnxAddEventListener

126 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQ8OqNxtwvCgoI4gEQ8OqNxtwvCgoI5gEQ8OqNxtwvCgoIhwIQ8OqNxtwvCgkICRDw6o3G3C8KCQg6EPDqjcbcLwoJCAsQ8OqNxtwvCgoIjAIQ8OqNxtwvCgoIngIQ8OqNxtwvCgkIXxDw6o3G3C8=
.mrtnsvr.com/sync Name: userId
Value: nOthDzhfp
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQkBE
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.threatpost.com/ Name: _ga
Value: GA1.2.75327613.1639750787
.threatpost.com/ Name: _gid
Value: GA1.2.1012592165.1639750787
.threatpost.com/ Name: _gat_UA-35676203-21
Value: 1
.rubiconproject.com/ Name: khaos
Value: KXAHA4UX-1-F2D6
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1f5Kyn/EO/HCYsttz9VT367yYnFuSDAiNyH6GfBxt1tqoBFgZGyfQYazGDAnZkjgciW6Q58jarRAvAG15loFpV9ffqWu8FjBY=
e.serverbid.com/ Name: azk
Value: ue1-sb1-7c450b50-2882-4810-9d66-f762e093d242
.adnxs.com/ Name: uuid2
Value: 9214095078257359212
threatpost.com/ Name: usprivacy
Value: 1---
threatpost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.threatpost.com/ Name: _pubcid
Value: a14d33b7-9d62-402b-9fc8-d4485caa830c
.twitter.com/ Name: personalization_id
Value: "v1_NUt9/yAUbOr4ZLxeHCydQg=="
.openx.net/ Name: i
Value: a14d33b7-9d62-402b-9fc8-d4485caa830c|1639750787
.adnxs.com/ Name: icu
Value: ChgIzLJhEAoYASABKAEwg7nyjQY4AUABSAEKGAi-rHUQChgBIAEoATCDufKNBjgBQAFIARCDufKNBhgB
.quantserve.com/ Name: mc
Value: 61bc9c83-9b431-88f5b-3a23a
.threatpost.com/ Name: __qca
Value: P0-1237006202-1639750787021
threatpost.com/ Name: cto_bidid
Value: y6Vq5l8lMkJwWExyb0xDN1NxMkQyVVBNaUI3TFdiVldZS0owOWRlRExISlp2eXhSQnp0MXdENGN0V0RZSCUyRkRmVUJ3SGElMkZSSkJCbU5YYnZEQTRvVnFPR3R2YlpZZyUzRCUzRA
threatpost.com/ Name: cto_bundle
Value: mSJsCF95cGUwOEo5WEluOTglMkJjR2JUNmNtVEpIeER6Ymowa0FPQU1aRjBRRm9jcTc0TmIzR2J1WFFSVjN4TUQ4VHpDeUZCaGNMbDhRYVAlMkJyVnluRiUyQlo1dGQ0USUyQndQWFRERUIwZSUyRm0lMkZMdGtiNVE2NWgxTHR5QyUyQiUyRkxPYm5HaVhOJTJCWWZBaQ
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Hbyq/ied!@wnf-Te9(>wL5L!!'ST$jG!=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F7F2FA0F-BCDE-42E2-84FF-7737E2162664
.doubleclick.net/ Name: IDE
Value: AHWqTUnaj6wC7_oh-gp_0a5gJPMHY9DigIJg6F4xBvTIWYz8UFgspuR5oYV_AY44M98
.simpli.fi/ Name: suid
Value: 26CB1C7C2FC7489C9A8BF8D3644C6A1D
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
.adform.net/ Name: uid
Value: 6173820910399809685
.de17a.com/ Name: guid2
Value: 1.8335500312919157432
.algbid.app/ Name: uid_cross
Value: 649c5aea-5f44-11ec-b09e-268d2386a570
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8335500312919157432
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIHU1Cziwz_2coHAcaO-BZ8&KRTB&16514-CAESEIHU1Cziwz_2coHAcaO-BZ8&KRTB&23025-CAESEIHU1Cziwz_2coHAcaO-BZ8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&KRTB&16736-uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&KRTB&23019-uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce&KRTB&23114-uid:6c8e61bc-9c84-4000-8dc8-469a94e4d5ce
.onaudience.com/ Name: cookie
Value: af62533c93b1c3b2
.onaudience.com/ Name: done_redirects104
Value: 1
.threatpost.com/ Name: __gads
Value: ID=f2747d253dc8710f:T=1639750787:S=ALNI_MbPid7txzloUulYlM5w6RlCUB-2zw
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3c2b72cea1002c5a3ed02c88b1730d7b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME42SjI3Sk5NNDQwMEo2TTROTQHSFhZJhubGBinmSQxAkLhnTiuIhgIAXz8LMg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3DOnFUhBAQAb8wI%2F"
.algbid.app/ Name: sid_cross
Value: 63c14900-5f44-11ec-a37b-f6d32e0ba794
.openx.net/ Name: pd
Value: v2|1639750790|gekin0vNiygu
.advertising.com/ Name: APID
Value: UP659dd57d-5f44-11ec-99e4-0279b964837c
.adsrvr.org/ Name: TDID
Value: 962356cb-c8b9-4f32-b6ee-f3ace453922c
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YbychwAMpscx0wBR
.yahoo.com/ Name: A3
Value: d=AQABBIecvGECECy-S_zFPvUzBzCwPVbz7WEFEgEBAQHuvWHGYQAAAAAA_eMAAA&S=AQAAAn8rFdMbAlZo-3m88bfx7WQ
.yahoo.com/ Name: APID
Value: UP659dd57d-5f44-11ec-99e4-0279b964837c
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156858:3
.pubmatic.com/ Name: DPSync3
Value: 1640908800%3A197_219_221_226_227_235_201%7C1639785600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1640304000%3A223%7C1640908800%3A54_56_8_21_13_7_161_220_3%7C1642291200%3A203%7C1640995200%3A35
.casalemedia.com/ Name: CMPS
Value: 3175
.casalemedia.com/ Name: CMID
Value: Ybych0bBg2VgARZg0q0o9AAA
.casalemedia.com/ Name: CMPRO
Value: 1111
.fiftyt.com/ Name: fifid
Value: 1e78a885-f0c7-4300-5bcc-1287eac89ae1
.fiftyt.com/ Name: cs
Value: MTYzOTc1MDc5MXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fPSOFL2XJ5TCJZpuZVXq9XfEPtgGGif6y73VK2NM2c1k
.adfarm1.adition.com/ Name: UserID1
Value: 7042676020962916494
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV&KRTB&19420-CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV&KRTB&22979-CHMdiwchR9sTex3cDXNS0AYkSooTcR7aDSMDlQAV
.pubmatic.com/ Name: PugT
Value: 1639750791
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9214095078257359212
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7042676020962916494
.semasio.net/ Name: SEUNCY
Value: 6E3ED97CC0A958BF
.fiftyt.com/ Name: fppm
Value: 20211217141951
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6173820910399809685&KRTB&23263-6173820910399809685
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-962356cb-c8b9-4f32-b6ee-f3ace453922c&KRTB&22918-962356cb-c8b9-4f32-b6ee-f3ace453922c&KRTB&23031-962356cb-c8b9-4f32-b6ee-f3ace453922c
.casalemedia.com/ Name: CMST
Value: Ybych2G8nIgA
.zeotap.com/ Name: zc
Value: 863562e1-1d0c-462d-63f8-15df34d48ef6
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjS3MDe1AGFzY3NTc2MLEyE-Q13dqnDPYm_vqAiT0goAwcSnIyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjS3MDe1AGFzY3NTc2MLEyE-Q13dqnDPYm_vqAiT0gopXkMzY0tzUwNzSyNjAxMAxwVVuDMAAAA
.audrte.com/ Name: arcki2
Value: beed9fG4BHlQ5SFvXFTjhl2AQ!20210804!1639750792380
.3lift.com/ Name: tluid
Value: 9253254279688304017
.bing.com/ Name: MUID
Value: 3476680B3CC66EA02BA5791B3D146FB4
.servenobid.com/ Name: pid_312
Value: 9214095078257359212
.servenobid.com/ Name: pid_337
Value: y-zGYGNCBE2uGJAG7cA47C5oZX0h0hY8wzYlcHxJc-~A
.quantserve.com/ Name: d
Value: EMABGAH9JPijCJiTCuu4EA
.servenobid.com/ Name: pid_333
Value: Ybych0bBg2VgARZg0q0o9AAABFcAAAAB
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9ce31a8f-4108-4913-8fa7-1d3c19e9665b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Mzk3NTA3OTI7MjswMjErC2vEyGPuckrSTi06H1OWHYPhgeJBGnShyrA689Agvw==
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2198:u=1:x=1:i=1639750792:t=1639837192:v=2:sig=AQFKjVtGhaWEC3MwynRZszTc8ClBhkhs"
.smartadserver.com/ Name: pid
Value: 532837942268189448
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmxpbmpgbmlkbGByShyJb25oAQD_uL5IIAAAAA
.owneriq.net/ Name: si
Value: Q6930371921316669386
.owneriq.net/ Name: p2
Value: cc
.a-mo.net/ Name: amuid2
Value: e2c25946-2f80-4e76-ba6f-09d9472a68df
.bidswitch.net/ Name: tuuid
Value: fa39ba2a-54f1-4f5d-b922-494164a3cb9c
.bidswitch.net/ Name: c
Value: 1639750792
.bidswitch.net/ Name: tuuid_lu
Value: 1639750792
.turn.com/ Name: uid
Value: 9192358177570622074
.lijit.com/ Name: ljt_reader
Value: c76cb7cbd35baf8ec242c663
.criteo.com/ Name: uid
Value: c555caa7-1b45-4bfa-8863-b1ef49638d91
.casalemedia.com/ Name: CMRUM3
Value: 8261bc9c88a8c0&5161bc9c8827601edwR9q1KhfO73AQ0Oc_HNuwJ0bO5XMW0Lc7NCa1&1f61bc9c8805a00&5861bc9c8805a0&4161bc9c8805a0&0461bc9c8827609192358177570622074&0361bc9c8827606c8e61bc-9c84-4000-8dc8-469a94e4d5ce&2761bc9c880b40&0561bc9c8805a0&f161bc9c8705a0&4061bc9c882760no-consent&be61bc9c8805a0&3961bc9c882760978758875873757384&2e61bc9c8805a0&2d61bc9c882760CAESEP9foEBGpwmWO7wLrKMO0v4&bc61bc9c8705a00&6f61bc9c8705a0&2961bc9c8705a0&4961bc9c8805a0&c461bc9c8805a0&ce61bc9c8805a0&e661bc9c882760
.servenobid.com/ Name: pid_324
Value: 978758875873757384
.servenobid.com/ Name: pid_317
Value: 532837942268189448
.servenobid.com/ Name: pid_327
Value: e2c25946-2f80-4e76-ba6f-09d9472a68df
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003%22%7D
.smartadserver.com/ Name: csync
Value: 79:c555caa7-1b45-4bfa-8863-b1ef49638d91
.servenobid.com/ Name: pid_321
Value: RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003
.analytics.yahoo.com/ Name: IDSYNC
Value: "187s~2252:1776~2252:18z8~2252:196n~2252:17ot~2252"
.yahoo.com/ Name: APIDTS
Value: 1639750792
.go.sonobi.com/ Name: HAPLB5G
Value: s57128|Ybyci
.postrelease.com/ Name: opt_out
Value: 1
.volvelle.tech/ Name: ouuid
Value: 25005a97-90f0-4722-b7ee-6b0addc30661
.volvelle.tech/ Name: c
Value: 1639750793
.volvelle.tech/ Name: ouuid_lu
Value: 1639750793
.liadm.com/ Name: lidid
Value: 9bf7274d-a6d0-4a66-aa02-062de05daa36
.gumgum.com/ Name: vst
Value: e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9
.servenobid.com/ Name: pid_309
Value: e_7d7d8b30-2879-4116-8ca5-3e0171cae1a9
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiuga2rytygOhAFGAEgASgCMgsIpvHA6-DcoDoQBTgBWgZndW1ndW1gAg..
.creativecdn.com/ Name: u
Value: jzFFrtrdmFldaoJODWpV
.creativecdn.com/ Name: ts
Value: 1639750793
.admixer.net/ Name: am-uid
Value: 5289f59392dd464e90469e0cf2586c85
.pubmatic.com/ Name: SPugT
Value: 1639750793
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fb3eb052-2f1b-4b21-9fd3-e147683b8fc1-003%22%2C%22nxtrdr%22%3Afalse%7D
.360yield.com/ Name: tuuid
Value: 6b215664-179e-45f1-ae3b-d977f397aa33
.360yield.com/ Name: tuuid_lu
Value: 1639750793
.zemanta.com/ Name: zuid
Value: 9kbxoNjiKYGQhNZUWLQ7
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ae519440598d0ca8
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.outbrain.com/ Name: obuid
Value: f92ece04-f2fa-486f-b4c9-d17a8bdcbf52
.ipredictive.com/ Name: cu
Value: 679c15a4-5f44-11ec-a568-0feef643c50a|1639750794234
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-82c63a78-c667-48b1-56d3-da8abee694be.Uk1o96pWyYHtyD1GdPkSrOEnzzepQ%2BffwTcYKmcpr0Q
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-82c63a78-c667-48b1-56d3-da8abee694be%24ip%2478.47.208.26.m%2FX%2FpAh8ywIk%2FrNKKY1uSowdyrSbKeT%2Bdil3HEqoBNM
.outbrain.com/ Name: criteo
Value: c555caa7-1b45-4bfa-8863-b1ef49638d91

29 Console Messages

Source Level URL
Text
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/conti-gang-ransomware-attack-mcmenamins/177119/
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=nOthDzhfp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://rtb.gumgum.com/usersync?b=sus&i=YbycisCo5sEAAKhqR4QAAAAA
Message:
Failed to load resource: the server responded with a status of 502 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.volvelle.tech
acdn.adnxs-simple.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
analytics.twitter.com
ap.lijit.com
assets.threatpost.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bidswitch-eu.splicky.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
ca14391a824e464380f01ab4b6c02d72.safeframe.googlesyndication.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.rtbrain.app
cds.connatix.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cookie-matching.mediarithmics.com
cr.frontend.weborama.fr
creativecdn.com
cs.emxdgt.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
g.algbid.app
g2.gumgum.com
gcdn.2mdn.net
geo.ipify.org
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
insight.adsrvr.org
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
kasperskycontenthub.com
lit.connatix.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
math-aids-threatpost-tagan.adlightning.com
media.threatpost.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adnxs.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
qd.admetricspro.com
r2---sn-4g5e6nzl.c.2mdn.net
r2---sn-4g5ednds.c.2mdn.net
rb.adnxs-simple.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
threatpost.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
visitor.fiftyt.com
vpaid.pubmatic.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
g.algbid.app
pagead2.googlesyndication.com
pixel.onaudience.com
104.111.215.191
104.111.219.144
104.111.242.53
104.244.42.195
104.244.42.69
134.209.131.220
142.250.185.198
142.250.186.130
146.0.227.110
147.75.61.140
15.197.193.217
151.101.2.137
151.101.2.49
151.101.66.137
159.122.14.34
169.197.150.8
172.217.16.130
172.217.18.98
178.162.133.148
178.162.133.149
178.250.0.163
178.250.2.146
18.156.195.47
18.185.142.87
18.195.155.181
18.220.25.210
18.66.109.174
18.66.112.80
18.66.139.110
185.184.8.65
185.29.132.245
185.64.189.112
185.64.189.229
185.64.190.80
185.64.190.81
185.86.137.107
185.86.138.114
188.34.190.35
192.132.33.46
193.122.174.27
198.148.27.139
198.47.127.19
199.232.136.157
199.38.167.129
2.18.232.130
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
202.241.208.53
205.185.216.42
209.54.177.54
213.155.156.168
213.19.147.42
213.19.147.45
213.32.46.11
216.52.2.19
216.52.2.39
23.37.38.181
23.37.42.132
2600:1f18:444a:4602:2c20:3113:5c28:1366
2600:9000:223c:e600:6:44e3:f8c0:93a1
2600:9000:223f:7200:8:48e:53c0:93a1
2600:9000:2250:200:2:9275:3d40:93a1
2600:9000:236e:8200:0:5c46:4f40:93a1
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:20::ac43:4abf
2606:4700:3039::6815:c084
2606:4700:3039::6815:c096
2606:4700:7::a29f:8a55
2606:4700::6812:272
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:19::7
2a00:1450:4001:3c::7
2a00:1450:4001:802::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9c
2a02:2638::1c
2a02:fa8:8806:16::1400
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
3.126.56.137
3.230.205.140
3.69.225.48
34.102.128.115
34.102.163.6
34.194.166.233
34.248.11.216
34.254.31.103
34.98.64.218
35.173.160.135
35.201.81.244
35.201.96.126
35.210.178.101
35.227.208.19
35.244.174.68
37.157.6.253
37.252.161.190
37.252.167.214
37.252.172.38
37.252.172.45
37.252.173.27
46.105.202.126
51.178.20.140
51.89.20.86
51.89.9.253
52.211.199.54
52.29.20.215
52.42.52.156
52.57.134.242
52.59.53.221
52.59.85.35
54.146.124.230
54.194.104.251
54.210.154.62
54.236.81.149
54.246.208.198
54.81.254.118
54.87.192.123
64.140.160.2
64.74.236.159
66.155.71.149
67.202.105.22
69.173.144.138
69.173.144.165
70.42.32.63
72.251.241.196
76.223.111.18
77.243.60.138
8.43.72.98
85.114.159.118
99.80.242.238
00257bd7cbfbff3eff8c30a842676396dda0a4c09f91c039492695f19aedc40f
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0515037bb5692767b48eb69679c5b688514b09c0db1ad1ce835a09032059ad97
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
077cc1e9ac63192f6ceca7f099d9aea34350d81380016c49e58cefed348e3a07
088ed39e95425cbaff55ed401e370502dd3a53e41cb98e206c2e417c0b070f49
08e113579b5651d09d016b5b261b17690bbea43abe1d42ba8a37ec34e56bd49d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f0df7301c34c2eca16acb0f36fc6f32315c3e2ff7a643f55f2e2fabed68ea0b
117f1d5fc9766ce2f27441e82eefb08b6bd89d0e4905a56cea52732270ec25ee
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
12c25c8364a81b6f848a68cbd9aec0256999bb67d238c95c1d6c7e32f21e2f93
149d5f5d6d83d10433f9bf62f3492bd3a3cc304e172adfd5e949865594666f2b
150e52e02357f8edb5d468903d1e1cb4ab0ddc7ee5e4ac0ef442d6a6c97f0ec3
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2
1c947edb74e618a58ee1ab7a05ef9a041b7c80a2282e6b4f1d8f5d36b7eef864
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1eec2c9585a1ed444790088fa19b18d1d41589e99f492ad2bbd3bdae2b8b24b2
1f9d39659e13ef6c39ab72080d15b2e58fbc62bf06bb6d2d9bb90ccd1f0f1246
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
29f1366d4856fa85d299c62cdfae54f1509fcdfd4bfc270c942ede9aa071cd11
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4bd411643f1d38b78f5d5d0c5c30dac97d662f63cd567cd4ee6361b0b0bf97
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d4f43acaf2e0749680eb279e3e56115b205efe8ca0e2461e3453b65f6c1dc99
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3330f08fa0e23f0811b726000f1680f97b32755bb770e0b7344bf77453ad2944
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
335ad8d33e09d5c3f8f681135ff3059d91b0f4f57d264d069c0af211d5ad667e
33c8996ce27fa6f25e538ead260e2c13189678b05ccae773103cacf04f6570a9
3447eccea23541d5cdbfa1b638441a08b23bc179731973f3ec407a0e27d3d004
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369a23f158a6762065bd75f61790e23b646a53c05528fab1a3678ea0f3e36a1e
369c67a5afb2ffa25d4480b3781a938e7fe7c5633f89d36570e2c1cc23c49eff
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3714e6a97fd7968173ef24d24e1c176cacbbe7276c5223eb6b0b07624bb84d74
3722af644ebbd14b056e01aa1c10128d03ff9c009a459f91918d989878f8bb10
37935087ba925af055dc9c332e085303af2876baa2877cae010429a4b64bbc8d
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39ac3a5f5a6e85547dcb01d55809b6740c2daba01195a718000ec90001266ed8
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e312fe44084e2176996cce5ed30521f8406a8fd92f513aae8e519088f07f1e4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d2015139bec53679695507c35864c4835acd9d796b651ea657cdb7f87a4bff
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4590341c1adee4ed5dc1276e8c8fdebc39a1dc881246ec7861cc36dc4597704d
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
4830f3c6221ce4802e5d35e2222aa8107e2b8c5a55bc1fcbec3a5b5e85487283
48690aaa6fff4d84b3d1de64a8ec77ed01ca244492e10fb776c794ba6c171639
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bf3506350327654efcb2fc00e0fd8b64fa1af8118967d63cf7b5aaa37e052c2
4c1f660e07ede02cbcc3bdfab0c19a98c736318b138858147f32fbf1761636e1
4ca206b346fa88d775d7e28ce592bb5c2f979cba1a13d85a1960a7a19cbbedad
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e87e0f5567b5f703b5ef40731b955f93c565dce13366e17e9541504802fb541
4f9e9067db223a2220874d64cead1ae240f915d18395e7b50a5bc130768c20b3
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
529098e6237ce4b2c7604b8f82621ec7277eb38d11508f1a2b73531a71baf51e
53c6b8fe686636510364065a37cf12a43d4e00c5bc4d6f4e8cbcaddfd3333bcb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557ff88dd81f3d111bb9eeb343c80a44b20b65c6228f73987a2b313aa1d82634
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d92a55f1fbafd95de12168ff7868ed095f56cc0dd401f9e71c81adecef2c3b
58cedf2abf62a7f2ce6fb9305c0ce94d005eb3a3a9daa237c224c23437930c29
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
646231f9abc7ce05cb12d7b047e44c7e954501aa7d2a4ca84aab84dcadd79df7
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
65510a60dfbadc9acd584b249701f0a1c7a542a684d35ea9f614781862cf9aa9
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
69307d0844af6968c81c8cfb96a834b878ea15c84bd19e0384da6ebebc120e40
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8b97800e102b949e4dbd0375de94a685a8bf8a7545ef7ce1b7d05b68094377
6f13e8462e8551e9b881fce3dc6f6195a3d9d227226bb2e8cd975d9c2a58c4fb
7154008f409ce895349d780096618cb2a454f04ff325461861f28f9431182df6
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7370d2f0365e8a6c8fb15cb73125570372163ca40525f6a740409a78c494ca07
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
74ef73490a14e909759253e877aa14c359ec37f3f6e9f42f5b16fdec439c337f
7e8f579fad9385f7a738037357269ff061791fabc7e910b99efceee2d61debb6
7e9d46113f4bafb53bc3320e8e3b8ef6ae14a3f2b434c50f32ce6b0b5c8e6c0c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f8d8b005ca10c15d62e0b19966eae08cfd0080ffe564210d6988837ffbd4d42
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
806cef2bb1b2a0085ffac25fd426a7109ee3435cd377228afafb59ee12f3be09
811ff8a27837825863f62853d3240d7bb18531e3ead18a5aac1651395a167e2d
81dd0de2e048b9a9c47af5e5598bf46a6dc5957d41407002a9e13a9f312d0929
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83eee6b0aa9cd3470265fa05ddf22944c57d76dc5b028ab83a5529db91b32c9a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
8601f000d7818718e1f6b8d2c3adf777855ac2776688b841966fb3a3e079869c
868e5754d812ce238448ec9ea44a4db66bfef62cba0150e30df2579757668ef7
871014b142fa4114ce00c1fc9e7f314c3c1be1ee1bd750aff408ad1962a5fd15
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c444fe399a06df7fe370afffa2a38a704e6db3a62f4f0dbe43f2855b858b466
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90370c759efb343d874c6917b539ffd8003b859225749f8a56877f4a64e9f884
90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de
91fb8f2903a5cd9f2303bc7507598419f2797925cfb6969ddea6bc2dc37d22ca
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
925e1a0ef57e451e202a9eda282c303a97404b34d4d9a991872949cfb68fd1a2
93ea6bdc20f91cdb51ce1eda01673a28dec8f8a82f10bca53315bbc82b63ff33
973bb6bedf0d83c9570d6c610bee89bf811aea738de0fa3ddf5a022890fa9476
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
98d5f6e285ab8f7106a975b2a9cd09623e47618a24f0cdb9f7f6b1aeb4cb28f7
996c77eef455d3ed555cfbb9a3b768a87efb8cda31892fe91782414b908e5605
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e55d8e185bde7966b628c884332800106a265b3977725c80325cd1e057ef9f
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9e92b5a44f4d903251099d4fa2402f27f5fdde6a1cdae942eca358a5f2ccd3d2
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23bc08165f126a071a8b42c36fead9f0a5ca30070a7dcafc0ebd97aa3e40762
a2e27afd1ef8ac4bcee653bc6bd171516d7b66b4022b429bd8570b2b0458503f
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a659dd890b52598ea3ac388e60f5971b92d015782850ac5c12db656b2fc66939
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a786a11fada4fe77a67639b066594244bc82963082552220530d3c98670e0933
a8f69f7cd671ff8ba034539b3f0b37cacd551b571a3ce41f06c192a189c2b3a4
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad0cc7be6bc21f378b931273b46d15f25dd9d06ab990fadd5c61f99f690a0ebb
adc41a9365044e084ca313b5aea0ef41d6b38a19bbc5590e9cecdeee47bba94d
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
af12966475d03b6b1e45449d80ae67fcd2dd05d7558a7e1ae4f457dcc042b28e
b11488d61c18f7b501748f1847ceb71e00891e4440232dd7fbd4e0ac04d9c86e
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b33a361a1d189643afbb2c6debd0467621b8ac9d4c05236b5f181dad527e7343
b3bb57a3ddf9c64b7536b9d33c294f95a5ae15f9b82b7d2318f8c1a70b83b64f
b4526df9fba0ecc0fe6b943c57d50b9243002fc2c7dda8d51387062f520e85e9
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b6d58fcff751fd3b055b866f41ad9dc780bb13c2f61d9ce2790cd03ec1bddc50
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb64b458d21f550c6577ddb2d1bb7a055e029c0a85df128fb3b610052c430e0d
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd581fbe5fab16dfa38dd6dad2c981e2df9ebb554f78af9336056090f2c20259
bdb19f9b971a1026f59a86b5a185008b1b735ac4e1d81aaac3acdc0a15886c62
be3ba2f86654b73dda7d39ed448c90628092498372215fffe2281e0b587a62dc
bed4d22acd1310898d93c5f6323ac56c43c5c4efb90207765f4b7531cd3267f1
c00cf2b833e902c0c6e2573a146f4d33a663499163f17e5eca462eef43c95cda
c17dfcc26d6ed3cc1d800c120b100cc7bcbf03ea1a9c72d8aeadfe9b41d49b2a
c19eabbdebd38b7e2873f4439e52ba33457a026ce69153df189207d1e7402de3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2edb80701f722124ba46824eb9c791bed830a8e8a60133c8b1f04879c0659e3
c53f2745f35e27e6907825f71b1daa7f120a12bcfa418b2c6a5e35d6498699b7
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9
cdd473c0431add43bf20f434cd1e59c1818aa1d7e0c23a91b44787c949f08988
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d627a99d66134fa68f308f7d48b46f8de2424c90d6268d07046208db4816511c
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d66be3c3bd5d5167aa1cb396b3e37b90433bbbc7da0142cccff342b0651b1c77
d73222d0db18078422c0040d73a61960c570b7e7e10fc703c790f53cb26d37b2
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3
de496ff4c85a684334f3a25b38b91c29b43aa696dd3dce7c061065c0b6d649dd
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e439f9030685df6bdc604cdbf87fb562cb34f0b7750d0169e876874a37e7d8d1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e906d65f0689828181478ec6a0527d25b2170b247663bb05d0f285741dfd2de7
e93ac45969400d32abfd48d48ab6b0eb72ad6362eaecf873f96a29aa26358818
e950f047b72b2e9a986a7d140b74d09a651472a991e200ecd268a13a95d1a405
e96ebf0bd2d15e9f70605d2d211ce9adc08d7013d330acdf4e14ee9744a36611
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ed6cc3e4d411248d84eed9acc1d13ad3fd98396734464cf07173588aeb9d02aa
ee15e52cfca28d1026cc1fd08da6928704aa3f7df72d30be9c61a856ec31dd2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
f007e99aae3723e918b449d1042ce4c387b13eaa71187e12ae222f19711e8c28
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1a347afb9072e67cbf91952b4a21c8ce3970e4e31601c0d2be9a6cf6f95e225
f2c408c6ec080d754a6b2bb3459dc170017c67233bafce7f01085a0ca658ccd4
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
f49c1b99b596bc18e280ee6d4fb1faff8b40c18a3d00c8e7814273cfdb4a3ad1
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f61a0000cea1417e8b404084ce2f004677a6f6e6494185efd1c1c9ac15b7ab12
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
f96d800a51302368ea00721e2481eedf256301b608b05815b8a2d71a713f6259
fb5afdf593456498cac88a782c52f2df82cfe897e1bce802e17fa98e9d0489e6
fc02265d40cae8cae2b19aff7cd029b3d332e58aa8edf932ed76f0e412a5d649
ff1558c75d3dd6106e2c794075083bd1dd9c53b239e7a2de6e2df6e7ca5e0440
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914