www.aiupnow.com Open in urlscan Pro
2a00:1450:4001:811::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Submission: On June 22 via api (June 22nd 2022, 5:13:52 am UTC) from GB — Scanned from GB

Summary HTTP 514 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 74 IPs in 6 countries across 63 domains to perform 514 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.aiupnow.com.
TLS certificate: Issued by GTS CA 1D4 on May 25th 2022. Valid for: 3 months.

This is the only time www.aiupnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2009	15169 (GOOGLE) (GOOGLE)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
11	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
14	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	184.73.100.94 184.73.100.94	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 40	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2 6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	3.220.182.115 3.220.182.115	14618 (AMAZON-AES) (AMAZON-AES)
27	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 2	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
45	2606:4700:303... 2606:4700:3032::6815:5654	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.20.147.136 107.20.147.136	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
16	2600:9000:215... 2600:9000:2156:aa00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
1	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.152.90.100 54.152.90.100	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	104.16.139.31 104.16.139.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.20.147.3 217.20.147.3	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	2606:4700::68... 2606:4700::6812:1a47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:10:... 2606:4700:10::6816:2449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17 17	151.101.66.114 151.101.66.114	54113 (FASTLY) (FASTLY)
17	67.26.137.252 67.26.137.252	3356 (LEVEL3) (LEVEL3)
1	2606:4700::68... 2606:4700::6812:4c34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:233... 2606:2800:233:af6:eab:2108:1892:6d8	15133 (EDGECAST) (EDGECAST)
2	34.246.24.138 34.246.24.138	16509 (AMAZON-02) (AMAZON-02)
3	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
24	143.204.101.37 143.204.101.37	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	52.217.200.1 52.217.200.1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
84	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7 13	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	143.204.89.48 143.204.89.48	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:f::760 2a04:4e42:f::760	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:299::1fcf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	104.111.214.240 104.111.214.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
514	74

12 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.aiupnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3002.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

sigma2.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.182.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-182-115.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:c36:: (United States) 1 redirects

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3032::6815:5654 (United States)

ASN13335 (CLOUDFLARENET, US)

snd.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2156:aa00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3002.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.152.90.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-90-100.compute-1.amazonaws.com

recs.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.139.31 (None, )

ASN13335 (CLOUDFLARENET, US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a47 (United States)

ASN13335 (CLOUDFLARENET, US)

www.yummly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:2449 (United States)

ASN13335 (CLOUDFLARENET, US)

media.smallbiztrends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.66.114 (United States) 17 redirects

ASN54113 (FASTLY, US)

www.windowscentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 67.26.137.252 (United States)

ASN3356 (LEVEL3, US)

cdn.mos.cms.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4c34 (United States)

ASN13335 (CLOUDFLARENET, US)

passport.mobilenations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

feeds.feedburner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:af6:eab:2108:1892:6d8 (United States)

ASN15133 (EDGECAST, US)

o.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.24.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-24-138.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blogs.windows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 143.204.101.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-37.fra50.r.cloudfront.net

d2908q01vomqb2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

juliaberolzheimer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.200.1 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

media-mbst-pub-ue1.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-48.fra50.r.cloudfront.net

s37564.pcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:f::760 (United States)

ASN54113 (FASTLY, US)

i.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:299::1fcf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

js-cdn.music.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-240.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	1 MB
45	snd.click snd.click Failed	449 KB
41	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 411	305 KB
28	youtube.com www.youtube.com — Cisco Umbrella Rank: 100 Failed img.youtube.com — Cisco Umbrella Rank: 3532 youtube.com — Cisco Umbrella Rank: 70	2 MB
26	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	362 KB
26	google.com 7 redirects apis.google.com — Cisco Umbrella Rank: 157 adservice.google.com — Cisco Umbrella Rank: 92 accounts.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 9	260 KB
24	cloudfront.net d2908q01vomqb2.cloudfront.net	4 MB
17	futurecdn.net cdn.mos.cms.futurecdn.net — Cisco Umbrella Rank: 11819	1017 KB
17	windowscentral.com 17 redirects www.windowscentral.com — Cisco Umbrella Rank: 77444	19 KB
17	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4123 a.disquscdn.com — Cisco Umbrella Rank: 8666	709 KB
15	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329 fonts.googleapis.com — Cisco Umbrella Rank: 67 jnn-pa.googleapis.com — Cisco Umbrella Rank: 324	159 KB
12	disqus.com sigma2.disqus.com — Cisco Umbrella Rank: 685888 disqus.com — Cisco Umbrella Rank: 3046 referrer.disqus.com — Cisco Umbrella Rank: 6284	117 KB
12	aiupnow.com www.aiupnow.com	474 KB
10	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 555	556 KB
10	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3187	72 KB
10	stackpathcdn.com m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 24802	122 KB
10	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7462 router.infolinks.com — Cisco Umbrella Rank: 3571 rt3002.infolinks.com — Cisco Umbrella Rank: 82104	145 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	381 KB
9	feedburner.com feeds.feedburner.com — Cisco Umbrella Rank: 13358	7 KB
8	smallbiztrends.com media.smallbiztrends.com — Cisco Umbrella Rank: 316387	872 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 318	133 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 91 Failed	38 KB
6	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 12471 1.bp.blogspot.com — Cisco Umbrella Rank: 9517 3.bp.blogspot.com — Cisco Umbrella Rank: 12649	102 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 130	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	59 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	195 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 7938	65 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 382	1 MB
3	juliaberolzheimer.com juliaberolzheimer.com	231 KB
3	windows.com blogs.windows.com — Cisco Umbrella Rank: 71964	522 KB
3	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 6660 api.viglink.com — Cisco Umbrella Rank: 9078	29 KB
3	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 23261 partner.shareaholic.com — Cisco Umbrella Rank: 28246 recs.shareaholic.com — Cisco Umbrella Rank: 49173	953 B
2	pcdn.co s37564.pcdn.co	110 KB
2	amazonaws.com media-mbst-pub-ue1.s3.amazonaws.com — Cisco Umbrella Rank: 193885	440 KB
2	aolcdn.com o.aolcdn.com — Cisco Umbrella Rank: 8393	278 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 236	5 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4465	914 B
2	spotify.com open.spotify.com — Cisco Umbrella Rank: 3624 Failed	36 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793	83 KB
2	shareaholic.net cdn.shareaholic.net — Cisco Umbrella Rank: 26129 www.shareaholic.net — Cisco Umbrella Rank: 22758	7 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 291	721 B
1	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 12279	5 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 438	14 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1083	247 KB
1	apple.com js-cdn.music.apple.com — Cisco Umbrella Rank: 14775	54 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	39 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 265	63 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2961
1	scdn.co i.scdn.co — Cisco Umbrella Rank: 1335	121 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	21 KB
1	w.org s.w.org — Cisco Umbrella Rank: 768	842 B
1	mobilenations.com passport.mobilenations.com — Cisco Umbrella Rank: 233452	50 KB
1	yummly.com www.yummly.com — Cisco Umbrella Rank: 53467	686 B
1	vk.com vk.com — Cisco Umbrella Rank: 4683	571 B
1	tumblr.com api.tumblr.com — Cisco Umbrella Rank: 32424	395 B
1	reddit.com www.reddit.com — Cisco Umbrella Rank: 2782	1 KB
1	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2583	399 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 22655	2 KB
1	bufferapp.com api.bufferapp.com — Cisco Umbrella Rank: 48262	411 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 861	645 B
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 15865	680 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	55 KB
514	63

	Domain	Requested by
84	tpc.googlesyndication.com	googleads.g.doubleclick.net www.aiupnow.com tpc.googlesyndication.com pagead2.googlesyndication.com
45	snd.click	www.aiupnow.com ajax.googleapis.com snd.click
39	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net www.aiupnow.com
26	www.youtube.com	www.aiupnow.com ajax.googleapis.com apis.google.com www.youtube.com snd.click
24	d2908q01vomqb2.cloudfront.net	www.aiupnow.com
20	pagead2.googlesyndication.com	www.aiupnow.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	cdn.mos.cms.futurecdn.net	www.aiupnow.com
17	www.windowscentral.com	17 redirects
16	c.disquscdn.com	sigma2.disqus.com disqus.com c.disquscdn.com
14	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
13	www.google.com	7 redirects www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	www.aiupnow.com	www.aiupnow.com ajax.googleapis.com
10	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
10	mc.yandex.ru	1 redirects www.aiupnow.com mc.yandex.ru
10	m9m6e2w5.stackpathcdn.com	cdn.shareaholic.net www.aiupnow.com
9	www.googletagservices.com	googleads.g.doubleclick.net
9	feeds.feedburner.com	www.aiupnow.com
9	apis.google.com	www.aiupnow.com apis.google.com accounts.google.com www.youtube.com
8	jnn-pa.googleapis.com	www.youtube.com
8	media.smallbiztrends.com	www.aiupnow.com
8	disqus.com	sigma2.disqus.com c.disquscdn.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	ssl.gstatic.com	accounts.google.com www.aiupnow.com
6	www.gstatic.com	apis.google.com googleads.g.doubleclick.net www.youtube.com www.gstatic.com
6	www.facebook.com	www.aiupnow.com ajax.googleapis.com connect.facebook.net
6	fonts.googleapis.com	www.aiupnow.com googleads.g.doubleclick.net tpc.googlesyndication.com snd.click
5	lh3.googleusercontent.com	www.aiupnow.com
4	www.google-analytics.com	www.aiupnow.com www.google-analytics.com www.googletagmanager.com
4	connect.facebook.net	www.aiupnow.com connect.facebook.net
4	resources.infolinks.com	www.aiupnow.com resources.infolinks.com
4	www.blogger.com	www.aiupnow.com
3	s.yimg.com	www.aiupnow.com
3	juliaberolzheimer.com	www.aiupnow.com
3	blogs.windows.com	www.aiupnow.com
3	rt3002.infolinks.com	resources.infolinks.com
3	router.infolinks.com	resources.infolinks.com
3	4.bp.blogspot.com	www.aiupnow.com
2	referrer.disqus.com	www.aiupnow.com
2	s37564.pcdn.co	www.aiupnow.com
2	static.doubleclick.net	www.youtube.com
2	media-mbst-pub-ue1.s3.amazonaws.com	www.aiupnow.com
2	api.viglink.com	cdn.viglink.com
2	o.aolcdn.com	www.aiupnow.com
2	accounts.google.com	apis.google.com www.aiupnow.com
2	yt3.ggpht.com	www.youtube.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	open.spotify.com	www.aiupnow.com ajax.googleapis.com
2	sigma2.disqus.com	www.aiupnow.com sigma2.disqus.com
2	maxcdn.bootstrapcdn.com	www.aiupnow.com maxcdn.bootstrapcdn.com
2	1.bp.blogspot.com	www.aiupnow.com
1	bam.nr-data.net	js-agent.newrelic.com
1	cdn.iubenda.com	snd.click
1	js-agent.newrelic.com	www.aiupnow.com
1	use.fontawesome.com	snd.click
1	a.disquscdn.com	www.aiupnow.com
1	js-cdn.music.apple.com	snd.click
1	cdnjs.cloudflare.com	snd.click
1	youtube.com	1 redirects
1	www.googletagmanager.com	snd.click
1	s0.2mdn.net	tpc.googlesyndication.com
1	res.cloudinary.com	www.aiupnow.com
1	i.scdn.co	snd.click
1	3.bp.blogspot.com	www.aiupnow.com
1	i.ytimg.com	www.youtube.com
1	s.w.org	www.aiupnow.com
1	img.youtube.com	www.aiupnow.com
1	passport.mobilenations.com	www.aiupnow.com
1	www.yummly.com	m9m6e2w5.stackpathcdn.com
1	vk.com	m9m6e2w5.stackpathcdn.com
1	api.tumblr.com	m9m6e2w5.stackpathcdn.com
1	www.reddit.com	m9m6e2w5.stackpathcdn.com
1	api.pinterest.com	m9m6e2w5.stackpathcdn.com
1	connect.ok.ru	m9m6e2w5.stackpathcdn.com
1	api.bufferapp.com	m9m6e2w5.stackpathcdn.com
1	recs.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	cdn.viglink.com	m9m6e2w5.stackpathcdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	www.shareaholic.net	cdn.shareaholic.net
1	resources.blogblog.com	www.aiupnow.com
1	ajax.googleapis.com	www.aiupnow.com
1	cdn.shareaholic.net	www.aiupnow.com
1	contextual.media.net	www.aiupnow.com
514	85

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
www.instagram.com
www.twitter.com
aiupnow.tumblr.com
www.pinterest.com
blocktechnews.blogspot.com
www.blogger.com
securelist.com
thehackernews.com
twitter.com
www.linkedin.com
brucedayne.tumblr.com
aiupnow.com
www.khareemsudlow.com

Subject Issuer	Validity	Valid
www.aiupnow.com GTS CA 1D4	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
cdn.shareaholic.net R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-31`	a year	crt.sh
*.shareaholic.net R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
shareaholic.com Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-06`	a year	crt.sh
*.shareaholic.com R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-01` - `2022-12-08`	6 months	crt.sh
api.bufferapp.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2022-08-16`	2 years	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-21`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
o.aolcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-06-26`	a year	crt.sh
viglink.com Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
blogs.windows.com Microsoft RSA TLS CA 01	`2021-11-05` - `2022-11-05`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
pcdn.co Amazon	`2021-10-13` - `2022-11-10`	a year	crt.sh
*.scdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-08-06` - `2022-09-02`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
authorize.music.apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-19` - `2023-05-19`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
www.iubenda.com DigiCert SHA2 Secure Server CA	`2022-01-31` - `2023-01-31`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 53 frames:

Primary Page: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Frame ID: A2CF3D88D5842AB209AC719355775BC4
Requests: 200 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html
Frame ID: D6772B3B2D3B615BF30BBEEDACF5A89F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
Frame ID: 41783C53E2981C785C65B51B8E8EBB77
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faiupnow%2F&tabs&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=1997641080334383
Frame ID: 66EF4D30D1DB03360D85FFEA266E9D23
Requests: 1 HTTP requests in this frame

Frame: https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light
Frame ID: 7189B5DE277B7F781EBF8D286F376A00
Requests: 1 HTTP requests in this frame

Frame: https://snd.click/mjI0tjt?embed=1
Frame ID: C94A30D37A8939EF70ED0C27D92F4BBA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
Frame ID: E93030A9374C581A185185D3401365D6
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faiupnow%2F&tabs&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=1997641080334383
Frame ID: 50ED302AC038D0CCC404773E2373464D
Requests: 2 HTTP requests in this frame

Frame: https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light
Frame ID: 40D2BCEC77015D3FA0A8F8ED39762ABF
Requests: 1 HTTP requests in this frame

Frame: https://snd.click/mjI0tjt?embed=1
Frame ID: 0AB99738570101A3712CAEF32AB7FF6A
Requests: 57 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&layout=full&count=default&origin=https%3A%2F%2Fwww.aiupnow.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
Frame ID: 44B95CAB592FBD40DC65BA49CAB8ECDD
Requests: 6 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3169767&wsid=0&pdom=www.aiupnow.com&purl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html
Frame ID: C78EFD37A3B7F907E2C01A3461D92057
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=743980787&adf=3719817289&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822436&bpp=3&bdt=370&idt=450&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&correlator=8240063065079&frm=20&pv=2&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XbJS283sxh&p=https%3A//www.aiupnow.com&dtd=479
Frame ID: 9B9FC1B2F12087F6F20861050E4E7633
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538
Frame ID: 47236E699E0F4A846AA09AF37151145A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548
Frame ID: 163918F2EC7DF09A0A378D046B765F7A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=199&slotname=2753253361&adk=2690295274&adf=1186251620&pi=t.ma~as.2753253361&w=796&fwrn=4&lmt=1655871916&rafmt=11&psa=0&format=796x199&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822515&bpp=2&bdt=449&idt=521&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bXgWnLKusC&p=https%3A//www.aiupnow.com&dtd=525
Frame ID: 25B1D89E313FC1A3BBEF88745DC0597F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.aiupnow.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
Frame ID: 5720C22535BFBCDFB27EF541A0F82CB5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=8116729484&adk=3509436417&adf=3654628346&pi=t.ma~as.8116729484&w=796&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=796x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822527&bpp=2&bdt=461&idt=551&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=bH9UnLy8EL&p=https%3A//www.aiupnow.com&dtd=556
Frame ID: B01AC64BDBBD40221EB93A0DC8C858DB
Requests: 10 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
Frame ID: DC66C5019C5AB4EF7CDE5C56AE9F9636
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741
Frame ID: DE8FB6668580A0521495F7FBFB2070D2
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F4A022C6958DCC11ABE675DB51303A61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778
Frame ID: B7B1F395B9EDC1A24F24DC749C34C3E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=1202543000&adf=1574894575&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822552&bpp=2&bdt=486&idt=836&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gCuemFMkvj&p=https%3A//www.aiupnow.com&dtd=843
Frame ID: 323B27CBDE41A6969D59540E676C8434
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=600&slotname=7895522530&adk=850359815&adf=2527300461&pi=t.ma~as.7895522530&w=300&lmt=1655871916&psa=0&format=300x600&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822556&bpp=1&bdt=490&idt=1037&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=3200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XWTlJxeteM&p=https%3A//www.aiupnow.com&dtd=1042
Frame ID: 6FCEC735B523B29F2344D2DD76559063
Requests: 16 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A
Frame ID: B3B4580531D0A094F6A37064210AAFD0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065
Frame ID: BF757408489CD2D651EB093B12D86EFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&adk=1812271804&adf=3025194257&lmt=1655871916&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&ea=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822735&bpp=1&bdt=669&idt=1103&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600%2C250x250&nras=1&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=1111
Frame ID: 50786A83733F1F13079E6C9BB97C5F08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html
Frame ID: A6A09CE19595BF6F8D5D53FE4D8AB917
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AB02176EC6DFCAD640A1E3865C1F875E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html
Frame ID: 50D1AD12B8C7C7EA0EF569EC687BD16F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CqYxGB6WyYqbEBcbV6gSF4oSAC-ay6sdpnajhnNMP0JCA7JACEAEgvfTmcGC7hoCA0AqgAduiqecCyAEJqQKtCl7YGpq0PqgDAcgDSKoEjQJP0DOWiCZrY7EGH_ZR5357mChnAHQyE7Rp0Woz19iFTZtaX0oFQFLZnGi_67KD1xuksTSvSsKz8vt1avuFH4ZcbKkey-dNYl7skx5az5x50vdK6qe4zcb3FAmmcQ1-c3HCszNfSMxWMrGhptFNY-QvCc1MxcMkXeTG9_LY3cLp6qKbgJv-LOvrLDnl429NB9h0sKip3HNml4w2pIcXQbdKV8b37KvLAURUvZ8dkarfH3PXVzA-emjGVcar0JHZSka8W162cENffGtvwcTYuBGQs6YLubghnSBTY88MOB_lS7W8OLn6ifDC2U16KZgCBtkpd4a58-P9sq5jZDQCTnWpnMGQgi-m-oroQnVhhcAEgquO7_YDkgUECAQYAZIFBAgFGASgBi6AB43d1pgBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQv9sN0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=aA_TCEDP7GQ&uach_m=[UACH]&template_id=419
Frame ID: D6A96E8EC796E4D9333991742EB93BB0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D4878A4A9F73A7A9498D04C84C929C8B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CB765E1094691E67B84C826B8332626F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB701ECEFDA4FCF2CE4A7A9ADAD87A3C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205270638000/amp4ads-v0.mjs
Frame ID: 986986AEF931A242E2B707B31493EA17
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 70039465AA394870FA122207218F000D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html
Frame ID: E95EA2BD4394E7ADCBB74B6036524C8C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2KaSB6WyYv7PLIGD7gTXlqGAC5SHuLVq5ebP8uYP-Pv9w48OEAEgvfTmcGC7hoCA0AqgAaa4xNEDyAEJqAMByANIqgSMAk_Q6YYIQHzriVb04a2t9YRsAJmspmnh9atLczQP7XmjE_os0DTHKUGkxwCkuFcNbvvKLsEw2G-uk3g074sQhcG9xWmglFJQa9PKzK2ixTg5GIuUr026BsD5PXPo8Epx7vLMr5jq_jO0FcvYWoKjsERRjowIalbk4v3j9b6vdt3Vrni3i0qciwCofbF60eJzFXUd2sMD_sqlgET3IZWQ7vtx8N8NV2ShGMaeI7LmyMLTgHZzgcpXoaFVTBAJvG9bZ7sxWIu0VV74sFESynGiKEHejXglLLjFPFVN6idBjJ0_BfAz7eBTJyvCPrWSAlmWNDJtEHvdtxcT_Tn7D6TPrBWixoO12UkkSr9wuT_ABJ3f0dDdA5IFBAgEGAGSBQQIBRgEoAYugAfCx7suqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4KcD0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=_Frb3UyX_6U&uach_m=[UACH]&template_id=419
Frame ID: FE200A20670C0032399DB47646EC65CE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 09AEC6011783826502A43F29AA06324D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C0716F114B8E2CA31986EE8320DDF01
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js
Frame ID: 931BCB8DF1B68C48AC1A226BE161A28C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js
Frame ID: FD5DD5B67DCAF3FE46128C74B44F2744
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js
Frame ID: 125798A6FE2F2A8D79C7D4974DCC47E6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js
Frame ID: 57C42BFFBFBB619516D8BA6FA268D11B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
Frame ID: 13B98707330D368A928286356333B57E
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js
Frame ID: DAE6350FCCC118A01E7F9906552612B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js
Frame ID: D9D9FFBEC5FC2129D0A85FB608D06F56
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
Frame ID: DBEB15FDD168F8ADBC337380909C1C9A
Requests: 4 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 5B28E54BF18C55207294584862686BFB
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 866BA57DF66E0096A651B166E64E6F6B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width
Frame ID: D4E7FEA60987259865D2C0607495D62C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F4D81717BFA46F2DAAE3A5DE476ACCC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 164380EE1A4932E30D6A5441E077361D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers #Cybersecurity - The Entrepreneurial Way with A.I.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

514
Requests

96 %
HTTPS

60 %
IPv6

63
Domains

85
Subdomains

74
IPs

6
Countries

16745 kB
Transfer

33150 kB
Size

28
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/c/khareemsudlow?view_as=subscriber?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/aiupnow/

Search URL Search Domain Scan URL

URL: http://www.instagram.com/brucedayne

Search URL Search Domain Scan URL

URL: https://www.twitter.com/aiupnow/

Search URL Search Domain Scan URL

URL: http://aiupnow.tumblr.com/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/brucedayne

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Tech
Title: Big Tech

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Apple
Title: Apple

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Google
Title: Google

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Amazon
Title: Amazon

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Microsoft
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Cybersecurity
Title: Hacker News

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/A.I.
Title: A.I.

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/IoT
Title: IoT

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/SAAS
Title: SAAS

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Cloud
Title: Cloud

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Machine%20Learning
Title: Machine Learning

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Startups
Title: Startups

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/SEO
Title: SEO

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/IPO
Title: IPO

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Ecommerce
Title: Ecommerce

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Entrepreneur
Title: Entrepreneur

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Small%20Business
Title: Small Business

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Gaming
Title: Gaming

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Gadgets
Title: Gadgets

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Music
Title: Music

Search URL Search Domain Scan URL

URL: https://blocktechnews.blogspot.com/search/label/Trippy.Tube
Title: Video

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/18285982209198163447
Title: BruceDayne

Search URL Search Domain Scan URL

URL: https://securelist.com/toddycat/106799/
Title: said

Search URL Search Domain Scan URL

URL: https://thehackernews.com/2021/03/proxylogon-exchange-poc-exploit.html
Title: ProxyLogon Exchange flaws

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thehackernews
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thehackersnews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thehackernews/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/brucedayne

Search URL Search Domain Scan URL

URL: http://brucedayne.tumblr.com/

Search URL Search Domain Scan URL

URL: http://www.instagram.com/ohnocrypto

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/brucedayne

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/khareemsudlow

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7525488504328308640&postID=5877525204739026662&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7525488504328308640&postID=5877525204739026662&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7525488504328308640&postID=5877525204739026662&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7525488504328308640&postID=5877525204739026662&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7525488504328308640&postID=5877525204739026662&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7525488504328308640&postID=5877525204739026662&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://aiupnow.com/

Search URL Search Domain Scan URL

URL: https://www.khareemsudlow.com/
Title: Khareem Sudlow

Search URL Search Domain Scan URL

URL: http://www.facebook.com/aiupnow

Search URL Search Domain Scan URL

URL: http://www.twitter.com/aiupnow

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Learn more

Search URL Search Domain Scan URL

URL: http://aiupnow.com/policy
Title: More info

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://open.spotify.com/follow/1/?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light HTTP 301
https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light

Request Chain 49

https://open.spotify.com/follow/1/?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light HTTP 301
https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light

Request Chain 108

https://mc.yandex.ru/watch/53791720?wmode=7&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbuwalw54%3Afp%3A874%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A601110428392%3Ahid%3A447861480%3Az%3A0%3Ai%3A20220622051343%3Aet%3A1655874823%3Ac%3A1%3Arn%3A803023556%3Arqn%3A1%3Au%3A1655874823129053414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655874821467%3Ads%3A42%2C98%2C455%2C179%2C0%2C0%2C%2C444%2C54%2C%2C%2C%2C1225%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1655874823%3At%3ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%20-%20The%20Entrepreneurial%20Way%20with%20A.I.&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/53791720/1?wmode=7&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbuwalw54%3Afp%3A874%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A601110428392%3Ahid%3A447861480%3Az%3A0%3Ai%3A20220622051343%3Aet%3A1655874823%3Ac%3A1%3Arn%3A803023556%3Arqn%3A1%3Au%3A1655874823129053414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655874821467%3Ads%3A42%2C98%2C455%2C179%2C0%2C0%2C%2C444%2C54%2C%2C%2C%2C1225%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1655874823%3At%3ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%20-%20The%20Entrepreneurial%20Way%20with%20A.I.&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 137

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/steelseries-arctis-pro-sehero-1.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/gyp99tSoQFQSr9iVca5PM7.jpg

Request Chain 138

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/04/steelseries-arctis-pro-dac-cropped.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/moT7iWMxn3qvNhcnX4vsQ7.jpg

Request Chain 139

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/hyper-x-cloud-alpha-blackout-sehero-1.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/xtZtBJVgiPPKiXuENcH2SB.jpg

Request Chain 140

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/hyper-x-cloud-alpha-se-hero.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/z28UUiGgnwUdY6A5fBfZ7Y.jpg

Request Chain 141

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/blackshark-v2-t1bg.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/EzpCsg7nKsdveuodfNS2Ed.jpg

Request Chain 142

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/51jmb3ciuhl._ac_sl1500_.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/xAdetPDojzDvEpfqFnbiqT.jpg

Request Chain 143

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/razer-nari-ultimate-sehero-1.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/PUEwiHAcqCWiJs4G5fJQsL.jpg

Request Chain 144

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/04/razer-nari-ultimate-se_0.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/iCwfEkT8aDe3zcv2eBfdTn.jpg

Request Chain 145

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/plugable-onyx-sehero-1.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/nfMrkBo63jzATa7KNfkQS3.jpg

Request Chain 146

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/10/plugable-onyx-headset.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/Gs3RLqzLnRqPjbJnBnZVAS.jpg

Request Chain 147

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/turtle-beach-elite-aero-sehero-1.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/5b3JbVPPj7APQ2XsqQEFpW.jpg

Request Chain 148

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/01/turtle-beach-elite-atlas-aero-se.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/Dy9bDcYBad4pXDXAJN7PqP.jpg

Request Chain 149

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/steelseries-arctis-1-sehero-1.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/Js4tGk8Xzm2XdntCAoAXgJ.jpg

Request Chain 150

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/05/steelseries-arctis-1-wireless-xbox-cyberpunk-2077-edition-cropped.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/Wk7aXbsccttbpM6apuaPyC.jpg

Request Chain 151

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2018/08/richard-avatar.jpg HTTP 301
https://cdn.mos.cms.futurecdn.net/rqoHuuMZfDvqSrdm3eWFxb.jpg

Request Chain 154

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2018/08/halo-reach-hero.jpg?itok=wmHDT0Is HTTP 301
https://cdn.mos.cms.futurecdn.net/ALmBb3uYRMYE7vPB2xknvF.jpg

Request Chain 155

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/11/halo-reach-se.jpg?itok=QwN53No7 HTTP 301
https://cdn.mos.cms.futurecdn.net/HEy4a8ZD2EspH5g5RMxsJf.jpg

Request Chain 204

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 372

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 391

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 394

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 396

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 400

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 404

https://youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer HTTP 301
https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Request Chain 411

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 434

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 493

https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width

514 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-toddycat-hacker-group-on-experts.html Show response
www.aiupnow.com/2022/06/ 303 KB
57 KB 596ms
455ms Document
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bfcf2f413dc380622c42e0afc707fca3d6a3006ebd7b0f92cd27d9a4d16c9d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 58049
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:41 GMT
etag: W/"6be766a5e75dda699c51b2ccfb04c00baabd25ae67eaa67a6248b534e104d1bf"
expires: Wed, 22 Jun 2022 05:13:41 GMT
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 158ms
41ms Stylesheet
text/css 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 03:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 08:54:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 22 Jun 2023 03:41:11 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 164 KB
55 KB 168ms
71ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUN68BAV

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d4c3f8a7d28fde72a07039591f727ee8f4767d682cc325818262ebac67f266f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-mnt-h: 21-86x8
content-encoding: gzip
etag: "62a6725762c503ca88cc51195e016e6f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 22 Jun 2022 05:13:42 GMT
x-cache-hits: 0
strict-transport-security: max-age=31536000
x-mnt-w: 8-35
expires: Wed, 22 Jun 2022 05:18:42 GMT

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 10 KB
5 KB 107ms
34ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:56 GMT
server: nginx
x-amz-request-id: QNH8WQ4W3E3AP2A4
etag: "879749224dc6aafa8a42879dc68cad9f"
x-hw: 1655874822.cds227.lo4.hn,1655874822.cds232.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 4284
x-amz-id-2: xigMEVFFRFBzsFP0eAN/+f+5Ysg7B4Kdu5B+B6E6OIfm/1c5vQZk+I1rUDYrH8/DJaaiuCczf8s=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 03:07:05 GMT
x-content-type-options: nosniff
age: 7597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96381
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 03:07:05 GMT

GET
H2 200 apple-touch-icon.png
4.bp.blogspot.com/-OvGRVWKCtEI/XrFSUNK8zTI/AAAAAAAAf-o/RxScepL4BaQynp6TJIZk-zO6PMljMoB4wCK4BGAYYCw/s1600/ 37 KB
37 KB 326ms
236ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-OvGRVWKCtEI/XrFSUNK8zTI/AAAAAAAAf-o/RxScepL4BaQynp6TJIZk-zO6PMljMoB4wCK4BGAYYCw/s1600/apple-touch-icon.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c1dd3ae27cd0cf43059c6571c71a67429c3071d2fba84eba2d62809aa38ba3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="apple-touch-icon.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38044
x-xss-protection: 0
server: fife
etag: "v7feb"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 21 Jun 2022 02:47:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 154ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

159ba8031992c474706f80fcf40e53438ccee72d05a768c818ba02a69132d701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56371
x-xss-protection: 0
server: cafe
etag: 11018562760229046067
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 05:13:42 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
680 B 131ms
41ms Image
image/gif 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 11:22:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jun 2022 03:52:23 GMT
server: sffe
age: 150649
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 27 Jun 2022 11:22:53 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 93ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4c83d04a291f7ed50d9ef37e8cb423d387fce35b0f4cedf57086e12d477d4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71f27f07080ee59b-MAN
date: Wed, 22 Jun 2022 05:13:42 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2022 05:33:26 GMT
server: cloudflare
age: 13139
etag: W/"d9c-5e1ee8f4ff79b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 22 Jun 2022 02:34:43 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff152104d728368ece053a5076962e4c7c0f7cbfeaca09969ed0b615d061874e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 22 Jun 2022 05:13:42 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7c25c051a36d9424"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 05:13:42 GMT

GET
H2 200 tumblr_static_8ivylfvb6r4sw840g0cc4k0s8%2B%25281%2529.jpg
4.bp.blogspot.com/-6CyFYpbgHns/XbbfhTPasCI/AAAAAAAAbl0/FSPC-1XBPZkDRPA36WlpLde2w8pzROJegCK4BGAYYCw/s1600/ 55 KB
55 KB 115ms
55ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-6CyFYpbgHns/XbbfhTPasCI/AAAAAAAAbl0/FSPC-1XBPZkDRPA36WlpLde2w8pzROJegCK4BGAYYCw/s1600/tumblr_static_8ivylfvb6r4sw840g0cc4k0s8%2B%25281%2529.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e9c61cb3ab5d2bcfbf8ebddad7f6c531ea3621fc5ab2adfe61a51f479fc3b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="tumblr_static_8ivylfvb6r4sw840g0cc4k0s8 (1).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55898
x-xss-protection: 0
server: fife
etag: "v6e5e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 21 Jun 2022 02:47:34 GMT

GET
H2 200 ABLy4Ex5FiCSCVqy_RqTJlItPhJOi0sCfKwL8zIpnb0UWv-2_-rIgW0pW02dWSqX7scv2qBj_Kid1-5ZFB0qshYHtXUfDx-MyFpsLQdZQyya7SQKbdQkmkMJ-VZMs6XLqAzo3R78X-3akXQBWqsdjcgutPZEGsHOCDc=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 687ms
595ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ex5FiCSCVqy_RqTJlItPhJOi0sCfKwL8zIpnb0UWv-2_-rIgW0pW02dWSqX7scv2qBj_Kid1-5ZFB0qshYHtXUfDx-MyFpsLQdZQyya7SQKbdQkmkMJ-VZMs6XLqAzo3R78X-3akXQBWqsdjcgutPZEGsHOCDc=w72-h72-p-k-no-nu

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

92fdd5d32170b539261767b6e04a3e5efea901fc4b2790bcc426c57145032037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2882
x-xss-protection: 0
expires: Thu, 23 Jun 2022 05:13:42 GMT

GET
H2 200 cookienotice.js Show response
www.aiupnow.com/js/ 6 KB
2 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/js/cookienotice.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Jun 2022 18:54:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 29 Jun 2022 05:13:42 GMT

GET
H2 200 4190539912-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
56 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4190539912-widgets.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04492033d981e2d81e27159207bb9fd9682eca335f7aa76af8922aa0e2bd9a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57153
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 18:18:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 22 Jun 2023 05:02:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 123ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: yAsc/HKO7W9sT5VicdtekjoDf5Xzpbs1vAP0XpWHvtB2YFLkuBAS5scAojqx/AblulgwP0ehZk6Xa/fBk4z3pQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Jun 2022 05:13:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1475
date: Wed, 22 Jun 2022 04:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Jun 2022 06:49:07 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 148 KB
41 KB 102ms
34ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: NFB49KNGRGY1YFX2
etag: "88fa1ed2ddaaae4bf29d6c2a0672314d"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds091.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 41836
x-amz-id-2: HePZJCSNFUOhrCXRPUbrxu5S1nhbgH3/YLE4IrdrYwEBjmZFAYqLDzXrMDSe198oV2+ZRwpicaU=

GET
H2 200 bg1.png
1.bp.blogspot.com/-0bObXH0-WHI/VmnwwA4dQiI/AAAAAAAACVY/NEHl0xoZ58s/s0-r/ 5 KB
5 KB 44ms
42ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0bObXH0-WHI/VmnwwA4dQiI/AAAAAAAACVY/NEHl0xoZ58s/s0-r/bg1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b82f883c1cd11ad9b0f4cd6cea48c70c84a84f41c57ee6e637417ef78182f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 02:57:37 GMT
x-content-type-options: nosniff
age: 8165
content-disposition: inline;filename="bg1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5069
x-xss-protection: 0
server: fife
etag: "v957"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 17:54:36 GMT

GET
H2 200 e68e51f46304cc485d7732b4cf6276c7.json Show response
www.shareaholic.net/config/ 8 KB
3 KB 346ms
113ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/e68e51f46304cc485d7732b4cf6276c7.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6e6221f8603843e33aea69f1eff610fc753d5689ce75d5324f27144a10cb475f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-client-geo-country: GB,United Kingdom
date: Wed, 22 Jun 2022 02:27:44 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-length: 2066
server: nginx
x-client-geo-region: MAN,Manchester
x-client-geo-metrocode
etag: W/"6e6221f8603843e33aea69f1eff610fc"
access-control-max-age: 2000
x-client-geo-city: Manchester
x-varnish: 288547340 288162353
via: 1.1 varnish (Varnish/6.0)
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-zip: M32
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: *
x-client-geo-latlong: 53.450700,-2.318600

GET
H2 200 2653164334924589 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 86ms
85ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2653164334924589?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90844fe274b2657c9a8b9650635ae474d948fa477cdb93392cd7d5cde750c264

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: b9yQUc6DDiG49lus6JO1EPPmaAhAVX56l4YV6Wimuvwb2LS76AgO87+f70DK3lUwwD5zo6Okh42LPd/hv82cfA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Jun 2022 05:13:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655874822458
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600,700|Open+Sans:400,600,700,400italic|Black+Ops+One

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed6f204f27c32404d364e05db560976e69c0ce3f10185cdf41fdb13333045422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 05:13:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 05:13:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 05:13:42 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 198ms
95ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 8934368
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e55ae71d8339ddb30e4376a027623d28
cf-ray: 71f27f08c990cc3e-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 264ms
263ms Stylesheet
text/css 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7525488504328308640&zx=a87b6929-b5aa-4b4b-be0e-53f4e004213c

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 05:13:42 GMT
server: GSE
date: Wed, 22 Jun 2022 05:13:42 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206150101/ 340 KB
120 KB 152ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1342347843351338&plah=www.aiupnow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42f6e92559837dcba7023a3d5fe1a633a0bb5e976ce7664f82d5ef9a1fba7ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122727
x-xss-protection: 0
server: cafe
etag: 13151959517361847599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 05:13:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/ Frame D677 10 KB
5 KB 129ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Jun 2022 18:45:03 GMT
etag: 8616628553774171045
expires: Tue, 05 Jul 2022 18:45:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 133ms
48ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1395041782&t=pageview&_s=1&dl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&ul=en-us&de=UTF-8&dt=New%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%20-%20The%20Entrepreneurial%20Way%20with%20A.I.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=506223532&gjid=337533106&cid=830107522.1655874822&tid=UA-135957145-1&_gid=419796161.1655874822&_r=1&_slc=1&z=1413195402

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aiupnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06c653a370fa90f134601395d21c778e18b7ee9dcf8d295e552c5a2bfd283a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Q4VGM78pc13sWNCy+GrrCw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: T0dZowzMvg8Mf0cNgNbIH8s5cqsGibpU+ggjIJstiGB48lXxQ0wCaaImAS+I5beuY+LO2X7GAXHqGaGMn+0qCA==
x-fb-content-md5: ee7a43e88fdddf2d64dc04f8c35cc4c2
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Jun 2022 05:13:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5ba6fba5d4efaccaeda01df647e3c022"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 22 Jun 2022 05:29:34 GMT

GET
H/1.1 200
OK embed.js Show response
sigma2.disqus.com/ 78 KB
25 KB 105ms
30ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sigma2.disqus.com/embed.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

e0b16aaf102afce67e1bdd00f81c2279e8638817c470e39c8214f65cfc0ccec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:42 GMT
Content-Encoding: gzip
Server: openresty
Age: 119
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25424
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1801.004-3.025/ 178 KB
55 KB 35ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41de08800a265ace2583706a700329c0cef015db686998fccf72fffe6020128c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71f27f08e8cee59b-MAN
date: Wed, 22 Jun 2022 05:13:42 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 12:33:08 GMT
server: cloudflare
age: 13671
etag: W/"2c8b0-5e1e04e727bbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Fri, 22 Jul 2022 01:25:51 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 181 KB
60 KB 125ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

750daaf4023ca6d58e86ee995d0bcc69128d4a2fb882ddef4c5b56dd74ea3f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61171
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:47:58 GMT

GET playlist
www.youtube.com/embed/ Frame 4178 0
0

GET page.php
www.facebook.com/plugins/ Frame 66EF 0
0

GET

1
open.spotify.com/follow/ Frame 7189
Redirect Chain

https://open.spotify.com/follow/1/?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light
https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light

0
0

GET mjI0tjt
snd.click/ Frame C94A 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 106ms
41ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2653164334924589&ev=PageView&dl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rl=&if=false&ts=1655874822569&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655874822568.980246668&it=1655874822393&coo=false&rqm=GET

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 22 Jun 2022 05:13:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 134ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700|Open+Sans:400,600,700,400italic|Black+Ops+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 147424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:16:38 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 195ms
102ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700|Open+Sans:400,600,700,400italic|Black+Ops+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 553729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:24:53 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v29/ 17 KB
18 KB 198ms
110ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700|Open+Sans:400,600,700,400italic|Black+Ops+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738161904fe560fd83c26e301998e35ac1e87cb40bebd4b190a5f141309d40b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:17:23 GMT
x-content-type-options: nosniff
age: 132979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17816
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:26:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 16:17:23 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 168ms
85ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700|Open+Sans:400,600,700,400italic|Black+Ops+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 553678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:25:44 GMT

GET
H3 200 repeat-bg.png
4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/ 229 B
254 B 125ms
42ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/repeat-bg.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 02:04:39 GMT
x-content-type-options: nosniff
age: 11343
content-disposition: inline;filename="repeat-bg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
server: fife
etag: "v9cf"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 09:39:54 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 101ms
52ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 55726
cdn-proxyver: 1.02
cdn-cachedat: 04/09/2022 08:19:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: daef5b141f622ece147a20712326712c
accept-ranges: bytes
cf-ray: 71f27f09fa800229-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 203 KB
70 KB 370ms
180ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3911e4722388593128aab44db997a81319b7cd9013c7d0b3e3896c065abf4a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: br
last-modified: Tue, 21 Jun 2022 07:00:25 GMT
etag: "62b14259-11651"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71249
expires: Wed, 22 Jun 2022 06:13:42 GMT

GET
H2 200 default Show response
www.aiupnow.com/feeds/posts/ 137 KB
37 KB 1740ms
1740ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery111005363202088067898_1655874822403&_=1655874822404

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

4793da764ba41080e563c9c14f8cdb478f612d3c1f6f81f1ece8d5e8d55183be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"8f66531abd97fe12c8265bf333e0f6dbeb883e2bf74b5807b402f4a5098eb0d5"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 38065
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 Microsoft Show response
www.aiupnow.com/feeds/posts/default/-/ 100 KB
30 KB 657ms
657ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default/-/Microsoft?alt=json-in-script&max-results=4&callback=jQuery111005363202088067898_1655874822405&_=1655874822406

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

110641ca3ab7dad6d3932948c5df062a11525250026933fa806a7adb7e09ab00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"e27ec01439cb7c336ef3952ce6f64c7991f41419c3e0873feea9aa1af2aa6910"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 30787
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 Amazon Show response
www.aiupnow.com/feeds/posts/default/-/ 138 KB
34 KB 734ms
734ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default/-/Amazon?alt=json-in-script&max-results=4&callback=jQuery111005363202088067898_1655874822407&_=1655874822408

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

b802d5eb5e91c748d4b445382cd40a7ced94f07a5c54ee1d713403e2712b6238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"d71ed1e9e08eb72b966bdf0b7addd672817c394bd2868cb2972a02d7b0661aba"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 35099
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 Apple Show response
www.aiupnow.com/feeds/posts/default/-/ 82 KB
25 KB 750ms
750ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default/-/Apple?alt=json-in-script&max-results=4&callback=jQuery111005363202088067898_1655874822409&_=1655874822410

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

5275bab553c9cc2b84d80b51ff54ef80c1efebb288881c694cf792888426443f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"6677882bcb10f9a9150c888c64a3d9b27d5997ad89e885946a9ce130ff3ecd33"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 25605
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 VR Show response
www.aiupnow.com/feeds/posts/default/-/ 137 KB
36 KB 685ms
685ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default/-/VR?alt=json-in-script&max-results=4&callback=jQuery111005363202088067898_1655874822411&_=1655874822412

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3898c7eb371c27f6a80b3c5e6da07f1f18717cc0bfde43108e65948b4bcab812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"230ec3187271592010291598a870be786cda87abcc9cc62252292bc7eae9008a"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 36752
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
380 B 347ms
114ms Ping
image/gif 3.220.182.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.182.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-182-115.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:42 GMT
vary: Origin
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin: https://www.aiupnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-security-policy: referrer always
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame E930 206 KB
36 KB 241ms
241ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d64698d99f8cf1ab0a2ec60bd05821b2438c7a5632eed16b9bea1a7821e6cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 22 Jun 2022 05:13:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 page.php Show response
www.facebook.com/plugins/ Frame 50ED 15 KB
6 KB 118ms
76ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faiupnow%2F&tabs&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=1997641080334383

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0511444b22076b1a440c35ee8665bd950b54e953c9eb7c2769a940c60f2248a7

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 22 Jun 2022 05:13:42 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: /glskX9QG0esrEYMvvCvSQGmgYyPG/Z0HtpR9N5JJMVoh1+hMNiHxCSISIkE4IBlTSAy8gqEB9+SRgQF8jyCCQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3

200

1 Show response
open.spotify.com/follow/ Frame 40D2
Redirect Chain

https://open.spotify.com/follow/1/?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light
https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light

0
17 B

51ms
50ms

Document
text/html

2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 05:13:42 GMT
server: envoy
sp-trace-id: 88687b35ca6ac527
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html
date: Wed, 22 Jun 2022 05:13:42 GMT
location: https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light
server: envoy
sp-trace-id: 6a0b3ee89299f351
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google
x-content-type-options: nosniff

GET
H2 200 mjI0tjt Show response
snd.click/ Frame 0AB9 43 KB
11 KB 1854ms
1843ms Document
text/html 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/mjI0tjt?embed=1
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1b7ea59e3eafa1db487594947587ad612bb73df0868fe9adc792acda166cd6

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 71f27f0a3da283ae-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRxQC8gH9owaA5ciboQdYZm0SjMEaWM%2B63AI47GRWSLuKDruvfxy711ieG%2B1MpgJX4kr5XnH2Zd%2BV%2BHBWKJPZwc%2BEsszfn8zfxrpv0HRPe4%2FjJkVGdH4UFKGje7HKjF17tK3zl1CWRE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 122ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700|Open+Sans:400,600,700,400italic|Black+Ops+One

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 553678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:25:44 GMT

GET
H2 200 default Show response
www.aiupnow.com/feeds/posts/ 333 KB
89 KB 1214ms
1214ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default?alt=json-in-script&callback=jQuery111005363202088067898_1655874822413&_=1655874822414

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

03ff0157d55ff75b58478fd3b4ee9694eb2545314ff1d080acc10789c374facc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"70ceedebf8dbe3fb9f88d14912bd6bd4c7422d772d037cef6465b7b1f1754fa7"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 90956
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 create-industry-specific-marketing.html Show response
www.aiupnow.com/2022/06/ 313 KB
60 KB 446ms
446ms XHR
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/2022/06/create-industry-specific-marketing.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8adc228f0767e394cb499718b8c2c9cbd0179a8480985e89ff84df3e53b40745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: GSE
etag: W/"6be766a5e75dda699c51b2ccfb04c00baabd25ae67eaa67a6248b534e104d1bf"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 61028
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 write-techcrunch-guest-post-that-could.html Show response
www.aiupnow.com/2022/06/ 302 KB
56 KB 928ms
928ms XHR
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/2022/06/write-techcrunch-guest-post-that-could.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70da3e4a8b6dec8ea9d499a54ec6441ce226091ce0b5ec27e76b00c5b25218b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: GSE
etag: W/"6be766a5e75dda699c51b2ccfb04c00baabd25ae67eaa67a6248b534e104d1bf"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 57600
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 noreply@blogger.com%20(Ravie%20Lakshmanan) Show response
www.aiupnow.com/feeds/posts/default/-/ 84 KB
25 KB 622ms
622ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default/-/noreply@blogger.com%20(Ravie%20Lakshmanan)?alt=json-in-script&max-results=3&callback=jQuery111005363202088067898_1655874822415&_=1655874822416

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

4bd05bfd667a96d309ae17a38f5d378a892e5aa50294401936cfd63096f3a846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"2c8017417f7b2c7284dfb0eb71155ab17fb2a99ee9e35b30edcbbe9d8f3425ac"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 25844
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=ytsubscribe/exm=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 24 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=ytsubscribe/exm=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23cd07955419539fafbd15f1bea00b8dd008a791ddc4799e4d9341c3b6802f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10024
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:47:59 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=auth/exm=profile,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 78 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=auth/exm=profile,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f39765bdf3ab9ba9fbb4fda70d895af4e6c3cf6d2f499b10e3f939758110398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27810
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:47:59 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 44B9 2 KB
2 KB 76ms
76ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&layout=full&count=default&origin=https%3A%2F%2Fwww.aiupnow.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49e2b032998310b58314ec676d238c2d7796db6e44716f9188cd41eade762e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 22 Jun 2022 05:13:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 294 KB
84 KB 84ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6a483ba87190a7bae7d0f647cb5b9a9b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a02b36b91390e249de2d580f6f7ff71536da2117a7efcb6a0274e22774ef79d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.aiupnow.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: K5v0LQzPzjPvWrEnunCitw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85978
x-fb-rlafr: 0
x-fb-debug: +AD79E3mb36WL70gr+H7xFEDxnl6+6JbbEw5NlP0vDa1HpDDI9whaoONhrlozBt6q9+nfPYHrs7Kcai9rMqCVA==
x-fb-content-md5: 481342920f071f6ceeca3446cecb54ff
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Jun 2022 05:13:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "418bfe9ca97f4e89e85b0f2251d56dd3"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Jun 2023 03:19:15 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame C78E 0
34 B 138ms
128ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3169767&wsid=0&pdom=www.aiupnow.com&purl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 71f27f0ac9d5e59b-MAN
content-length: 0
date: Wed, 22 Jun 2022 05:13:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
36 B 133ms
127ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3169767&wsid=0&pdom=www.aiupnow.com&purl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 71f27f0ac9d6e59b-MAN
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 gsd Show response
router.infolinks.com/ 318 B
521 B 130ms
127ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3169767&wsid=0&pdom=www.aiupnow.com&purl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&jsv=1801.004-3.025&_cb=16558748228290
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1224d07234fde9939af1cea0a28744ddb9a424ec87263dc19bd7b2a1f077cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 71f27f0ac9d7e59b-MAN
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 154ms
154ms Stylesheet
text/css 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7525488504328308640&zx=a87b6929-b5aa-4b4b-be0e-53f4e004213c

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 05:13:42 GMT
server: GSE
date: Wed, 22 Jun 2022 05:13:42 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 179 KB
37 KB 37ms
36ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:54 GMT
server: nginx
x-amz-request-id: NFB2TQ0PKF4N07B3
etag: "49e3d95d37cfa985c04180587e25647b"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds079.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 37579
x-amz-id-2: 41CyigLuzTQn7/nYl7JAl5ek+10YUQYUdhQyr1/KsChb1iMZ7aT+ymqqNZoLyeYpUnnPy8eYpr0=

GET
H2 200 recommendations.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 92 KB
13 KB 50ms
50ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/recommendations.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: NFB5P478EE68WWD6
etag: "bd2f6bef184f7e22b7efe36558d084d4"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds277.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 12624
x-amz-id-2: JCacSqMWtEoyGMrlmSMHg4gyvqgMP2tl7M1aQ5X/zaY+t7TBSm78VLRlW8JM+3tlE/H78MzyZNc=

GET
H2 200 cookieconsent.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 7 KB
3 KB 50ms
49ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/cookieconsent.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f8359c743e903be005a0aec613afaddbb2ced172c0cbbfdb3a7c4d4eabb7407c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: TFVN0Y6H8EGC0D40
etag: "aef9bdc580d3c265975fd443aec07d75"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds328.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 2366
x-amz-id-2: J14K00TVWVJqY4x+Y1Ik42YJMXdA/F4jM7TQOPYpGKlatjyFBOQtAqgpqMPKPOD4pQSV2yetyqE=

GET
H2 200 affiliatelinks.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 997 B
796 B 53ms
52ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/affiliatelinks.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d071d69e25eb8288369459a7fa77275fd654bc22f4965e50ca2e95fe63931c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: NFB7G1TKJQB2PT3W
etag: "99e5164c1e3f1deebc20ff6fd1e5eae7"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds237.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 591
x-amz-id-2: Afu+bPwK18TPOnqMAi3s+YDUmdHnVqo7ECuiQO8VxItReoV4DoSomCY9LBVpP/CY67YbmL8CYsw=

GET
H2 200 anchorad.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 5 KB
3 KB 54ms
53ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/anchorad.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d2edfe4b9da6657460275a1e6ed9d7e114848f0b531ff229774a2dc92a60faf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: MY74W7H4RPSZ3EAY
etag: "6b55e8bbf14ff4a3e432401e0755c778"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds270.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 2514
x-amz-id-2: OsTEdz65qBoKtai4j7sCD0nq2TP01vmV3awIRX/kpLsOvwvxNOm6sWLw5obcCFmUIGBSDS6VMj8=

GET
H2 200 adminbadgei.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 18 KB
4 KB 53ms
52ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/adminbadgei.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 35a8b24bf52d17b340f8ddd9867d39ffb2fa7fa10b6a607da3c60cbc40403fba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: XAX9W2SDHDX1F2BX
etag: "dd06f1b392b92d8aef50214fe24f6bc0"
x-hw: 1655874822.cds279.lo4.hn,1655874822.cds275.lo4.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 4066
x-amz-id-2: zFazaBUviexsNTuGQ9ec20MkdlrIbq63TB+Cn6U0N7YvhrzIKHh9Yeo1Vg+tSmLManAYzBaHzk4=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 372ms
135ms Script
application/javascript 107.20.147.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&cl=en-US&id_sync=1d49c150-c520-4561-a825-3757de2d2028&minify=1&pvs=1&site=e68e51f46304cc485d7732b4cf6276c7
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-147-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:43 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 153ms
49ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.aiupnow.com&callback=_gfp_s_&client=ca-pub-1342347843351338

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1342347843351338&plah=www.aiupnow.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

8d2437a3b18515aee1b2d76f1d05e42ceb83f2e949ea27d3c5d6232eac84bff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 141ms
50ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.aiupnow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
50ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aiupnow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B9F 68 KB
27 KB 475ms
393ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=743980787&adf=3719817289&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822436&bpp=3&bdt=370&idt=450&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&correlator=8240063065079&frm=20&pv=2&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XbJS283sxh&p=https%3A//www.aiupnow.com&dtd=479

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a55ba734c42e1108d5a00d7c34df350ef715fc9dfe0af489295f898492922d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 158ms
47ms Other
text/css 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7984049
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 4RMoZ7vNVDl7ivf9Sk9HU4i_CTIEzFK_eiLT32pxOwRFPr_i0bdGZQ==
x-cache-hits: 0

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ 0
93 KB 193ms
83ms Other
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5474556
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: -6pbWxAG-ZvOxWWFjc8W7RRqr_g-yfoj2HhGsnMBu3QOlsi6QQw8qQ==
x-cache-hits: 0

GET
H2 200 lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
c.disquscdn.com/next/embed/ 0
121 KB 245ms
135ms Other
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1598401
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123109
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1e0e5"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Sat, 03 Jun 2023 17:13:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: zQ__MtZOh17n7EF1iqbfmwNJbWz6PHu3aQKG8oLr9O3BJoDdZ9Gksw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
16 KB 95ms
29ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:43 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15407
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
sigma2.disqus.com/ 64 KB
21 KB 129ms
129ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sigma2.disqus.com/recommendations.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

c6c8fac98dc2cee8c748d2cde7722274ec6cf31efde0d22ad5f58def0e9056ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:43 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21267
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 91 KB
33 KB 138ms
47ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68f9ca423cdc1f9e2eed7a6c49a9f7a20c898a641fa9edbe633ea5e4c24a851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33079
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 16:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:35:40 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 44B9 38 KB
6 KB 127ms
44ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&layout=full&count=default&origin=https%3A%2F%2Fwww.aiupnow.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&layout=full&count=default&origin=https%3A%2F%2Fwww.aiupnow.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 09:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Jun 2023 09:30:03 GMT

GET
H2 200 AKedOLQvEGQZieCyCYqn0YCdtdRHEg6M0BUtm3bgWYwWIQ=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 44B9 2 KB
2 KB 316ms
226ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQvEGQZieCyCYqn0YCdtdRHEg6M0BUtm3bgWYwWIQ=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e7a4de80dbec3e143eea735672c7a5aff8303e551c431f479f7e9f8b6c20b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1675
x-xss-protection: 0
server: fife
etag: "v9f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Jun 2022 07:35:00 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 44B9 252 KB
72 KB 153ms
106ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&layout=full&count=default&origin=https%3A%2F%2Fwww.aiupnow.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 08:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Jun 2023 08:27:50 GMT

GET
H2 200 HgfzMzC5QAT.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame 50ED 18 KB
5 KB 123ms
40ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/HgfzMzC5QAT.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faiupnow%2F&tabs&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=1997641080334383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d942b6eebcffa564cf2969b807b042df53bcf6471948254b63162cbf7b45412e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pbty/bw6UB3r9JUfArZCFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4673
x-fb-rlafr: 0
x-fb-debug: EdkwGnKovX+M6E72CMZkr0uJwZJuFCwTk7RJZ3ZrhuS04xdmfX5laieYM+DUlJZZs2UuebR4B/JxP4bCgeNxqg==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:27:31 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4723 78 KB
26 KB 464ms
457ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15d6d258a1f1e170c07f0b5a806416e89f155f3547a5ff9b3d2d5dc36d5ae29

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6k-7SmwPgCFRiUmgodXgAHbA&gqi=B6WyYse4AZGO3wPe3YuQDg&layout=/sadbundle/%24csp%253Der3%24/92716964203462656/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26323
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6k-7SmwPgCFRiUmgodXgAHbA&gqi=B6WyYse4AZGO3wPe3YuQDg&layout=/sadbundle/%24csp%253Der3%24/92716964203462656/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1639 78 KB
29 KB 587ms
587ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

458cde5732ec7725b01941e8f5de64da8f942659d64b310676cbc73581d6199f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29818
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/50ce972d/ Frame E930 339 KB
47 KB 74ms
40ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ca49f83ae63de5d30ea69c990f093ed7bcbcad34169f7db6b63b759724fb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47644
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:08:30 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/50ce972d/www-embed-player.vflset/ Frame E930 302 KB
93 KB 120ms
86ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3f592c7284d7a75ba9082bec003ef81ace2c99ab03e59998bcb2fbf110dc1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95654
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:09:07 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/ Frame E930 2 MB
535 KB 150ms
116ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1423878f96d42902b1074096646a191e26ca23a5642dc8c682e5304bbaacba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547803
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:17:09 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50ce972d/fetch-polyfill.vflset/ Frame E930 9 KB
3 KB 138ms
104ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:09:07 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25B1 139 KB
45 KB 550ms
550ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=199&slotname=2753253361&adk=2690295274&adf=1186251620&pi=t.ma~as.2753253361&w=796&fwrn=4&lmt=1655871916&rafmt=11&psa=0&format=796x199&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822515&bpp=2&bdt=449&idt=521&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bXgWnLKusC&p=https%3A//www.aiupnow.com&dtd=525

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f805d8680a41f1df39eb9d0ce2740b7870bc1e5656a16905e64545c44f6d91db

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CObj_bSmwPgCFcaqmgodBTEBsA&gqi=B6WyYu3_A9nq3wPpj6GADg&layout=/sadbundle/%24csp%253Der3%24/3499534063342242848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45947
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CObj_bSmwPgCFcaqmgodBTEBsA&gqi=B6WyYu3_A9nq3wPpj6GADg&layout=/sadbundle/%24csp%253Der3%24/3499534063342242848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E930 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 43622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 17:06:41 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 5720 566 B
902 B 155ms
50ms Document
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.aiupnow.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=auth/exm=profile,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_2?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

282abd1cd20c5623d2acd68bd597abbcbabb3e3d14029693c69af7ccd2ff5bb5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-lsafhlRC940Kw9DgNdQtHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-lsafhlRC940Kw9DgNdQtHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 doq.htm Show response
rt3002.infolinks.com/action/ 966 B
1 KB 227ms
168ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3002.infolinks.com/action/doq.htm?pcode=utf-8&r=16558748230711
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c693f73e44bf953f15933e1524c08a847ace141daaacf74bc1e10f9a4d74c1

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: en-GB
access-control-allow-origin: https://www.aiupnow.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 71f27f0ca865188b-MAN
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B01A 94 KB
30 KB 443ms
442ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=8116729484&adk=3509436417&adf=3654628346&pi=t.ma~as.8116729484&w=796&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=796x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822527&bpp=2&bdt=461&idt=551&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=bH9UnLy8EL&p=https%3A//www.aiupnow.com&dtd=556

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4849e42ca45f3c3f17860bbf172b546a14fc05da21941672abd23757886dcd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30927
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame DC66 6 KB
4 KB 144ms
143ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a40602f590fc844c5a6bef03d54f271e9b8a9776868fd2c1616bcfa3f5b28846

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2793
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 22 Jun 2022 05:13:43 GMT
ETag: W/"lounge:view:9228214616.58f1b25ad1a30048122ca39f94b79c14.2"
Last-Modified: Tue, 21 Jun 2022 13:44:57 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 179ms
70ms Script
text/javascript 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 96301
cf-ray: 71f27f0d281e23f7-ZRH
content-length: 28567
x-amz-id-2: 6Yxs+y7PlSdNqjg7XrJGhP2st6LBQ1KFeHyv8O0WARn4VVwRniOCZliswqhKaexZgFnyVhp9sG8=
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: cloudflare
etag: "072eaf64a771815874455704fca9301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: KGP1VAKDJK33792N
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 29 Jun 2022 05:13:43 GMT

GET
H2 200 asid Show response
recs.shareaholic.com/ 99 B
308 B 358ms
115ms Fetch
application/json 54.152.90.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://recs.shareaholic.com/asid?location=https%3A%2F%2Faiupnow.com&api_key=e68e51f46304cc485d7732b4cf6276c7
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.90.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-90-100.compute-1.amazonaws.com
Software: /
Resource Hash: 1a468873ef8f08be7a9bfadcf3d9dc90c83429abce20f5a8326fb869dd7357e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://www.aiupnow.com
date: Wed, 22 Jun 2022 05:13:43 GMT
access-control-allow-credentials: true
content-type: application/json
content-length: 99
vary: Origin, Accept-Encoding, User-Agent
access-control-expose-headers: X-Client-Auth

GET
H2 200 logo.svg
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/badge/ 743 B
601 B 33ms
33ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/badge/logo.svg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 90fadc153cb3202eb4e63fa7f561f19d28ba6b66e1a91a57813c66c3032d54d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 17:41:11 GMT
server: nginx
x-amz-request-id: XAXEBHRMDXRB55NH
etag: "83eda2388bc041d5d753201754724793"
x-hw: 1655874823.cds279.lo4.hn,1655874823.cds296.lo4.c
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 360
x-amz-id-2: k9vG6e+0Dn3AbQKeS43gndbuEGAdH+YYe6pfwwITajmC7rwUiK/zfXyakcakeRDRJbqvN46kPQg=

GET
H2 200 share-button-shadow.png
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/ 405 B
641 B 34ms
33ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-button-shadow.png
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 22a6b5ca081c7e993a6de605757cb5da85573221300021627663e89fb6950b18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 17:41:11 GMT
server: nginx
x-amz-request-id: NFBCWK8APGQKZ24Z
etag: "eb8d7f99f86c638ac8e68c8e4014cbd3"
x-hw: 1655874823.cds279.lo4.hn,1655874823.cds074.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 428
x-amz-id-2: co7sC0vrAcMYNUTKNz5beTzb0y5EsbnXXNPWdBhL7vPNcwIXEjA6r3pBz0eoxUAxjhcO4+tldN8=

GET
H2 200 shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 20 KB
20 KB 92ms
32ms Font
font/woff 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Referer: https://www.aiupnow.com/
Origin: https://www.aiupnow.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
last-modified: Mon, 07 Feb 2022 17:41:10 GMT
server: nginx
x-amz-request-id: 7GX3B7Z1AT9BNC76
etag: "0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
x-hw: 1655874823.cds278.lo4.hn,1655874823.cds030.lo4.c
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 20556
x-amz-id-2: 39X4WTFZt5Z5SwYqtP0IZiCadze/5GJir6DJovbHATYiyovA+QOsA58fN87ifk9XaCccX749pyc=

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE8F 67 KB
27 KB 577ms
574ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e6c2d72399795fca17f0148142cdcfe10e88d357bcfcba5564ff020bd8d8268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27861
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame 5720 0
20 B 136ms
51ms Other
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hf9SaOkV_R3pEb8AUGMPyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.aiupnow.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Hf9SaOkV_R3pEb8AUGMPyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 44B9 156 B
179 B 41ms
40ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 11:08:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 65140
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 11:08:03 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F4A0 0
15 B 41ms
40ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.aiupnow.com
Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.aiupnow.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7B1 99 KB
13 KB 559ms
559ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b35091898c898bcef98c992d7d9e8effc8d0a8a7c4c91e7b9bbd5e3a47e922c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/53791720/
Redirect Chain

https://mc.yandex.ru/watch/53791720?wmode=7&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6...
https://mc.yandex.ru/watch/53791720/1?wmode=7&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1ax...

392 B
474 B

92ms
92ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53791720/1?wmode=7&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbuwalw54%3Afp%3A874%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A601110428392%3Ahid%3A447861480%3Az%3A0%3Ai%3A20220622051343%3Aet%3A1655874823%3Ac%3A1%3Arn%3A803023556%3Arqn%3A1%3Au%3A1655874823129053414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655874821467%3Ads%3A42%2C98%2C455%2C179%2C0%2C0%2C%2C444%2C54%2C%2C%2C%2C1225%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1655874823%3At%3ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%20-%20The%20Entrepreneurial%20Way%20with%20A.I.&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0a7cdae489a25f10c82ff599f33b4e8c978ec008864e35ec64abe2b0f3687271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 22-Jun-2022 05:13:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:43 GMT
last-modified: Wed, 22-Jun-2022 05:13:43 GMT
location: /watch/53791720/1?wmode=7&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbuwalw54%3Afp%3A874%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A601110428392%3Ahid%3A447861480%3Az%3A0%3Ai%3A20220622051343%3Aet%3A1655874823%3Ac%3A1%3Arn%3A803023556%3Arqn%3A1%3Au%3A1655874823129053414%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655874821467%3Ads%3A42%2C98%2C455%2C179%2C0%2C0%2C%2C444%2C54%2C%2C%2C%2C1225%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1655874823%3At%3ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%20-%20The%20Entrepreneurial%20Way%20with%20A.I.&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:43 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 5720 10 KB
5 KB 141ms
42ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.aiupnow.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 11:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 16:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 11:36:15 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 5720 14 KB
5 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90db3808153f3ad1a44baaca1fada1748ccaae82d01eac332939a58373849d01

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 22 Jun 2022 05:13:43 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3959a3722d78b91f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1801.004-3.025/ 156 KB
47 KB 38ms
37ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1801.004-3.025/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71f27f0e1bc9e59b-MAN
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 12:33:08 GMT
server: cloudflare
age: 14179
etag: W/"27068-5e1e04e7273ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Fri, 22 Jul 2022 01:17:24 GMT

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 66 B
411 B 438ms
381ms Script
text/javascript 104.16.139.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&callback=JSONP_6101

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.139.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6a9efadda49bd1d787c3f4aaaae5d44a98d21c03005e43863bd2ea37ed107008

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=43200
cf-ray: 71f27f0e78b454ac-MAN
etag: W/"42-7uR+DRzcQMKoIluenIPmapYjaG4"
expires: Wed, 22 Jun 2022 17:13:43 GMT

GET
H2 200 dk Show response
connect.ok.ru/ 11 B
2 KB 318ms
90ms Fetch
application/json 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&tp=json&ref=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&st.cmd=extLike

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 105 B
399 B 280ms
130ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&callback=JSONP_8545

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

998fc10e25aca6830280b9ba4e34835acaecad15407c042eaf31e1879705364c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.866656b8.1655874823.a039398f
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1765803938087660
content-length: 105
expires: Wed, 22 Jun 2022 05:28:43 GMT

GET
H2 200 button_info.json Show response
www.reddit.com/ 120 B
1 KB 204ms
137ms Fetch
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ratelimit-used: 4
via: 1.1 varnish
x-content-type-options: nosniff
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.05, "failure_fraction": 0.05}
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:43 GMT
x-ratelimit-remaining: 296
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset: 377
accept-ranges: bytes
expires: -1

GET
H2 200 stats Show response
api.tumblr.com/v2/share/ 144 B
395 B 233ms
141ms Fetch
application/json 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tumblr.com/v2/share/stats?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

88b31efaa4bbefe3a418ff4e2501473cc2955dbe30b425b46fc18494a926f44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
access-control-allow-origin: https://www.aiupnow.com
x-rid: 0d1b7f914d77667c83ce94a7681ccbcb
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-type: application/json; charset=utf-8
content-length: 140

GET
H2 200 share.php Show response
vk.com/ 24 B
571 B 277ms
95ms Script
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&act=count&index=1078&callback=JSONP_3088

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / KPHP/7.4.111407

Resource Hash

2c1965b32c1ac348412c93eee1c7b23afbfae3e8e5df67f2bb33cc92694d6b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-frontend: front226205
server: kittenx
x-powered-by: KPHP/7.4.111407
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 44

GET
H2 200 yum-count Show response
www.yummly.com/services/ 11 B
686 B 562ms
448ms Fetch
application/json 2606:4700::6812:1a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yummly.com/services/yum-count?url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
vary: Accept-Encoding
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11
last-modified: Wed, 22 Jun 2022 05:13:43 GMT
server: cloudflare
x-yummly-req-id: 96207b8a-2d39-4619-a2ac-eeb9f81b9f91
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.aiupnow.com
cache-control: private
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71f27f0eeee80215-ZRH
access-control-allow-headers: DNT,User-Agent,Cache-Control,Content-Type,X-Yummly-Auth-Token,Accept,Authorization,If-Match,If-None-Match,If-Modified-Since,If-Unmodified-Since,X-Yummly-App-Id,X-Yummly-App-Key,X-Visitor,X-Yummly-Type,X-Forwarded-For,X-Yummly-Locale,X-Yummly-Domain,X-Yummly-Timeout-Millis

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.aiupnow.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 134ms
50ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aiupnow.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 323B 82 KB
29 KB 412ms
411ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=1202543000&adf=1574894575&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822552&bpp=2&bdt=486&idt=836&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gCuemFMkvj&p=https%3A//www.aiupnow.com&dtd=843

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c744f418c695d36c8dfae25d5577f8c0270b6087ac917ed37aa37c9998d2809c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30119
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 44ms
44ms Other
text/css 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21282618
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: I9baFoGr4cK7CIm8qF9nuKUWYc7lWDVmmIRaGcwRcge9YL9ccIvO7w==
x-cache-hits: 0

GET
H2 200 common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/ 0
87 KB 45ms
44ms Other
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5474546
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88804
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-15ae4"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:17 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: ydUO5LmaTzV8--96myFN7AMka06Ep5P2uGWdGLEZbrB3bumZqiGBvw==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 53ms
53ms Other
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21890880
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: AEcEOhPwXU6UDcV5cIuffAz6xz9x0RLYBzA2ZmTqfikRnV1t3VLc0w==
x-cache-hits: 0

GET
H2 200 industry-specific-social-media-templates-4.jpg
media.smallbiztrends.com/2022/06/ 88 KB
88 KB 217ms
102ms Image
image/jpeg 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/industry-specific-social-media-templates-4.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4afa85f7f4fae2c5833727336ca9744e39e05d97c18cfa030528845974a7e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 58579
cf-polished: degrade=85, origSize=258429
cf-ray: 71f27f0f58b901fc-ZRH
x-cache: Hit from cloudfront
content-length: 89836
last-modified: Fri, 17 Jun 2022 15:30:50 GMT
server: cloudflare
etag: "70c630c825c0b95ea885d63ffb835a7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: sGlkt6vBM0epCVF4uGcUCTzjdIDsHSri
cache-control: max-age=2678400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: x-z0M5zU-u7t8qtbam39oDjdMmwd8KzV9amxY2XcU5SBFWTj-cadqg==
cf-bgj: imgq:85,h2pri

GET
H2 200 templates-1.gif
media.smallbiztrends.com/2022/06/ 179 KB
179 KB 217ms
102ms Image
image/gif 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/templates-1.gif

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be736fbce86037e89ab53b9f20371784deacaebd125fa87a452fbb759184ec1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 55726
cf-polished: origSize=213196
cf-ray: 71f27f0f58bd01fc-ZRH
x-cache: Hit from cloudfront
content-length: 182953
last-modified: Thu, 16 Jun 2022 13:57:25 GMT
server: cloudflare
etag: "bc86c5d4b6e5281bf51ca95ff07c2cb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: gmXXMcBMGspzbPY7KccpiSHQ7sDJRmJQ
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 0g0nbGDGPx_-pX05YdBiJfRkWAvdfvrXIHOzS3WmzS0hczUBWEOR4Q==
cf-bgj: imgq:85,h2pri

GET
H2 200 industry-specific-social-media-post-templates-2.jpg
media.smallbiztrends.com/2022/06/ 76 KB
76 KB 170ms
55ms Image
image/jpeg 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/industry-specific-social-media-post-templates-2.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a30bbada5dcf01392b69cc556f3bead93b9dc97abfcad2afbf2636e79adf59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 55726
cf-polished: degrade=85, origSize=278979
cf-ray: 71f27f0f58be01fc-ZRH
x-cache: Hit from cloudfront
content-length: 77677
last-modified: Thu, 16 Jun 2022 14:10:39 GMT
server: cloudflare
etag: "3f82ce2cdd514abf422a859cd89d8e61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: ._SBi8h3f91Zrl5LM26GPuPM.6My1yQl
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: z0hrZO3hI-46RarrZ1lhEmaKsr_qmmfT77fcddhMxh_Fi6vMgqPTIA==
cf-bgj: imgq:85,h2pri

GET
H2 200 vistacreate-2.jpg
media.smallbiztrends.com/2022/06/ 58 KB
58 KB 216ms
101ms Image
image/jpeg 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/vistacreate-2.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d33dec6befb03aaa2cbf0f6cb0cbbca14b9c2a033945f861ed4fc22ebcb30992

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 55726
cf-polished: degrade=85, origSize=223781
cf-ray: 71f27f0f58c101fc-ZRH
x-cache: Hit from cloudfront
content-length: 59227
last-modified: Thu, 16 Jun 2022 14:08:07 GMT
server: cloudflare
etag: "3356f817f9df4532cb26f2fd869a7dbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: 4pCuEMCag9djQZ80u3g8dukkxU0WHphn
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: ubsF-ootTQNktDLI-DsPEIeS3ugpeRnv3p4-AeRYqLVbvoVJ8P1BhA==
cf-bgj: imgq:85,h2pri

GET
H2 200 industry-specific-social-media-templates-3.jpg
media.smallbiztrends.com/2022/06/ 79 KB
79 KB 217ms
103ms Image
image/jpeg 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/industry-specific-social-media-templates-3.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39547bfe1e151d5b01bd6b1d2d7006751733d08e5204dd374e9cc55be75816c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 55726
cf-polished: degrade=85, origSize=251086
cf-ray: 71f27f0f58c401fc-ZRH
x-cache: Hit from cloudfront
content-length: 81014
last-modified: Thu, 16 Jun 2022 14:13:09 GMT
server: cloudflare
etag: "ae8447a05961aafc66ddcba1c55ffa80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: J23MPTrGBa0rDpuuHEwC2tzaWIAx3Pmi
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: zW1DXC3FFpdcCdSbpc_LkFB41o2b2wpQt2OfG8yTtuZtrfF_rBfmeQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 xmXE73j0-create-with-your-team.gif
media.smallbiztrends.com/2022/06/ 109 KB
110 KB 214ms
102ms Image
image/gif 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/xmXE73j0-create-with-your-team.gif

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd7bda20059d2aa89358f3075f6a205e4cc4392f3a5fbd9198dfbd24a3a0d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 a06cb72e779e366fcd004926eacd5b84.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 48712
cf-polished: origSize=136571
cf-ray: 71f27f0f58c201fc-ZRH
x-cache: Hit from cloudfront
content-length: 111896
last-modified: Thu, 16 Jun 2022 15:01:17 GMT
server: cloudflare
etag: "f4d3242d5946eef23fb7e80ffc86e723"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: M2uQ98KG3EGS1oQRKc.rTJhnpRrvfd3r
cache-control: max-age=2678400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: JcOD6Cigd7v0M6GjmtivWzqSrQjappFPQaYhxLhzJm2eG22xcqM3Dg==
cf-bgj: imgq:85,h2pri

GET
H2 200 vistacreate-3.jpg
media.smallbiztrends.com/2022/06/ 87 KB
88 KB 84ms
82ms Image
image/jpeg 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/vistacreate-3.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a99caa168f3fb7ac80de25881a11c0f9b50d12c848bb7ee2cf7dc6309d8ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 55726
cf-polished: degrade=85, origSize=281032
cf-ray: 71f27f0f78e201fc-ZRH
x-cache: Hit from cloudfront
content-length: 89256
last-modified: Thu, 16 Jun 2022 14:16:44 GMT
server: cloudflare
etag: "c51f27115edd8dda73cd28dd6ad7ef38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: onPY9NKJRk5G_DaigzCXItotmRs7mIqk
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: uZWanB9zijxLRxaUMQQXj_zKEERnd6hMsYVGstM0XdsYRonRWJJ4Gg==
cf-bgj: imgq:85,h2pri

GET
H3 200 ABLy4ExDkoixrAeuVq_liJ1iTl49J7lyWy7DZ1eAnJ69M8or38V2O0bE2xIYkIdLn0dSGtaOjbr3MGyUwDapJfpZpN3SB9kWtynD50RL1TUsT5j5zb8BWheQfvqInC39CfxbZwZdzgf1_WK9e0rluni-TCl7JwDOTF84Z5_R43A=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 210 B
233 B 142ms
56ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4ExDkoixrAeuVq_liJ1iTl49J7lyWy7DZ1eAnJ69M8or38V2O0bE2xIYkIdLn0dSGtaOjbr3MGyUwDapJfpZpN3SB9kWtynD50RL1TUsT5j5zb8BWheQfvqInC39CfxbZwZdzgf1_WK9e0rluni-TCl7JwDOTF84Z5_R43A=s0-d

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c877ae293a83a1b207d78c214657b3ab30c68ebd2f3c50652725d72027e86491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210
x-xss-protection: 0
expires: Thu, 23 Jun 2022 05:13:43 GMT

GET
H3 200 ABLy4EzJ_SOR_2jfVPhTIXMlQVw5JGTr3cSlGwzTX0zqPPb8dMd5VGbrYXDfGoK01x-JdghhbkZrAdZ7Jz1C4aYzZxXE0aMe3vFr8Rp12BAYrzELTM-4TbrwXD-Bq-PqQhsa1yf02DX9=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 168 B
191 B 139ms
55ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EzJ_SOR_2jfVPhTIXMlQVw5JGTr3cSlGwzTX0zqPPb8dMd5VGbrYXDfGoK01x-JdghhbkZrAdZ7Jz1C4aYzZxXE0aMe3vFr8Rp12BAYrzELTM-4TbrwXD-Bq-PqQhsa1yf02DX9=s0-d

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8611123ce21102c202b7ad30b1b2e00b3cf1fac6b925198016168381f074de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 168
x-xss-protection: 0
expires: Thu, 23 Jun 2022 05:13:43 GMT

GET
H3 200 ABLy4Ewj1NQKrDEggUeAG2o1_q0xVNDeTCJTor9vpLqi6C02WwyzLnUW4JlqFYhLZ4fs8gGsrt17DT42A9JEN78GViY06uiOefFi388NWnKzMQyo4YF4cA13-XPL0G6ts4y7jWW3YOjyFpdoc6lUhIhAaCzDAy9tSJOEZ_pQIvYU=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 201 B
224 B 139ms
55ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ewj1NQKrDEggUeAG2o1_q0xVNDeTCJTor9vpLqi6C02WwyzLnUW4JlqFYhLZ4fs8gGsrt17DT42A9JEN78GViY06uiOefFi388NWnKzMQyo4YF4cA13-XPL0G6ts4y7jWW3YOjyFpdoc6lUhIhAaCzDAy9tSJOEZ_pQIvYU=s0-d

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ec03fa7280f5c11bcb80472cbe4cf20138ff96bfb3d26d4eff6fe79a2f935bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0
expires: Thu, 23 Jun 2022 05:13:43 GMT

GET
H3 200 ABLy4EzjMDRwNansAqYfV1G2tBvZ9ud-rsg-28YUE1_FF6KSWzpwzv13NDoe4RbjwGFc2ugQ5Xow7wT_cBzaUI-oUzRDak0GQAPdX6aY-kaQsh-LmZphdJ4ybJkWsQmhLWEUTCA7JZ6jZ5f5fOYsHz6QXYAvKLJwS_38SwSP8y4=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 43 B
65 B 137ms
53ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EzjMDRwNansAqYfV1G2tBvZ9ud-rsg-28YUE1_FF6KSWzpwzv13NDoe4RbjwGFc2ugQ5Xow7wT_cBzaUI-oUzRDak0GQAPdX6aY-kaQsh-LmZphdJ4ybJkWsQmhLWEUTCA7JZ6jZ5f5fOYsHz6QXYAvKLJwS_38SwSP8y4=s0-d

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1da5cd02d74bb5ba944e3ce44037860ac9f42392eec6c99b9543910e1a3a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 23 Jun 2022 05:13:43 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 95ms
91ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
last-modified: Tue, 21 Jun 2022 07:00:25 GMT
etag: "62b14259-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 22 Jun 2022 06:13:43 GMT

GET
H/1.1

200
OK

gyp99tSoQFQSr9iVca5PM7.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/steelseries-arctis-pro-sehero-1.jpg
https://cdn.mos.cms.futurecdn.net/gyp99tSoQFQSr9iVca5PM7.jpg

78 KB
78 KB

1472ms
805ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/gyp99tSoQFQSr9iVca5PM7.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 9fb2ff6f1c5ac72b5464008371d6b44e064c601c90877eadb492016ca5921bc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: InterXion
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 79680
X-FTR-Balancer: bulk-proxy-1
X-FTR-Request-ID: 00000000:9AB0_00000000:0050_6286341F_B422AC:1B489
Server: nginx/1.19.0
ETag: 9852fecde1046992ac2dc0dde063654f
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:04 GMT

Redirect headers

width: 0
age: 662222
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/steelseries-arctis-pro-sehero-1.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.553942,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/gyp99tSoQFQSr9iVca5PM7.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V2:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-STALE-CLUSTER
extension: .jpg
x-age: 2592
content-length: 95
x-ftr-expires: Tue, 21 Jun 2022 12:33:29 GMT
x-ftr-request-id: 00000000000000000000FFFF9D344529:AD9A_00000000000000000000FFFFB9711932:01BB_62A889AA_1BFC1BA2:261593
x-ftr-buildid: 4_14/Jun/2022:12:31:18.447_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/steelseries-arctis-pro-sehero-1.jpg_:V3:H3:R:V4:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11648-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-2
x-resp-is-stale: true
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

moT7iWMxn3qvNhcnX4vsQ7.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/04/steelseries-arctis-pro-dac-cropped.jpg
https://cdn.mos.cms.futurecdn.net/moT7iWMxn3qvNhcnX4vsQ7.jpg

34 KB
35 KB

697ms
47ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/moT7iWMxn3qvNhcnX4vsQ7.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 9baac2c8b8f8e173f13473c10413a4ff7cd82e6438ea22b2757ba5e92cc18bdb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: InterXion
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 35050
X-FTR-Balancer: bulk-proxy-1
X-FTR-Request-ID: 00000000:CFBE_00000000:0050_6286341E_B42288:1B489
Server: nginx/1.19.0
ETag: b215dee564c345642344f74256392741
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 377382
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2019/04/steelseries-arctis-pro-dac-cropped.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: MISS
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.589536,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/moT7iWMxn3qvNhcnX4vsQ7.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V4:H4:R:V1:H1:O:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Fri, 24 Jun 2022 20:24:00 GMT
x-ftr-request-id: 00000000000000000000FFFF9D34454D:3532_00000000000000000000FFFFB9711932:01BB_62ACE24A_1F451040:261593
x-ftr-buildid: 1_17/Jun/2022:20:24:00.781_/sites/wpcentral.com/files/styles/large/public/field/image/2019/04/steelseries-arctis-pro-dac-cropped.jpg_:V4:H4:R:V1:H1:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4276-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-1.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-4
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

404
Not Found

xtZtBJVgiPPKiXuENcH2SB.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/hyper-x-cloud-alpha-blackout-sehero-1.jpg
https://cdn.mos.cms.futurecdn.net/xtZtBJVgiPPKiXuENcH2SB.jpg

0
440 B

1055ms
361ms

Image
text/plain

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/xtZtBJVgiPPKiXuENcH2SB.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-FTR-Balancer: bulk-proxy-1
Date: Wed, 22 Jun 2022 05:13:44 GMT
Server: nginx/1.19.0
Age: 0
Vary: Origin
X-FTR-DC: interxion-lon1
X-FTR-Backend-Server: kube
X-FTR-Request-ID: 00000000:D032_00000000:0050_62B2A508_238004:1FA14
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-Backend: default
X-FTR-Cache-Status: MISS
Content-Length: 0
X-Served-By: kodiak-varnish-66ff646578-fc7j6

Redirect headers

width: 0
age: 664814
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/hyper-x-cloud-alpha-blackout-sehero-1.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.589516,VS0,VE2
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/xtZtBJVgiPPKiXuENcH2SB.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V4:H4:R:V3:
x-cache-hits: 1, 0
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: MISS-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Tue, 21 Jun 2022 12:33:29 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A54B:E456_00000000000000000000FFFFB9711932:01BB_62A87F8A_1BF42DAE:261593
x-ftr-buildid: 3_14/Jun/2022:12:31:18.447_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/hyper-x-cloud-alpha-blackout-sehero-1.jpg_:V2:H2:R:V3:H3:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4267-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-4
x-resp-is-stale: true
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

404
Not Found

z28UUiGgnwUdY6A5fBfZ7Y.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/hyper-x-cloud-alpha-se-hero.jpg
https://cdn.mos.cms.futurecdn.net/z28UUiGgnwUdY6A5fBfZ7Y.jpg

0
440 B

754ms
104ms

Image
text/plain

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/z28UUiGgnwUdY6A5fBfZ7Y.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-FTR-Balancer: bulk-proxy-1
Date: Wed, 22 Jun 2022 05:13:44 GMT
Server: nginx/1.19.0
Age: 0
Vary: Origin
X-FTR-DC: interxion-lon1
X-FTR-Backend-Server: kube
X-FTR-Request-ID: 00000000:D032_00000000:0050_62B2A507_237FFE:1FA14
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-Backend: default
X-FTR-Cache-Status: MISS
Content-Length: 0
X-Served-By: kodiak-varnish-66ff646578-fc7j6

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/hyper-x-cloud-alpha-se-hero.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.589496,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/z28UUiGgnwUdY6A5fBfZ7Y.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V1:H1:R:V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Mon, 27 Jun 2022 11:43:07 GMT
x-ftr-request-id: 00000000000000000000FFFF9D344520:FB4A_00000000000000000000FFFFB9711932:01BB_62B05CAE_21CA0DF8:261593
x-ftr-buildid: 4_17/Jun/2022:20:24:00.899_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/hyper-x-cloud-alpha-se-hero.jpg_:V1:H1:R:V4:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11644-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-1
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

EzpCsg7nKsdveuodfNS2Ed.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/blackshark-v2-t1bg.jpg
https://cdn.mos.cms.futurecdn.net/EzpCsg7nKsdveuodfNS2Ed.jpg

24 KB
24 KB

694ms
45ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/EzpCsg7nKsdveuodfNS2Ed.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3d70e4a45db995fb4e2e062a3a35fa5272840f0183eafb284905a455e55971d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 24415
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:9EE2_00000000:0050_62863421_B2FE92:6423
Server: nginx/1.19.0
ETag: 71baa0092d9db4732191f5383f7fe83e
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/blackshark-v2-t1bg.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-svc-go-version: 1.18
x-timer: S1655874824.590017,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/EzpCsg7nKsdveuodfNS2Ed.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V1:H1:R:V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Mon, 27 Jun 2022 11:43:07 GMT
x-ftr-request-id: 00000000000000000000FFFF9D344544:767C_00000000000000000000FFFFB9711938:01BB_62B05D3A_B259C68:4041
x-ftr-buildid: 4_17/Jun/2022:20:24:00.781_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/blackshark-v2-t1bg.jpg_:V3:H3:R:V4:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4223-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-1
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

xAdetPDojzDvEpfqFnbiqT.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/51jmb3ciuhl._ac_sl1500_.jpg
https://cdn.mos.cms.futurecdn.net/xAdetPDojzDvEpfqFnbiqT.jpg

39 KB
39 KB

814ms
61ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/xAdetPDojzDvEpfqFnbiqT.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 568cad9e1d346b6c9881e632f94f9e43990bc36155ad002e0f491f86c8f7029c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 39451
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:AE4E_00000000:0050_6286341E_B2FE64:6423
Server: nginx/1.19.0
ETag: 3ed1958740d820f655a018c71bcafcdf
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 78942
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/51jmb3ciuhl._ac_sl1500_.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.589993,VS0,VE3
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/xAdetPDojzDvEpfqFnbiqT.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 70493
content-length: 95
x-ftr-expires: Mon, 27 Jun 2022 11:43:07 GMT
x-ftr-request-id: 00000000000000000000FFFF9D34452A:8944_00000000000000000000FFFFB9711932:01BB_62B1700A_229987D0:261593
x-ftr-buildid: 2_17/Jun/2022:20:24:00.779_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/51jmb3ciuhl._ac_sl1500_.jpg_:V3:H3:R:V2:H2:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11627-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-2.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-4
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

404
Not Found

PUEwiHAcqCWiJs4G5fJQsL.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/razer-nari-ultimate-sehero-1.jpg
https://cdn.mos.cms.futurecdn.net/PUEwiHAcqCWiJs4G5fJQsL.jpg

0
431 B

761ms
111ms

Image
text/plain

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/PUEwiHAcqCWiJs4G5fJQsL.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-FTR-Balancer: bulkproxyprodred
Date: Wed, 22 Jun 2022 05:13:44 GMT
Server: nginx/1.19.0
Age: 0
Vary: Origin
X-FTR-DC: IX
X-FTR-Backend-Server: kube
X-FTR-Request-ID: 00000000:CD49_00000000:0050_62B2A508_7A0A3F:7901
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-Backend: default
X-FTR-Cache-Status: MISS
Content-Length: 0
X-Served-By: kodiak-varnish-66ff646578-fc7j6

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/razer-nari-ultimate-sehero-1.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.589972,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/PUEwiHAcqCWiJs4G5fJQsL.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V2:H2:R:V3:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Mon, 27 Jun 2022 11:43:07 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A538:71FE_00000000000000000000FFFFB9711932:01BB_62B05CAF_21CA0E1B:261593
x-ftr-buildid: 3_17/Jun/2022:20:24:00.975_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/razer-nari-ultimate-sehero-1.jpg_:V1:H1:R:V3:H3:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11650-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-2
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

iCwfEkT8aDe3zcv2eBfdTn.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/04/razer-nari-ultimate-se_0.jpg
https://cdn.mos.cms.futurecdn.net/iCwfEkT8aDe3zcv2eBfdTn.jpg

72 KB
72 KB

746ms
48ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/iCwfEkT8aDe3zcv2eBfdTn.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3a3234cf421be9d34f0f1dd2bb88c731e27e9f67cae8062bc89d2f2d934ab21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 73333
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:DCBA_00000000:0050_62863420_B2FE86:6423
Server: nginx/1.19.0
ETag: aff13a23a15eb1c67fff8203ba0c9b6b
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 664814
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2019/04/razer-nari-ultimate-se_0.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.589938,VS0,VE2
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/iCwfEkT8aDe3zcv2eBfdTn.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V2:H2:R:V1:
x-cache-hits: 1, 0
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: MISS-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Tue, 21 Jun 2022 12:33:29 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A54F:40CA_00000000000000000000FFFFB9711932:01BB_62A87F8A_1BF42DB0:261593
x-ftr-buildid: 1_14/Jun/2022:12:31:18.473_/sites/wpcentral.com/files/styles/large/public/field/image/2019/04/razer-nari-ultimate-se_0.jpg_:V4:H4:R:V1:H1:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4252-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-1.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-2
x-resp-is-stale: true
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

404
Not Found

nfMrkBo63jzATa7KNfkQS3.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/plugable-onyx-sehero-1.jpg
https://cdn.mos.cms.futurecdn.net/nfMrkBo63jzATa7KNfkQS3.jpg

0
440 B

762ms
113ms

Image
text/plain

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/nfMrkBo63jzATa7KNfkQS3.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-FTR-Balancer: bulk-proxy-1
Date: Wed, 22 Jun 2022 05:13:44 GMT
Server: nginx/1.19.0
Age: 0
Vary: Origin
X-FTR-DC: interxion-lon1
X-FTR-Backend-Server: kube
X-FTR-Request-ID: 00000000:8AC6_00000000:0050_62B2A507_237FE6:1FA14
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-Backend: default
X-FTR-Cache-Status: MISS
Content-Length: 0
X-Served-By: kodiak-varnish-66ff646578-fc7j6

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/plugable-onyx-sehero-1.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-svc-go-version: 1.18
x-timer: S1655874824.589919,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/nfMrkBo63jzATa7KNfkQS3.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V2:H2:R:V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Mon, 27 Jun 2022 11:43:07 GMT
x-ftr-request-id: 00000000000000000000FFFF9D344518:FA84_00000000000000000000FFFFB9711938:01BB_62B05D3A_B259C8C:4041
x-ftr-buildid: 4_17/Jun/2022:20:24:01.060_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/plugable-onyx-sehero-1.jpg_:V3:H3:R:V4:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11665-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-2
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

Gs3RLqzLnRqPjbJnBnZVAS.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/10/plugable-onyx-headset.jpg
https://cdn.mos.cms.futurecdn.net/Gs3RLqzLnRqPjbJnBnZVAS.jpg

71 KB
71 KB

814ms
145ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/Gs3RLqzLnRqPjbJnBnZVAS.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 8a741fa0b25369fd2ff18c53965ec0aa5f1b2450a7e7bf10859b061f2be58717

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:18 GMT
X-Backend: default
Age: 2912486
X-FTR-DC: InterXion
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 72533
X-FTR-Balancer: bulk-proxy-1
X-FTR-Request-ID: 00000000:E46D_00000000:0050_62863421_B422C9:1B489
Server: nginx/1.19.0
ETag: 3051f92ddc31c74c4d406bfb73e06cd9
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 14:04:37 GMT

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2019/10/plugable-onyx-headset.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.610603,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/Gs3RLqzLnRqPjbJnBnZVAS.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V3:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 227946
content-length: 95
x-ftr-expires: Fri, 24 Jun 2022 20:24:01 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A534:319C_00000000000000000000FFFFB9711932:01BB_62B05CAF_21CA0E34:261593
x-ftr-buildid: 3_17/Jun/2022:20:24:01.060_/sites/wpcentral.com/files/styles/large/public/field/image/2019/10/plugable-onyx-headset.jpg_:V2:H2:R:V3:H3:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4266-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-3
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

404
Not Found

5b3JbVPPj7APQ2XsqQEFpW.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/turtle-beach-elite-aero-sehero-1.jpg
https://cdn.mos.cms.futurecdn.net/5b3JbVPPj7APQ2XsqQEFpW.jpg

0
440 B

857ms
123ms

Image
text/plain

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/5b3JbVPPj7APQ2XsqQEFpW.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-FTR-Balancer: bulk-proxy-1
Date: Wed, 22 Jun 2022 05:13:44 GMT
Server: nginx/1.19.0
Age: 0
Vary: Origin
X-FTR-DC: interxion-lon1
X-FTR-Backend-Server: kube
X-FTR-Request-ID: 00000000:6FD3_00000000:0050_62B2A506_237FDC:1FA14
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-Backend: default
X-FTR-Cache-Status: MISS
Content-Length: 0
X-Served-By: kodiak-varnish-66ff646578-fc7j6

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/turtle-beach-elite-aero-sehero-1.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.610557,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/5b3JbVPPj7APQ2XsqQEFpW.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V1:H1:R:V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Mon, 27 Jun 2022 11:43:08 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A524:9064_00000000000000000000FFFFB9711932:01BB_62B05CAF_21CA0E37:261593
x-ftr-buildid: 4_17/Jun/2022:20:24:01.066_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/turtle-beach-elite-aero-sehero-1.jpg_:V2:H2:R:V4:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4227-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-1
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

Dy9bDcYBad4pXDXAJN7PqP.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/01/turtle-beach-elite-atlas-aero-se.jpg
https://cdn.mos.cms.futurecdn.net/Dy9bDcYBad4pXDXAJN7PqP.jpg

244 KB
244 KB

813ms
62ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/Dy9bDcYBad4pXDXAJN7PqP.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 373b56920bb4ceed22fc51add53857c9c86c4e3a86cc324b2a5183ae42d4c2d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 249621
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:CE19_00000000:0050_6286341E_B2FE53:6423
Server: nginx/1.19.0
ETag: e6385c899a1a3009944a2630306f1437
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:04 GMT

Redirect headers

width: 0
age: 377382
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/01/turtle-beach-elite-atlas-aero-se.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: MISS
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-svc-go-version: 1.18
x-timer: S1655874824.610550,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/Dy9bDcYBad4pXDXAJN7PqP.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V4:H4:R:V3:H3:O:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Fri, 24 Jun 2022 20:24:01 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A541:1AAC_00000000000000000000FFFFB9711938:01BB_62ACE2D3_891C97F:4041
x-ftr-buildid: 3_17/Jun/2022:20:24:01.060_/sites/wpcentral.com/files/styles/large/public/field/image/2020/01/turtle-beach-elite-atlas-aero-se.jpg_:V4:H4:R:V3:H3:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11672-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-4
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

404
Not Found

Js4tGk8Xzm2XdntCAoAXgJ.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/steelseries-arctis-1-sehero-1.jpg
https://cdn.mos.cms.futurecdn.net/Js4tGk8Xzm2XdntCAoAXgJ.jpg

0
440 B

972ms
109ms

Image
text/plain

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/Js4tGk8Xzm2XdntCAoAXgJ.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-FTR-Balancer: bulk-proxy-1
Date: Wed, 22 Jun 2022 05:13:44 GMT
Server: nginx/1.19.0
Age: 0
Vary: Origin
X-FTR-DC: interxion-lon1
X-FTR-Backend-Server: kube
X-FTR-Request-ID: 00000000:5936_00000000:0050_62B2A505_237FD1:1FA14
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-Backend: default
X-FTR-Cache-Status: MISS
Content-Length: 0
X-Served-By: kodiak-varnish-66ff646578-fc7j6

Redirect headers

width: 0
age: 664814
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/07/steelseries-arctis-1-sehero-1.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.610547,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/Js4tGk8Xzm2XdntCAoAXgJ.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V4:H4:R:V1:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-STALE-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Tue, 21 Jun 2022 12:33:29 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A54B:E456_00000000000000000000FFFFB9711932:01BB_62A87F8A_1BF42DB4:261593
x-ftr-buildid: 1_14/Jun/2022:12:31:18.473_/sites/wpcentral.com/files/styles/large/public/field/image/2020/07/steelseries-arctis-1-sehero-1.jpg_:V2:H2:R:V1:H1:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11680-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-1.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-4
x-resp-is-stale: true
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

Wk7aXbsccttbpM6apuaPyC.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2020/05/steelseries-arctis-1-wireless-xbox-cyberpunk-2077-edition-cropped.jpg
https://cdn.mos.cms.futurecdn.net/Wk7aXbsccttbpM6apuaPyC.jpg

83 KB
84 KB

750ms
58ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/Wk7aXbsccttbpM6apuaPyC.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 0d155fabafdd533a9427065538509ded01e97b16d86c1071625711ba764a8bae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 85219
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:76AC_00000000:0050_62863421_B2FE8B:6423
Server: nginx/1.19.0
ETag: 1246415a009967bbd8d7138b7cfd3dbe
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 149435
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2020/05/steelseries-arctis-1-wireless-xbox-cyberpunk-2077-edition-cropped.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.610505,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/Wk7aXbsccttbpM6apuaPyC.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V3:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 227947
content-length: 95
x-ftr-expires: Fri, 24 Jun 2022 20:24:01 GMT
x-ftr-request-id: 00000000000000000000FFFF9D344530:4DC8_00000000000000000000FFFFB9711932:01BB_62B05CAF_21CA0E46:261593
x-ftr-buildid: 3_17/Jun/2022:20:24:01.061_/sites/wpcentral.com/files/styles/large/public/field/image/2020/05/steelseries-arctis-1-wireless-xbox-cyberpunk-2077-edition-cropped.jpg_:V2:H2:R:V3:H3:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4277-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-3
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

rqoHuuMZfDvqSrdm3eWFxb.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2018/08/richard-avatar.jpg
https://cdn.mos.cms.futurecdn.net/rqoHuuMZfDvqSrdm3eWFxb.jpg

73 KB
73 KB

946ms
46ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/rqoHuuMZfDvqSrdm3eWFxb.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 7fea6de988272634196e39af105aaf82c56cc5ee36a917a761c85a46b17b656c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 11:47:04 GMT
X-Backend: default
Age: 2914000
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 74242
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:7175_00000000:0050_62862E38_B2794B:6423
Server: nginx/1.19.0
ETag: 5429ee2194d61edb92271984ddf75df9
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 664814
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2018/08/richard-avatar.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-svc-go-version: 1.18
x-timer: S1655874824.610507,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/rqoHuuMZfDvqSrdm3eWFxb.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V4:H4:R:V3:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-STALE-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Tue, 21 Jun 2022 12:33:29 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A543:17C2_00000000000000000000FFFFB9711938:01BB_62A88011_52EFDA0:4041
x-ftr-buildid: 3_14/Jun/2022:12:31:18.478_/sites/wpcentral.com/files/styles/large/public/field/image/2018/08/richard-avatar.jpg_:V4:H4:R:V3:H3:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4266-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-4
x-resp-is-stale: true
accept-ranges: bytes
x-country-code: GB

GET
H2 200 1025269.jpg
passport.mobilenations.com/avatars/000/001/025/ 49 KB
50 KB 170ms
61ms Image
image/jpeg 2606:4700::6812:4c34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://passport.mobilenations.com/avatars/000/001/025/1025269.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4c34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f615e7ba92273145a27dfc0773e0a936233f96a40cee0eb90cedf8cdcf2e6e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 55726
cf-polished: origSize=52888, status=webp_bigger
content-length: 50603
last-modified: Fri, 15 Mar 2019 16:47:51 GMT
server: cloudflare
etag: "5c8bd737-ce98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: image/jpeg
expires: Fri, 22 Jul 2022 05:13:43 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f109e442325-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 XMvfuvRqk3g
feeds.feedburner.com/~r/wmexperts/~4/ 43 B
339 B 172ms
55ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~r/wmexperts/~4/XMvfuvRqk3g

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: GSE
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 06:13:43 +0000

GET
H/1.1

200
OK

ALmBb3uYRMYE7vPB2xknvF.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2018/08/halo-reach-hero.jpg?itok=wmHDT0Is
https://cdn.mos.cms.futurecdn.net/ALmBb3uYRMYE7vPB2xknvF.jpg

279 KB
279 KB

916ms
46ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/ALmBb3uYRMYE7vPB2xknvF.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: a4e7b1ee2fc7c1478f4af33d71ddf64f3131a996133877f4c51a4c5f453d18e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: InterXion
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 285383
X-FTR-Balancer: bulk-proxy-1
X-FTR-Request-ID: 00000000:59D0_00000000:0050_62863421_B422BB:1B489
Server: nginx/1.19.0
ETag: 515b066fcd92fadb90e4de4f3acd0208
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Mon, 18 Jul 2022 13:24:03 GMT

Redirect headers

width: 0
age: 481784
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2018/08/halo-reach-hero.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-svc-go-version: 1.18
x-timer: S1655874824.664797,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/ALmBb3uYRMYE7vPB2xknvF.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V3:H3:R:V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Thu, 23 Jun 2022 15:23:59 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A51F:C8AA_00000000000000000000FFFFB9711938:01BB_62AB4B03_7532DF8:4041
x-ftr-buildid: 4_13/Jun/2022:15:50:04.955_/sites/wpcentral.com/files/styles/large/public/field/image/2018/08/halo-reach-hero.jpg_:V4:H4:R:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon4221-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-3
accept-ranges: bytes
x-country-code: GB

GET
H/1.1

200
OK

HEy4a8ZD2EspH5g5RMxsJf.jpg
cdn.mos.cms.futurecdn.net/
Redirect Chain

https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/11/halo-reach-se.jpg?itok=QwN53No7
https://cdn.mos.cms.futurecdn.net/HEy4a8ZD2EspH5g5RMxsJf.jpg

13 KB
14 KB

933ms
44ms

Image
image/jpeg

67.26.137.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/HEy4a8ZD2EspH5g5RMxsJf.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Server: 67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 58967b22e0e0ed171c46f25a57cfb97f3dd40369cdf683667ebeb8c877664361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 19 May 2022 12:12:17 GMT
X-Backend: default
Age: 2912487
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos_kodiak
Connection: keep-alive
X-FTR-Cache-Status: MISS
Content-Length: 13549
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:DCBA_00000000:0050_62863421_B2FE90:6423
Server: nginx/1.19.0
ETag: 1d8f887965f5d70c320904b6b92cd2db
X-Served-By: kodiak-varnish-5767867ff4-k49ww
Content-Type: image/jpeg
X-FTR-Backend-Server: kube
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Expires: Tue, 19 Jul 2022 08:39:28 GMT

Redirect headers

width: 0
age: 664814
normalised-url: https://www.windowscentral.com/sites/wpcentral.com/files/field/image/2019/11/halo-reach-se.jpg
x-ftr-backend: varnish-panther
x-ftr-cache-status: HIT
x-svc-build-time: Wed May 18 12:42:05 UTC 2022
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-svc-go-version: 1.18
x-timer: S1655874824.664785,VS0,VE1
x-svc-name: timedia-redirector
content-type: text/html; charset=utf-8
location: https://cdn.mos.cms.futurecdn.net/HEy4a8ZD2EspH5g5RMxsJf.jpg
cache-control: public, max-age=604800
x-svc-version: v0-12-0-6afcb47243a0fec8f11840cf1ccbe9cfa0444eaf
x-cache-control: public, max-age=604800
x-ftr-trace: V1:H1:R:V4:
x-cache-hits: 1, 1
date: Wed, 22 Jun 2022 05:13:43 GMT
via: 1.1 varnish, 1.1 varnish
xkey: timedia-redirector
x-cache: HIT-STALE-CLUSTER
extension: .jpg
x-age: 0
content-length: 95
x-ftr-expires: Tue, 21 Jun 2022 12:33:29 GMT
x-ftr-request-id: 00000000000000000000FFFFA752A51B:68A0_00000000000000000000FFFFB9711932:01BB_62A87F8A_1BF42DB3:261593
x-ftr-buildid: 4_14/Jun/2022:12:31:18.647_/sites/wpcentral.com/files/styles/large/public/field/image/2019/11/halo-reach-se.jpg_:V3:H3:R:V4:H4:O
x-svc-env: prod
x-country-code-real: GB
height: 0
x-served-by: cache-lon11671-LON, cache-lcy19244-LCY
strict-transport-security: max-age=300
x-ftr-backend-server: fte-varnish-prod-panther-4.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-1
x-resp-is-stale: true
accept-ranges: bytes
x-country-code: GB

GET
H2 200 tkpYeuiT0cA
feeds.feedburner.com/~r/wmexperts/~4/ 43 B
104 B 170ms
61ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~r/wmexperts/~4/tkpYeuiT0cA

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: GSE
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 06:13:43 +0000

GET
H2 200 dims
o.aolcdn.com/images/ 169 KB
170 KB 299ms
140ms Image
image/jpeg 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.aolcdn.com/images/dims?resize=2000%2C2000%2Cshrink&image_uri=https%3A%2F%2Fs.yimg.com%2Fos%2Fcreatr-uploaded-images%2F2019-03%2F8abb4e90-50b3-11e9-aaff-ba09ebd015cd&client=a1acac3e1b3290917d92&signature=59a74288ccbf5ce945fab394555e468caaeb6c36

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcb/7F77) /

Resource Hash

f5fb80c6ab695aec793967d59c135b29618aad2f987174711a218fc44da08d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 1771482
cld_latency: 98
edge-cache-tag: 205668273106704222303092677181222189726,485239066690905873616624527207302478547,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=31536000
content-length: 172683
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100085-IAD
x-served-by: cache-wdc5559-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Jun 2021 10:19:59 GMT
server: ECAcc (dcb/7F77)
x-timer: S1633336474.742285,VS0,VE1
etag: "d2668a73c5528255b775cdd08b0e7b3c"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
report-to: {"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H3 200 nth.png
1.bp.blogspot.com/-eAeO-DYJDws/Vkqtj4HFBFI/AAAAAAAAB0o/Q5OLsyONXM0/s1600-r/ 1 KB
1 KB 43ms
43ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eAeO-DYJDws/Vkqtj4HFBFI/AAAAAAAAB0o/Q5OLsyONXM0/s1600-r/nth.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6ca0ba132e317aa25845976719aecc3fbc11dfbe15c1ca37809b1d0d39bcf8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 01:29:02 GMT
x-content-type-options: nosniff
age: 13481
content-disposition: inline;filename="nth.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1439
x-xss-protection: 0
server: fife
etag: "v74b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:04:54 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/J36MCxgP2_4/ 6 KB
7 KB 63ms
62ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/J36MCxgP2_4/mqdefault.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd1d46e090dd11a9123e403410ad1b3354ed4c0906c92a13ae0a0daf85a91421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jun 2022 07:13:43 GMT

GET
H2 200 lounge.load.cfefa856cbcd7efb87102e7242c9a829.js Show response
c.disquscdn.com/next/embed/ Frame DC66 958 B
1 KB 132ms
41ms Script
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1598400
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 496
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1f0"
content-type: application/javascript; charset=utf-8
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
expires: Sat, 03 Jun 2023 17:13:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: gFIJVElBn-m0DezPTJuuNy6INa30Ia07rRZJaGTAR9Pkwlyr4xnuUg==
x-cache-hits: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ Frame 44B9 128 KB
42 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63bd1290734d42988618531f116ded35108d357633fd4ec34676f5824684d16e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42807
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:43:40 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 233 B
681 B 188ms
53ms XHR
text/javascript 34.246.24.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.24.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-24-138.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 094b0fc42db289680ea15b64149c810734635fdc269652dbe4aa015d90a91541

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 22 Jun 2022 05:13:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.aiupnow.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 233
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Example-IE-to-Edge-Redirection-Message.png
blogs.windows.com/wp-content/uploads/prod/sites/2/2022/06/ 123 KB
124 KB 131ms
48ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogs.windows.com/wp-content/uploads/prod/sites/2/2022/06/Example-IE-to-Edge-Redirection-Message.png
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4307580070e0eb1580c43601d37927c5aeee6cfe60dd7f32cab60c186a670df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Jun 2022 05:13:43 GMT
cf-cache-status: HIT
content-md5: ZjHgbgkt9+kmgoj8SltZpA==
age: 236825
cf-polished: origFmt=png, origSize=254731
content-disposition: inline; filename="Example-IE-to-Edge-Redirection-Message.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125912
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 14 Jun 2022 20:39:39 GMT
server: cloudflare
etag: "0x8DA4E4600E21C92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: cc9708c6-e01e-0002-15d2-8199f0000000
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 71f27f11687554c3-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 MicrosoftTeams-imagemd-300x300.png
blogs.windows.com/wp-content/uploads/prod/sites/2/2022/06/ 26 KB
26 KB 158ms
75ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogs.windows.com/wp-content/uploads/prod/sites/2/2022/06/MicrosoftTeams-imagemd-300x300.png
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd60ece584de716694b7832e5f426af629c1dbc00bad2303f57d7fe31591a6cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Jun 2022 05:13:43 GMT
cf-cache-status: HIT
content-md5: 3mojvbuoGlQCt08tUfxMlw==
age: 576338
cf-polished: origFmt=png, origSize=42093
content-disposition: inline; filename="MicrosoftTeams-imagemd-300x300.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26302
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 14 Jun 2022 22:15:41 GMT
server: cloudflare
etag: "0x8DA4E536B2EC15D"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 8b90e719-e01e-0009-7eb8-808184000000
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 71f27f11687654c3-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 WIN22_Start_Productivity_Light_2000-1024x682.png
blogs.windows.com/wp-content/uploads/prod/sites/2/2022/06/ 372 KB
373 KB 157ms
75ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogs.windows.com/wp-content/uploads/prod/sites/2/2022/06/WIN22_Start_Productivity_Light_2000-1024x682.png
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131334eb140ed8d0b6e6d95fab6ab015116a136bbc8199dbdbafa21bcbebe238

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Jun 2022 05:13:43 GMT
cf-cache-status: HIT
content-md5: oT83JNAiEXk9ItoSmKLO3Q==
age: 39319
cf-polished: origFmt=png, origSize=562133
content-disposition: inline; filename="WIN22_Start_Productivity_Light_2000-1024x682.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 381106
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 14 Jun 2022 20:44:29 GMT
server: cloudflare
etag: "0x8DA4E46ADEDCE78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-ms-request-id: 0f67d7d2-601e-005c-01b8-806af3000000
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 71f27f11687754c3-MAN
cf-bgj: imgq:100,h2pri

GET
H2 200 2022-aws-iotexpresslink-diagram-1.jpg
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/15/ 195 KB
195 KB 624ms
527ms Image
image/jpeg 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/15/2022-aws-iotexpresslink-diagram-1.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2fe3f82a0f41f37f5e3b078fe233b506bdc93ee998d1eb5d3a3eaf397bf25efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: BDXIjG9UOOIUD_yDn7dQVkmpKCiD3ds6
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 199275
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Jun 2022 23:53:35 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
etag: "9f799ac76d01a6a16a0fd0b72b09733f-1"
accept-ranges: bytes
x-amz-cf-id: 3cxpFPWPKF9Qcfsr_OomkQdxOGirm90TQkMLlS34UrvP9X0PMUNhMQ==

GET
H2 200 2022-aws-iotexpresslink-IFW956810-usb.jpg
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/14/ 248 KB
249 KB 613ms
527ms Image
image/jpeg 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/14/2022-aws-iotexpresslink-IFW956810-usb.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0ea5d009030ee35c398f1b52ef56366e57824f7ffaf0ab95008c143d539fc998

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: YX6GE9zPu9qQ8dKqK152gqDC1Z4_55er
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 253667
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Jun 2022 02:10:42 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
etag: "e71aef4479c8d95cbc8d7044164dc42e-1"
accept-ranges: bytes
x-amz-cf-id: 7mWnksXpR6nsl0inOCxc55mr-334XMQgMz1CgPhq5nE8Dk62BYhYGw==

GET
H2 200 WIFI_Thermostat-768x552-1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/16/ 65 KB
65 KB 745ms
661ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/16/WIFI_Thermostat-768x552-1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

719d6aea9ac95b62fa771390c8eba337efeb62fdf103489d4de9a671513f073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: nSILdfrnkWtxjOnl7xWRC52UFxhM1hk_
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 66058
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Jun 2022 00:05:12 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "ac179a062e758d8dde88d015db1e682a-1"
accept-ranges: bytes
x-amz-cf-id: tR00CFRL8cj5P38icBOVgRVp2lNYxj-lxZy5adXhQrnFmtoCNajc_Q==

GET
H2 200 2022-aws-iotexpresslink-edn-smallgarden.jpg
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/09/ 129 KB
130 KB 739ms
662ms Image
image/jpeg 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/09/2022-aws-iotexpresslink-edn-smallgarden.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c905702b6efc7101cfebdf9591f4b58619742a13fed8f039139ee00472029f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: oYQuGJQXG1jCc_bjL5jW4Mh9BGFQLvcD
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 132543
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Jun 2022 13:39:46 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
etag: "a6081baf177b29913e9f389e03d2059e-1"
accept-ranges: bytes
x-amz-cf-id: y-odfZgJ3Am3HTU3lY4bRsTaam6Om8Y1yc8WtlgOINrIAhvZYhMBIA==

GET
H2 200 2022-aws-iotexpresslink-ublox-2.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/14/ 205 KB
205 KB 707ms
665ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/14/2022-aws-iotexpresslink-ublox-2.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

50025bab5957b54d1b9ca5723796385e5cadae9a863b8427ce9adb225287121a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: 7TMX69tTJm9E4mJuY4pl6KCBs.6wBKkR
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 209622
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Jun 2022 02:27:47 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "9f7bdc32feef184a4c595b2416509c9f-1"
accept-ranges: bytes
x-amz-cf-id: iNgbvRN-GDnlA2bQjf6cL2bLQ4oqF_1YJ9n9Zs1AncORiJXuomDy1g==

GET
H2 200 2022-Infineon-IFW56810.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/13/ 151 KB
151 KB 419ms
418ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/13/2022-Infineon-IFW56810.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8d7d4556acfbfba8ed4abe6383f2b610bce80b37f02221e094abac32071ea42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: MYl8.DC0t.SVdloDbI48TfXkzrTFdqWX
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 154286
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 13 Jun 2022 00:45:37 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "929c86c4d700d316e3b53f3fb5140819-1"
accept-ranges: bytes
x-amz-cf-id: MZx6mBYz-pSp04FgR-gKQ2bI-Wgo6IANJ-8PpRmpRXSTO3lDXcrhVQ==

GET
H2 200 2122.png
s.w.org/images/core/emoji/12.0.0-1/72x72/ 613 B
842 B 130ms
40ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/72x72/2122.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

d6e25238d199a625a8cfbb8412fc0b06900eb39c5dd76c41021b540b3e5060e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 613
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2022-aws-iotexpresslink-espressif.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/09/ 138 KB
139 KB 575ms
574ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/09/2022-aws-iotexpresslink-espressif.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6373db5c400f788f6b1a872daf6b495dc2d07ca9b5ea3d93608444804c518ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: qOGuikpYax_ned8KG9bzbfeoAnX8wfTW
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 141509
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Jun 2022 13:44:06 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "c1228d39e048a6462fce35ec6ddbb3eb-1"
accept-ranges: bytes
x-amz-cf-id: 3aAndb0rBeT6ax3jxANb7-oEJI6NDwAFVXduTdNis7PHUfoa-3T_Tw==

GET
H3 200 AmazonWebServicesBlog
feeds.feedburner.com/~ff/ 997 B
1015 B 177ms
90ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=yIl2AUoC8zA

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6991b0dfb02f46e2bb00808bd3eaaf97cfb4caa209a24ceb5a5c3482b091d6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
server: GSE
etag: Kg31R1CGIqw4HTZpTQkVWDFniR0
content-type: image/gif
cache-control: max-age=539656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 997
x-xss-protection: 1; mode=block
expires: Tue, 28 Jun 2022 11:08:00 GMT

GET
H3 200 AmazonWebServicesBlog
feeds.feedburner.com/~ff/ 1 KB
1 KB 177ms
89ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=dnMXMwOfBR0

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d76f32f8bd2f4896065ce24a53a651b8b31f8518eeffef24d8ff3b7942a2437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
server: GSE
etag: 8QBjG7c8/sQuhDR26KDUQ+59BcM
content-type: image/gif
cache-control: max-age=539703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 1; mode=block
expires: Tue, 28 Jun 2022 11:08:48 GMT

GET
H3 200 AmazonWebServicesBlog
feeds.feedburner.com/~ff/ 1 KB
1 KB 176ms
89ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=7Q72WNTAKBA

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2b9c28205959e1323e482a8ebab65490ba2200da1665b75004947fbc4e18672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
server: GSE
etag: IDawmln7mA9Ww+FiBXA+Xtz928I
content-type: image/gif
cache-control: max-age=72733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 1; mode=block
expires: Thu, 23 Jun 2022 01:25:57 GMT

GET
H2 200 Screen-Shot-2022-06-13-at-9.40.11-AM.jpg
juliaberolzheimer.com/wp-content/uploads/2022/06/ 92 KB
92 KB 786ms
606ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juliaberolzheimer.com/wp-content/uploads/2022/06/Screen-Shot-2022-06-13-at-9.40.11-AM.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6291312088281f1660edad81cde381d66b27e529f192766f2e211f5892d82ad5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94048
last-modified: Mon, 13 Jun 2022 13:40:18 GMT
server: cloudflare
etag: "62a73e42-16f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ccgsMDuemlp6FgH3X6fjPDEeX1Vqqaw9okQdOH2auB0KVcMqYUMORal7vLxsOlb2g1lIcy4UVI8XLyVDasnKkh8Qfn%2FRtV%2BVfIPm5IscXBMIUaWPrmWBO%2B4n%2FWZQcwXMvfHYsAk1IuqAWZH9DIbq%2B8Z7h8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71f27f13693ce8eb-MXP
expires: Fri, 22 Jul 2022 05:13:44 GMT

GET
H2 200 Screen-Shot-2022-06-13-at-9.20.35-AM.jpg
juliaberolzheimer.com/wp-content/uploads/2022/06/ 55 KB
56 KB 676ms
544ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juliaberolzheimer.com/wp-content/uploads/2022/06/Screen-Shot-2022-06-13-at-9.20.35-AM.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f80191d3f91043dd5ae270290a7b61009ecd25a99f59824d92c0699b6c0b9ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56523
last-modified: Mon, 13 Jun 2022 13:20:49 GMT
server: cloudflare
etag: "62a739b1-dccb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZ6tb9AhTZ75aUL4v3K%2F6s7mYF8zdD6K1aKuc2J5V%2BAtFNbY5DPZvP2Mm%2Br7Z63E9Fk6fFFYZNGKl6%2FMN7d68phdkZoW%2FZWC5MODnSqCEftW7ZiEXc%2FiIEK%2F8js5kR23OSKNq75sJBuOo3UabVJcOi2vvsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71f27f136941e8eb-MXP
expires: Fri, 22 Jul 2022 05:13:44 GMT

GET
H2 200 Screen-Shot-2022-06-13-at-9.42.24-AM.jpg
juliaberolzheimer.com/wp-content/uploads/2022/06/ 82 KB
82 KB 628ms
579ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juliaberolzheimer.com/wp-content/uploads/2022/06/Screen-Shot-2022-06-13-at-9.42.24-AM.jpg
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefce711ee9945feaf46eff9bf392d6c404bab1ff6e7df2cbcaf45cbd728a890

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83925
last-modified: Mon, 13 Jun 2022 13:42:31 GMT
server: cloudflare
etag: "62a73ec7-147d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxZtu2hRpxrM580PySw7cUlJs%2FZyde3CtaUqxVwxDrO8DgJO41VKnmYZlfzFIw92LcrZn2KGqTmgNb7og5MvvCWyT2rlhVqa49ToBJNlFHOI8Ko8D61wmjKiOBrqnw3SaDnU9Z0ujqlykIiFxLNVjCTrd1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71f27f136940e8eb-MXP
expires: Fri, 22 Jul 2022 05:13:44 GMT

GET
H2 200 ams_nav_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 20 KB
21 KB 526ms
522ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ams_nav_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

28a01ca0774f2944617326f584900a93585acd56d3ea8c5b01de25ed2b7d1e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: I4BS20h2AWm9WwSb.B61VNBJfWZVeMYs
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 20917
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 23:34:23 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "d11a9e8f73bbec76afa2a994d222f2cd-1"
accept-ranges: bytes
x-amz-cf-id: t0hipJ20G-CPxKtakOrNW4n5030pqw4BTXQtiJ39L2X3up_fFF-eLg==

GET
H2 200 ams_template_defa_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 128 KB
129 KB 532ms
528ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ams_template_defa_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ef3861eaa40453f10a97ac09eca9eb4692572c784edddd12dac46bf0fcde0028

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: 01VP2P8ZG0orf1W1Lw8H2SL.Pgn8g8tF
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 131256
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 23:40:35 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "913de110a18ef82b7122b304645693d0-1"
accept-ranges: bytes
x-amz-cf-id: AnNNeDGnOY2qLBO1t_sRisS7hitsV_lvhtkMc3kuTi-xTw2YCutZBQ==

GET
H2 200 ams_pls_a_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 114 KB
114 KB 474ms
470ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ams_pls_a_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8a4075e2a01ffa6c7663107553667e3d66e3c68ca1825315b94bbfb3681a638

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: 83Ojc33ideCQLsXOFPDq9h.4i11_v.It
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 116261
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 23:44:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "e72a07d1615ef7db8bb0ea1c66f3dccf-1"
accept-ranges: bytes
x-amz-cf-id: iAaec0fEv0Ho148cIG2mraUosGgYGxfBGDvOJwTQ_7WbLdoYOxm_5Q==

GET
H2 200 ams_pls_b_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 56 KB
57 KB 464ms
459ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ams_pls_b_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aa0ebf6d5e42188be6a85c781ddcb88dad1d95d1bd1ef502cb10dcaeaf942043

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: r5LFcVu6xN1.EJRxSBwqEHWvDymZnE8U
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 57713
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 23:46:12 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "96c16365f714cedb5f7e610d58a73d60-1"
accept-ranges: bytes
x-amz-cf-id: HGjTJP4rvaZnzTGwchl7eHb0T6t6sxIOLl22dxj1za2w_kiDS_Rkjw==

GET
H2 200 ams_dr_conf_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ 130 KB
131 KB 535ms
531ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ams_dr_conf_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c254d452e98c435d518499ae322219492ec40d13d5d6ae15cb144eec863931c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: RKW4llqBzGIYGl8BprEHcWnhtMAnlPZ6
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 133427
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 May 2022 15:39:12 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "f1e5224c040f0634e1b0395a1ca25137-1"
accept-ranges: bytes
x-amz-cf-id: qraHdH6UBz4z9G6Y1_7rDgd7yP7xJjCyDKuvB3IvFcvA6518PbvfRg==

GET
H2 200 amg_centos_conf_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ 35 KB
36 KB 527ms
523ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/amg_centos_conf_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7baffcd39adabb6a310d3bb5a69280c3efdc156750c4aef01af18be7381b9530

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: 0nn3MCBEUXgQhL51Bl93cgMJiur2HPT5
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 36309
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 May 2022 15:43:09 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "2a8486897972d93de2b6cface7a4ea94-1"
accept-ranges: bytes
x-amz-cf-id: u2GKbECz9qc9ohng1IOpTDLuNaEy1GV_sLp9XlajnqgsqFCu4O7-yQ==

GET
H2 200 ams_suse_2.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ 43 KB
44 KB 534ms
530ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ams_suse_2.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

71e451c63b128494fbaa49cc9ed5b6283a925bad689fb7d8847d7230ad89505c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: Y8h9tMw8THFYC12_tGOB3oGyBs8ByuUP
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 44268
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 May 2022 15:56:43 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "bbb9ea5cb7ae1ddf9c30ba6dcc1bc20a-1"
accept-ranges: bytes
x-amz-cf-id: HkKxPbasnac0ufXO6HopmZ6M0x8oWvIwqZH-U742R8npb1fB40lEhA==

GET
H2 200 ams_edit_pl_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ 102 KB
103 KB 490ms
486ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/27/ams_edit_pl_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aad77fa3e8eba7348082dbf8f831038898bf2e9534264f1ced2c2269f1869e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: E_MFgJ1x.dfa211TZV5T.nkBM64_WBDp
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 104831
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 May 2022 16:06:32 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "44aaaedc8c516bac289abdd2884bc328-1"
accept-ranges: bytes
x-amz-cf-id: GUFRdz3EkUKhoKm3Mbraa5vZGdDxdX2jdj6sd2Z0RMls2okd6GcG_A==

GET
H2 200 ams_post_1.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/01/ 50 KB
51 KB 529ms
525ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/06/01/ams_post_1.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6c7dbc12ac85799a6ad64ac688546c03f8e29a94de041a7a37cf74a90c423ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: BD2OS0yoXB5jTi3.oAvPtRvomUL3fy6D
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 51498
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Jun 2022 15:34:46 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "ae54da84f601302cfb75769903e2263f-1"
accept-ranges: bytes
x-amz-cf-id: K6PH6W_Jc5BI0qPNf1vXmCRDw1wk70lp2ebrSzMU-tUuyOPIeed5gw==

GET
H2 200 2022-aws-wavelength-zones.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 324 KB
325 KB 526ms
522ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-aws-wavelength-zones.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4b28bbd5d102f48c0a0f622633407342913980e52a8996d6c0ccf15274e60c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: yhbyzjPee7KD8rV8nL4FpCfraGB8sel2
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 331496
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 04:19:12 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "c99cfbb3553570ad3d944d46e5cbf768-1"
accept-ranges: bytes
x-amz-cf-id: 9VKhOn8wMzSPE3K-xI9ZfVD4GuvloYfOBkQkA-eU0lU82QGa2MVFSg==

GET
H2 200 2022-ec2-stop-protection.jpg
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 225 KB
225 KB 522ms
518ms Image
image/jpeg 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-ec2-stop-protection.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

381d4ac37d36e80c48f702647fecea3c68f6c50373aeb4fbe6baafc8bf49dfbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: qxE97Ro0LXaPdAmisEFfw96.MR8Mq_s6
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 229893
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 04:47:38 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
etag: "73738ba83329580218f644a9f958065a-1"
accept-ranges: bytes
x-amz-cf-id: gBzAexto2Kh5WwG5OPb69eqkmQZjPygUHSu2xXnMggsTS34yvCiYYQ==

GET
H2 200 2022-aws-summit-dc-keynote.jpeg
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 2 MB
2 MB 538ms
534ms Image
image/jpeg 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-aws-summit-dc-keynote.jpeg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ade880e899aa6c382ea77e5f11612eddde3c396e992dac49d2697527f9ac6a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: IFM.l.gOzChWXKLDc.ArboAsU0Zl3Q6f
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 1592837
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 21:55:47 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
etag: "8560d3a966ee58482ffc5aeae01392a6-1"
accept-ranges: bytes
x-amz-cf-id: 9oM83uL4EbJwix_dYBDAJ4JI3yrfPnBGvCN6RRUNps38s1sd_CDjyw==

GET
H2 200 2022-aws-training-banner.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 14 KB
15 KB 523ms
519ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-aws-training-banner.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8273db824fef2f9863530e0f9938d4077e755f33c3c74d0946df816ee0422347

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: kH61pSxaJC2uE37h.aficQl7QzkKloH3
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 14707
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 22:06:08 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "9a4f1b64972475f496288ce74a2f0103-1"
accept-ranges: bytes
x-amz-cf-id: of-6_rMJoH12BaO0AitF3ukQ7bB5kdBI51yZmBmaRLcdt6lVagtLOQ==

GET
H2 200 aws-summit-banner.jpg
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/04/11/ 10 KB
11 KB 473ms
469ms Image
image/jpeg 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/04/11/aws-summit-banner.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

46dae536be7da54b906fd23359accbe477830bd86819a2a0e05782a1e4aa021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TkRZYAshP0CK6qusl6CMefXaQgvMDO4N
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 10692
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Apr 2022 15:59:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
etag: "acfc9ab5af24d6eaa606eabd866ed004-1"
accept-ranges: bytes
x-amz-cf-id: kIKmtZfMkJYCCgMSxZ_oMgdZ7bJwxQkj3lVrwNmuamnrmrfpyla4_A==

GET
H2 200 2022-remars-banner.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 17 KB
17 KB 535ms
531ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-remars-banner.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ea5f79ca338417cfb44161c7678865c62a1f13bced36426608fd7e08a44ce501

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: .PFJja4LGy92AHJyLmKgqJ__TyBTb5Md
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 17239
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 22:02:23 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "2ea8ac4fdbe852b3cd99bebf673b2a5f-1"
accept-ranges: bytes
x-amz-cf-id: ZZx6jb-tV6NoOFwXDSkwtJso3q922LoBZer0EdGeE5bu_KJsSJi8Vw==

GET
H2 200 2022-reinforce-banner.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 17 KB
18 KB 533ms
529ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-reinforce-banner.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ac31201bab6a5eb0f748739676d48c39ebce880c4fde2918426e3056dc82407e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: csgzaCyaG4cqP4y4H2RVv7NWi4g3iCpA
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 17584
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 22:02:55 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "914281702208c971b9cf83d41ef2c2f3-1"
accept-ranges: bytes
x-amz-cf-id: _4B0RcmUtANyAraxNxVYs2WmgjjnwT6ZN64wDZJB7SIg-CnKMITZEQ==

GET
H2 200 2022-reinvent-banner.png
d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/ 18 KB
18 KB 537ms
533ms Image
image/png 143.204.101.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2908q01vomqb2.cloudfront.net/da4b9237bacccdf19c0760cab7aec4a8359010b0/2022/05/26/2022-reinvent-banner.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ddda96fbf909e81e7f4af1337d87796aab55c037726a46aefba294f78e8c0ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: xKcN7Q.eP3WctgCIc1XB57DcSAXr4Ujm
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 18238
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 May 2022 22:04:52 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Wed, 22 Jun 2022 05:13:45 GMT
strict-transport-security: max-age=300
content-type: image/png
etag: "b29dc56362bca519e8fbb8f65d70119d-1"
accept-ranges: bytes
x-amz-cf-id: WNdulyQTu7Z7dzEgtRzvkU2B0kQY8zeU5K11Dra5eEHuZwnvL7DZQA==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6FCE 87 KB
30 KB 379ms
379ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=600&slotname=7895522530&adk=850359815&adf=2527300461&pi=t.ma~as.7895522530&w=300&lmt=1655871916&psa=0&format=300x600&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822556&bpp=1&bdt=490&idt=1037&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=3200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XWTlJxeteM&p=https%3A//www.aiupnow.com&dtd=1042

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

002748d2650fbcee145d81c283ecdd1c3a69e5dbcc1d5343985dd9a036103c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
expires: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a5c35f20-fc4c-11ea-bf7d-637e870d3191
s.yimg.com/os/creatr-uploaded-images/2020-09/ 175 KB
175 KB 144ms
48ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/creatr-uploaded-images/2020-09/a5c35f20-fc4c-11ea-bf7d-637e870d3191

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e33de29236bd945ad5963c32fd373b982e0970b3a1f784b8e7ae07d7be8c254d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 13:20:22 GMT
x-content-type-options: nosniff
age: 402804
x-amz-server-side-encryption: AES256
x-amz-storage-class: STANDARD_IA
strict-transport-security: max-age=15552000
content-length: 179043
x-amz-id-2: j06PSoN10CaF7YU5QIztwpPmcRHSl2qos8U6Fu+yQp4ia/s1ERJ9bFdtul0Wl2EA5y66nvkbEJw=
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Sep 2020 20:54:33 GMT
server: ATS
etag: "f2674983881b2078fcc17208ca7fa426"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: QE4YWWP8T9EK2F51
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=604800
x-amz-version-id: null
accept-ranges: bytes
content-type: image/jpeg

GET
H/1.1 200
OK fdad0470-fc4c-11ea-a947-18dc38fbf5d1
media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-09/ 242 KB
242 KB 580ms
222ms Image
image/jpeg 52.217.200.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-09/fdad0470-fc4c-11ea-a947-18dc38fbf5d1
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.200.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cbf52478eea923d6c8559defe2bd5ce6f23107952a3ab8056d0d2d97df20a79e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 22 Jun 2022 05:13:45 GMT
Last-Modified: Mon, 21 Sep 2020 20:57:00 GMT
Server: AmazonS3
x-amz-request-id: F48856M3T0N2B1FE
ETag: "7407eb6de1fb6ccfb8ffde0f64f2a7de"
x-amz-version-id: null
x-amz-storage-class: STANDARD_IA
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 247619
x-amz-id-2: dAifU6ZNJCg0mjKMxLoQxsJE7xaFbC9EpSZ/iUo71S9cQvktxUDnmVDlX9Wy3Au+8UeldT4vZig=

GET
H/1.1 200
OK 9c9d6c80-fc4f-11ea-afdb-ecca84ac1198
media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-09/ 198 KB
198 KB 530ms
189ms Image
image/jpeg 52.217.200.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-mbst-pub-ue1.s3.amazonaws.com/creatr-uploaded-images/2020-09/9c9d6c80-fc4f-11ea-afdb-ecca84ac1198
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.200.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17710b0cbda106bd59c9bb320d152a06bba83cfed9e8a171b4e63f48adfc0a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 22 Jun 2022 05:13:45 GMT
Last-Modified: Mon, 21 Sep 2020 21:15:46 GMT
Server: AmazonS3
x-amz-request-id: F48FRX7HZVN4PGW5
ETag: "2806512b949617bd4ea79a2998ae6f56"
x-amz-version-id: null
x-amz-storage-class: STANDARD_IA
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 202394
x-amz-id-2: HZ3PlDz736cUILSbaBVxivBY0Yo5YDUrjFzw6ZZq3eRqDysDiCtoK8XMhONN22ckp7S32NMZAEw=

GET
H2 200 cec5d390-f9cb-11ea-bbff-fdb7f71204bb
s.yimg.com/os/creatr-uploaded-images/2020-09/ 602 KB
603 KB 148ms
146ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/creatr-uploaded-images/2020-09/cec5d390-f9cb-11ea-bbff-fdb7f71204bb

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4512240dca2a59d6f18502229269f36846e194a33015ca8ca1a93a3535fb333b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 15:41:25 GMT
x-content-type-options: nosniff
age: 48740
x-amz-server-side-encryption: AES256
x-amz-storage-class: STANDARD_IA
strict-transport-security: max-age=15552000
content-length: 616800
x-amz-id-2: mTSN/oIkqhC4b07V9lve5x9UzycatGYVZZtZ1eKzJk0mEPGP4UtxuWKaOLq3dDAy5ZOw0epo7aQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Sep 2020 16:27:14 GMT
server: ATS
etag: "b714aca3e727c20fe1de572d1efec1c9"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: TKAFEDJX6Z4DQVPH
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=604800
x-amz-version-id: null
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 61de0c60-f783-11ea-bd7d-46dcedba277c
s.yimg.com/os/creatr-uploaded-images/2020-09/ 267 KB
267 KB 119ms
116ms Image
image/png 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/creatr-uploaded-images/2020-09/61de0c60-f783-11ea-bd7d-46dcedba277c

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

33fb4f945a35b6ccaf4d19c0e6d1d8ad39736c430884b7090fc0f965d3f748ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 13:44:59 GMT
x-content-type-options: nosniff
age: 55727
x-amz-server-side-encryption: AES256
x-amz-storage-class: STANDARD_IA
strict-transport-security: max-age=15552000
content-length: 273173
x-amz-id-2: WDyulYRprisxLXMmPVtOcHtH1qWn4RSyW8c26YBqIbz7bmfB5fTMyya9Ytpa8/RIbmEDmv+ldfA=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Sep 2020 18:43:46 GMT
server: ATS
etag: "72c72917d284ea57345a106ed1cf71c5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: S8GASQB5VXSNYPDZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=604800
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H2 200 dims
o.aolcdn.com/images/ 108 KB
109 KB 55ms
53ms Image
image/jpeg 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://o.aolcdn.com/images/dims?crop=3503%2C2332%2C0%2C187&quality=85&format=jpg&resize=1600%2C1065&image_uri=https%3A%2F%2Fs.yimg.com%2Fos%2Fcreatr-images%2F2020-01%2Fe948a190-2da0-11ea-9dff-b2fb563a84d3&client=a1acac3e1b3290917d92&signature=b857e71b6d8217dc50eb08e57400ef8cbd7b2188

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/8B5D) /

Resource Hash

d5adf666701b746821cc08cfa7064589419b3e1aa81e6324ddd6843e5bebf082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age: 1052255
cld_latency: 135
edge-cache-tag: 214263861983770865837665303362291958282,311762242164315631316587765202362003164,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: MISS
cld_hits: 0
x-cache: HIT
strict-transport-security: max-age=31536000
content-length: 110825
x-xss-protection: 1; mode=block
cld_by: cache-iad-kiad7000156-IAD
x-served-by: cache-wdc5554-WDC
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Nov 2021 06:43:50 GMT
server: ECAcc (ama/8B5D)
x-timer: S1636670915.453639,VS0,VE70
etag: "f94f1ff240047b54329dc3b043ced59c"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
report-to: {"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E930
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

49ms
49ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69ed8c0bb16c7e578e5d4615d8e94efca362f0da8c40a5aa7d6533e101e3e2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E930 29 B
588 B 129ms
41ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:04:42 GMT
x-content-type-options: nosniff
age: 541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Jun 2022 05:19:42 GMT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame B3B4 5 KB
3 KB 126ms
124ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5fa01422a7c2f100e0f074533baa471795211f2020cf16505db159a73031177a

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2317
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 22 Jun 2022 05:13:43 GMT
Last-Modified: Wed, 25 May 2022 14:14:49 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 5924679558986985164
tpc.googlesyndication.com/simgad/ Frame 9B9F 26 KB
27 KB 144ms
52ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5924679558986985164?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlZ7j4pnLvb7nsybrIzCHcPDKVA9g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=743980787&adf=3719817289&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822436&bpp=3&bdt=370&idt=450&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&correlator=8240063065079&frm=20&pv=2&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XbJS283sxh&p=https%3A//www.aiupnow.com&dtd=479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e8c99a55dd5ce3311904f8bcf4d2c40fc68faaf745db582b49ab6ef686b997e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 13:34:53 GMT
x-content-type-options: nosniff
age: 56330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26840
x-xss-protection: 0
last-modified: Wed, 04 May 2022 18:37:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 13:34:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 9B9F 21 KB
9 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:07:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 9B9F 3 KB
1 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:43:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 9B9F 17 KB
7 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:39:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B9F 137 KB
42 KB 249ms
151ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 9B9F 31 KB
13 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 19:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12864
x-xss-protection: 0
server: cafe
etag: 4287797001720200766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Jul 2022 19:14:55 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF75 130 KB
42 KB 413ms
412ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bbad0f690f953d77e2e20838d495d7223486afe108a75f7c4bb7b45497ce4aa

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL7vpLWmwPgCFYGBmwodV0sIsA&gqi=B6WyYrz0KpHs3wOj3bG4BA&layout=/sadbundle/%24csp%253Der3%24/6752852151195281511/300x250c/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42552
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL7vpLWmwPgCFYGBmwodV0sIsA&gqi=B6WyYrz0KpHs3wOj3bG4BA&layout=/sadbundle/%24csp%253Der3%24/6752852151195281511/300x250c/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:44 GMT
expires: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 146ms
48ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 22 Jun 2022 05:13:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E930 64 KB
29 KB 139ms
56ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5162e161256d5ed6324f83aec392da39dcb81dd20807ca87f41bf94f825cc7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30082
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/ Frame E930 119 KB
37 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3527b9e2cf0c55da2e939fed42a667268a8dc5085cdb37a5394f481e63241a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37663
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:21:58 GMT

GET
H2 200 neLWrzQQwrLuSjLunjDl8WO25FW7p4vlNGwO3v1xINA.js Show response
www.google.com/js/th/ Frame E930 36 KB
14 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/neLWrzQQwrLuSjLunjDl8WO25FW7p4vlNGwO3v1xINA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2d6af3410c2b2ee4a32ee9e30e5f163b6e455bba78be5346c0edefd7120d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 13:32:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 13:32:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/ Frame E930 27 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4874ac817fcf625e0f4b0fe8fe1201a19e31abcbde0058b5090ed88ec17a38af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8058
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:17:09 GMT

GET
H2 200 16640337254908011674
tpc.googlesyndication.com/simgad/ Frame B01A 37 KB
38 KB 69ms
69ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16640337254908011674?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkXQoAHV5r9NOzjRRRt_RU74ZntXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=8116729484&adk=3509436417&adf=3654628346&pi=t.ma~as.8116729484&w=796&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=796x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822527&bpp=2&bdt=461&idt=551&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=bH9UnLy8EL&p=https%3A//www.aiupnow.com&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2201ec5fea03d928741898605b3498b52b264d5299f52f9d5fc4ab39c7f497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 15:38:47 GMT
x-content-type-options: nosniff
age: 221696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38381
x-xss-protection: 0
last-modified: Wed, 04 May 2022 18:37:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 15:38:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame B01A 21 KB
9 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:07:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame B01A 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B01A 67 B
91 B 72ms
71ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 36835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 22 Jun 2022 18:59:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame B01A 17 KB
7 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B01A 137 KB
42 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame B01A 31 KB
13 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 19:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12864
x-xss-protection: 0
server: cafe
etag: 4287797001720200766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Jul 2022 19:14:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B9F 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBCJ2B6WyYubyAbH5gAfl3on4AqvO7t5qq-zkvP4PsJAfEAEgvfTmcGC7hoCA0AqgAeCx14QDyAECqAMByAPJBKoEgwJP0HntGTi_l_3L0VWlcFtpuaLXLUJFP9khXF_oNw81POHhcwDeVCIFT9jophIUL4Ex5s8RtkUux2Gcg3skykUhsAeOCKx0Qx8twyuTvvvhZ7cpkRgpL1BvVL-zp87icKyu1ANZi0xfllygwgOj_MCaPviFWM-lpwMi_d8FaSAzs8dgXQ8TPvonwNBW2CoSsGqZCWw6_7Xc3UU5BeIYidp7nIHKOZA3RgMvIjkomkQQ7A_vR52ToXwdfhVk7rAFHHp-sRYSuz4u7Uq8_8En8K2qk72XKdFGxFNilhmDsYzC-x6HuH0xj3DbeQfLtRvq5SyiGVZgF-DPXYTNgOK6W6a_loSBwATY-MebmgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHiM6oe6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENDSFdIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzQyMzQ3ODQzMzUxMzM4GAA&sigh=hscpemvGu0o&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=743980787&adf=3719817289&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822436&bpp=3&bdt=370&idt=450&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&correlator=8240063065079&frm=20&pv=2&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XbJS283sxh&p=https%3A//www.aiupnow.com&dtd=479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
DATA 200
OK truncated
/ Frame E930 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Q6ugQrzVSQuu1wP4xVpVB5h-gbeeTtZgGJokUIGlLZ3FqQ6Ym3ePheiv3ml9PncGdnKXu-V5vg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E930 3 KB
3 KB 391ms
303ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Q6ugQrzVSQuu1wP4xVpVB5h-gbeeTtZgGJokUIGlLZ3FqQ6Ym3ePheiv3ml9PncGdnKXu-V5vg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8a274e08d4c907f9defeaeca9e4b623e54dc6f91059af58da0499cece26366f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3326
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Jun 2022 07:35:02 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/gjVOsI0Q7TY/ Frame E930 21 KB
21 KB 279ms
185ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/gjVOsI0Q7TY/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464dd77316da80f7571d36051835a27d732db181d7817c600d9ec3d156614176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21210
x-xss-protection: 0
server: sffe
etag: "1620838483"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Jun 2022 07:13:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&tn=DIV&cls=shareaholic-cookie-consent%20shareaholic-bottom-align%20shr-no-print&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5078 0
16 B 145ms
145ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&adk=1812271804&adf=3025194257&lmt=1655871916&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&ea=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822735&bpp=1&bdt=669&idt=1103&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600%2C250x250&nras=1&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=1111

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1639 8 KB
893 B 147ms
55ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 05:04:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 05:13:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 1639 2 KB
902 B 145ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:44:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 1639 21 KB
8 KB 144ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:38:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 1639 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1639 137 KB
43 KB 138ms
100ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 1639 17 KB
7 KB 155ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H3 200 10f77a9ed5e9dbc13462adf17b625271.js Show response
www.gstatic.com/mysidia/ Frame 1639 31 KB
13 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 23:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 23:07:18 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame A6A0 68 KB
19 KB 53ms
50ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a54814460951eba9e31d24e93e2c5593251ca86d3c4cb787d2cc4c9e621d7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 12470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19764
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 01:45:53 GMT
expires: Thu, 22 Jun 2023 01:45:53 GMT
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4723 0
0 88ms
87ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5H4fB6WyYt6EA5io6gTegJzgBtepvPVmuZbMtrMN2tkeEAEgvfTmcGC7hoCA0AqgAYDD3IYDyAEJqQISTOzKE6OxPqgDAcgDAqoEmwJP0DjXvsO1lA1g0sVG8xciQJ_aFcZ6-wl3OqBQ1SF2I9Lq8frftPzEvc9omIjV521yOTTpScTo6ASiMFyundT3jrU4BkgvNAK1BZhgA9xZK7fzROklBi2JL5PAOWfqBeCDzfomeNDoM0o_EG4xu_lOAn6TBn8Jg_M1hptvJvwS6Hhod38jp0kvj87YfYdacG3DAB8U4odj82qoC_DcZroWiYNlKrY4g7mDD034u51vD9mm5WfB8w--OYLcKyF9WTuPKXbqiKwfIbJKBu1tDNv5bEl1U8xE3ZaLNQOKBVSTrijQHYLzmKkKjKtMtsPouEK0wO--7vuhsBjHgofClrqbt2z0BD_TLaKW0N0_30VCqvZtxrKz9Or6GgG3wASbjdvOwwOSBQQIBBgBkgUECAUYBKAGXYAH6LyjeagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENHLNtIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzQyMzQ3ODQzMzUxMzM4GAA&sigh=DebweIufrJ0&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB02 143 B
163 B 41ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 4723 3 KB
1 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4723 137 KB
42 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:43 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ Frame 5720 53 KB
19 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026c405fffa4011b994664f03b59a6e24e78002ef00d0d717625cb903f5751ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19114
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 15:10:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B01A 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuaiKB6WyYojqB8rZtwev3rXQBKvO7t5q8-3kvP4PsJAfEAEgvfTmcGC7hoCA0AqgAeCx14QDyAECqAMByAPJBKoEhwJP0AGwUg3g8u-HJUGi_EyK_Yz0CEpL2oHzT8mcCQIrn3IViacAAf2-c2yE9k27XMmUKfzCAESHqjUEWiSsI4Uol1IoUat-C_v8VhIiaznb9isY1-BOs2N_Ui_KZfY0bjHGaaUths21MhpANmfNF8VCjYzL-uu5UEtvPaXMiOgnK1tJVPnT4ABHgwVBQwu5Ucp0fq_Zbx4ZhV0Z0IG1wUEJQSpHXTXjz0PdLZh0jMHxfXUAAbK5AxSB0eEKi_ZhoD0IOtevFq-atvomIyj2ir2Tu7iwHn43pvT34qYKetTEMcK-aJg7XN0Ixj1sWq6AIr3m8wg-DIbpjyHPhNpKKyPwEcZPAJg4DMAE2PjHm5oEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4jOqHuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC-hhHSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTM0MjM0Nzg0MzM1MTMzOBgA&sigh=B2202ozbOiM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=8116729484&adk=3509436417&adf=3654628346&pi=t.ma~as.8116729484&w=796&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=796x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822527&bpp=2&bdt=461&idt=551&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=bH9UnLy8EL&p=https%3A//www.aiupnow.com&dtd=556
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 105 KB
19 KB 48ms
45ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f0ec6f18a1d347ae4d61b2ae846aa330c76f8ded4443b8ba484fea4cacf50d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 79174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19565
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Jun 2022 07:14:10 GMT
expires: Wed, 21 Jun 2023 07:14:10 GMT
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D6A9 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqYxGB6WyYqbEBcbV6gSF4oSAC-ay6sdpnajhnNMP0JCA7JACEAEgvfTmcGC7hoCA0AqgAduiqecCyAEJqQKtCl7YGpq0PqgDAcgDSKoEjQJP0DOWiCZrY7EGH_ZR5357mChnAHQyE7Rp0Woz19iFTZtaX0oFQFLZnGi_67KD1xuksTSvSsKz8vt1avuFH4ZcbKkey-dNYl7skx5az5x50vdK6qe4zcb3FAmmcQ1-c3HCszNfSMxWMrGhptFNY-QvCc1MxcMkXeTG9_LY3cLp6qKbgJv-LOvrLDnl429NB9h0sKip3HNml4w2pIcXQbdKV8b37KvLAURUvZ8dkarfH3PXVzA-emjGVcar0JHZSka8W162cENffGtvwcTYuBGQs6YLubghnSBTY88MOB_lS7W8OLn6ifDC2U16KZgCBtkpd4a58-P9sq5jZDQCTnWpnMGQgi-m-oroQnVhhcAEgquO7_YDkgUECAQYAZIFBAgFGASgBi6AB43d1pgBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQv9sN0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=aA_TCEDP7GQ&uach_m=[UACH]&template_id=419

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=199&slotname=2753253361&adk=2690295274&adf=1186251620&pi=t.ma~as.2753253361&w=796&fwrn=4&lmt=1655871916&rafmt=11&psa=0&format=796x199&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822515&bpp=2&bdt=449&idt=521&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bXgWnLKusC&p=https%3A//www.aiupnow.com&dtd=525
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame D6A9 21 KB
8 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=199&slotname=2753253361&adk=2690295274&adf=1186251620&pi=t.ma~as.2753253361&w=796&fwrn=4&lmt=1655871916&rafmt=11&psa=0&format=796x199&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822515&bpp=2&bdt=449&idt=521&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bXgWnLKusC&p=https%3A//www.aiupnow.com&dtd=525

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:38:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame D6A9 3 KB
1 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6A9 137 KB
42 KB 162ms
74ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame D6A9 17 KB
7 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1639 0
0 119ms
118ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C073HB6WyYuCjBJip6gS66reID4i5ueFqwIfY0O8P__WQ49cCEAEgvfTmcGC7hoCA0AqgAavVtLsCyAEBqAMByAPLBKoElAJP0F3_mNSiu3x73fAdJtLdjT_vEWjbUxMrCiXGT4i2nT8NH16wf7dQTXYdgV5XfORAjPdx4Ye9NZcn2oLGb20mCgZRIYyT1rVnQ8tlUYzmeRSfZQCUaT3nzxldN8WiZNF4oaFIRkbfQpOFNUU8uzKIPQLaaDjK72khoqbPiE7I9yn5NtIHM1Pc3G7bhaNaooNMRy_B7OpDEhc8Np7OTClmUZDDwykG8ho3J5WrHWttdT3F-dyAenx-TK-gHhdKJGC1q8ClM_4wi0oqJUg1oW5wBJ77wR59GOYs61neVMqD19ugvQM35X8gW_k1OEAru1RCY4t6y4hhR1bXqw_FkCMD338a0BLBWA5sPlytzYrxuYYZ4VfABLzdqYigA5IFBAgEGAGSBQQIBRgEgAfQ5MvEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENrKGNIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=A3IyAkz_77I&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 58 B
505 B 54ms
54ms XHR
text/javascript 34.246.24.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.24.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-24-138.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6505d031783d578dfe255734a48c9771e28a082c7b20ac05e612a17afa16dae

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 22 Jun 2022 05:13:43 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.aiupnow.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 58
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 default Show response
www.aiupnow.com/feeds/posts/ 68 KB
21 KB 957ms
955ms XHR
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aiupnow.com/feeds/posts/default?alt=json-in-script&start-index=9&max-results=1&callback=jQuery111005363202088067898_1655874822413&_=1655874822417

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

a0ea6b15fcfc74d8e8140eff696c693807a2c51540cb13e022a6f80ac70ef94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 04:25:16 GMT
server: blogger-renderd
etag: W/"ad171ab08514a3461653d2cffd182672158d076ab35a3962af51ac7549084c19"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 21230
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:45 GMT

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js Show response
c.disquscdn.com/next/embed/ Frame DC66 282 KB
93 KB 54ms
52ms Script
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5474557
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: uSAc1Nd1QnR_kaXPgALNoBpJjloDPP5JuBDBxhRk1pMkKJKAa8Z-Tw==
x-cache-hits: 0

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1801.004-3.025/ 233 KB
38 KB 49ms
48ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1801.004-3.025/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed37ba87617b2811a867ec611261f201a5628a499d15116bfbcf476c9770266b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71f27f133dcbe59b-MAN
date: Wed, 22 Jun 2022 05:13:44 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 12:33:08 GMT
server: cloudflare
age: 11815
etag: W/"3a22e-5e1e04e72644c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Fri, 22 Jul 2022 01:56:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 323B 4 KB
621 B 60ms
59ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=1202543000&adf=1574894575&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822552&bpp=2&bdt=486&idt=836&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gCuemFMkvj&p=https%3A//www.aiupnow.com&dtd=843

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 04:46:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 05:13:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 323B 2 KB
902 B 49ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:44:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 323B 21 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:38:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 323B 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 323B 17 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 323B 0
0 141ms
55ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDuekKTLCj_smcJYrFGCiKKS_ZlCOX7W75bGTJJ_pwrI14YqtOAP1PqAM7w4e7Fa5j42V3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=1202543000&adf=1574894575&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822552&bpp=2&bdt=486&idt=836&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gCuemFMkvj&p=https%3A//www.aiupnow.com&dtd=843
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 323B 137 KB
42 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 10f77a9ed5e9dbc13462adf17b625271.js Show response
www.gstatic.com/mysidia/ Frame 323B 31 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 23:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 23:07:18 GMT

GET
H3 200 1887152785946075466
tpc.googlesyndication.com/simgad/ Frame DE8F 26 KB
26 KB 42ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1887152785946075466?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkq4SKzNxDOv6_uZG_6gi7TjPmPSA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

960b8d173d23088824bfe7dfe8c3bc7eee45b7d66d3496da92ea4166566d807e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 01:56:22 GMT
x-content-type-options: nosniff
age: 443842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26920
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 15:29:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Jun 2023 01:56:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame DE8F 21 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:38:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame DE8F 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame DE8F 17 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE8F 137 KB
42 KB 404ms
403ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame DE8F 31 KB
13 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 19:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12864
x-xss-protection: 0
server: cafe
etag: 4287797001720200766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Jul 2022 19:14:55 GMT

GET
H2 200 recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js Show response
c.disquscdn.com/next/recommendations/ Frame B3B4 923 B
1 KB 42ms
42ms Script
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5474546
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: -tqWD1uGZ3mJ3Q3FX5V2vFRuvCEHDASXAlrMB7oujFPKaK0RovoNnQ==
x-cache-hits: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6FCE 8 KB
893 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=600&slotname=7895522530&adk=850359815&adf=2527300461&pi=t.ma~as.7895522530&w=300&lmt=1655871916&psa=0&format=300x600&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822556&bpp=1&bdt=490&idt=1037&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=3200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XWTlJxeteM&p=https%3A//www.aiupnow.com&dtd=1042

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 03:39:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 05:13:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 6FCE 2 KB
902 B 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:44:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 6FCE 21 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:38:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 6FCE 3 KB
1 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 05:10:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FCE 137 KB
42 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 6FCE 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6FCE 0
0 63ms
62ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUSxH5k8Q8YayfZDpV5TazND7zxj3CemTcHwleZG0keiAVVXpC43j-XFIXInu-wAUo56n_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=600&slotname=7895522530&adk=850359815&adf=2527300461&pi=t.ma~as.7895522530&w=300&lmt=1655871916&psa=0&format=300x600&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822556&bpp=1&bdt=490&idt=1037&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=3200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XWTlJxeteM&p=https%3A//www.aiupnow.com&dtd=1042
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 10f77a9ed5e9dbc13462adf17b625271.js Show response
www.gstatic.com/mysidia/ Frame 6FCE 31 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 23:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 23:07:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D487 143 B
163 B 41ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=743980787&adf=3719817289&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822436&bpp=3&bdt=370&idt=450&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&correlator=8240063065079&frm=20&pv=2&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=655&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=XbJS283sxh&p=https%3A//www.aiupnow.com&dtd=479
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 323B 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcsKFB6WyYo6kG4fB6gS7m6a4A4aLg6xqvdy28tUPicf93wUQASC99OZwYLuGgIDQCqABmNfz_APIAQmoAwHIA8sEqgSCAk_QscxYu1Dip-C1ffrOTjSBTznMKU_AwrGdIVsVuclh0woLxwa57jFzGrlcSohUnva-aPJBqd6UHSHGY_O-Q9C-6FU88jLaQbGX6maC2yiurHXRaq0v0JzkuGTQ18CmR7tPPk_yEZ0nwXkrKahpTPVQANkDw4yGmQ82ExUkd85euyJ-px5VRKktHjhS_zD32aP7lpWQFCwgaFsOlBX04ScVI0ldCSMaBKEfOJuWvg9vgeFiC2CuQ63fX78my_UbojO2M-BgV9LJe0HuujugizhoSdP-iFbloXWm04iL95EM2dc-AbNYShVcBdEoXPgv-mNkU-5lItNXWt2mgNyLdi9bbsAE4M_i6I0EkgUECAQYAZIFBAgFGASgBi6AB4vIpnmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDitQjSCAkIgOGAcBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=_O8OZz-jkWM&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=1202543000&adf=1574894575&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822552&bpp=2&bdt=486&idt=836&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gCuemFMkvj&p=https%3A//www.aiupnow.com&dtd=843
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A6A0 3 KB
625 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:700|Rubik:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b98b086ba4ad8110fba7fcb3bf7f9873d52d7156da37d7ebeb72fc33963cb465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 05:13:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 05:13:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A6A0 16 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Jun 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A6A0 26 KB
10 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:13:42 GMT

GET
DATA 200
OK truncated
/ Frame 9B9F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6420d39f4dbb6fdad1b669c6a3afc1ffdfa0d53483598f5f31972bfc4d550cec

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10989225533949171697/ Frame 323B 23 KB
23 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10989225533949171697/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336d1424330028b2e93fc06bf8b8c738a06232c52b3f16323a2c523d952a95e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 08:49:58 GMT
x-content-type-options: nosniff
age: 591826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23633
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 23:28:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Jun 2023 08:49:58 GMT

GET
DATA 200
OK truncated
/ Frame 323B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB76 143 B
163 B 58ms
57ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=8116729484&adk=3509436417&adf=3654628346&pi=t.ma~as.8116729484&w=796&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=796x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822527&bpp=2&bdt=461&idt=551&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=bH9UnLy8EL&p=https%3A//www.aiupnow.com&dtd=556
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 50D1 16 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Jun 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 50D1 26 KB
10 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:13:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB70 143 B
163 B 60ms
59ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=199&slotname=2753253361&adk=2690295274&adf=1186251620&pi=t.ma~as.2753253361&w=796&fwrn=4&lmt=1655871916&rafmt=11&psa=0&format=796x199&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822515&bpp=2&bdt=449&idt=521&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1916&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bXgWnLKusC&p=https%3A//www.aiupnow.com&dtd=525
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B01A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79c1eaad20196eec6bda4543394a169600b0295061c659f5c422f4156f7094ca

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE8F 0
0 94ms
93ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3zfrB6WyYpr3E5aA78EP-vCB4APls97Uauu-kuC4D8CNtwEQASC99OZwYLuGgIDQCqABnai9owPIAQKpAp2d68qPdXo-qAMByAPJBKoElAJP0AuxoIE3Re9mUFmZUP7xTblvUgCmSrer0j3GlkA9pltlyonjapDkFZVw_gdHEruzcUJbwOnTV0QQNToZtmVg3E9jTP1VtoO4LoAEIgO7E8gWA-O1-la-M_hCDjyjTDNsqPb4avjJF9YFCzmB9RM3ltvOofteIHgVYDfCMIAlLT1OhxPgT1TRtT5akaV5eKYbgl8JmMeU_Qf44XexSPZ_BtW-HQX7RP057BojDPIO1UKPdAGFQUDbNsqm-5rnE-AS_tzZlDgPgdwBR2-Cw8-Yp6eDDDHF0FUPKNvumFlNd5CSskEsQeBIuUi5fj1QtOg61YRa0ZJi56mS-t8R1yifydnvGBwp1lZXbP79EEn4dL2cuL3ABLOvqKn1A5IFBAgEGAGSBQQIBRgEoAYCgAfL18JcqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8MgZ0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=VjdJWxQwS2U&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205270638000/ Frame 9869 220 KB
61 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61483
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 09:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c2451425189fb5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 09:06:02 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ Frame 9869 14 KB
5 KB 202ms
110ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5195
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 09:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4bef18b80ae165d1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 09:06:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ Frame 9869 94 KB
28 KB 206ms
114ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28898
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 09:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7ca71f15d9979237"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 09:06:02 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ Frame 9869 72 KB
16 KB 230ms
138ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b23275e1021906d556f67911e5b3e069aa10746fc268966d38a5081ea0e31a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 24982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16656
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 22:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a3bcd022317ada14"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 22:17:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ Frame 9869 5 KB
2 KB 223ms
131ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 09:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67a7e3dd539afea9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 09:06:02 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ Frame 9869 40 KB
13 KB 224ms
133ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 09:06:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8dbbd2e5c9e4f2da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 09:06:02 GMT

GET
DATA 200
OK truncated
/ Frame 9869 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90dc359b64614e16a8d5ed0292a0bc968915bf74cfc0319d01e08aa60b36ec39

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 300x250_BG.gif
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 80 KB
80 KB 58ms
58ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/300x250_BG.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5adf29ad6219a93a979c63d03aa91a9752a5c534eafd39d89b8aae7abcda74b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 04:04:41 GMT
x-content-type-options: nosniff
age: 176943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82325
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Jun 2023 04:04:41 GMT

GET
H3 200 watch.png
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 25 KB
25 KB 42ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/watch.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d9e31c4270e4f2a48372accca6dc66e405f5f70381daac97751cbe3615254f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 04:04:41 GMT
x-content-type-options: nosniff
age: 176943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25243
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Jun 2023 04:04:41 GMT

GET
H3 200 Shop-now.png
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 908 B
942 B 54ms
54ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/Shop-now.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9748a7cf008db812f02487bcbc8e0cb7985359fb5317326a577061b4f838e983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 04:04:41 GMT
x-content-type-options: nosniff
age: 176943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 908
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Jun 2023 04:04:41 GMT

GET
H3 200 frame-1.png
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 2 KB
2 KB 61ms
61ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/frame-1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a5f381652e48eaff4120d5df8cc600ce1f4c9ba33cca6f60b81c5bd80c7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 10:54:35 GMT
x-content-type-options: nosniff
age: 65949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2097
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 10:54:35 GMT

GET
H3 200 frame-2.png
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 1 KB
1 KB 62ms
61ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/frame-2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a35dfd0fbddea69f4dd538f574f7355d24443d293dd9cd13d1bd9d2474ac7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 10:54:35 GMT
x-content-type-options: nosniff
age: 65949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 10:54:35 GMT

GET
H3 200 frame-3.png
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 6 KB
6 KB 63ms
62ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/frame-3.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a538c00fabae6f169ee92f2deecbc0e2dfda05f8ccbfa75e6e136d2a43b74ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 10:54:35 GMT
x-content-type-options: nosniff
age: 65949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6274
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 10:54:35 GMT

GET
H3 200 frame-4.png
tpc.googlesyndication.com/sadbundle/17792460012017629183/ Frame 9869 1 KB
1 KB 67ms
67ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/17792460012017629183/frame-4.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896051fd2bad2ada3b6bac1baf64b020caca491bfbf6a80a5f032508b937ebca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 10:54:35 GMT
x-content-type-options: nosniff
age: 65949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:43:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 10:54:35 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9869 2 KB
2 KB 68ms
67ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 36836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 22 Jun 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9869 295 B
325 B 61ms
61ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 84610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:43:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9869 0
17 B 85ms
85ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnU92B6WyYsGQF9Ho6gTamI2oBJiW7Ydq4fGC7JAPtMylw8obEAEgvfTmcGC7hoCA0AqgAfvQjs0DyAEJqQIrv20h5Yu0PqgDAcgDCKoEhQJP0JKd1VzU90HoRdDOi5yN0yvh2WuYyW7ijdUedmqCWafyXY6ZfBcNvlYQMPtaZG5N0pLt2ixOxrA8v5AF4XJi2XfHl4ZsteafCDbK5sR-O_r9bSUa9KmI70jwbPFFGpdAN15yU9V3WgeoDnbIrXafgIfBo16pbwifXKc3-kqIRv2EFKSYbUpeyxzvuMcUH7DU9wl_5F_p2wAUmyNg9uYzKEe9UUdijaGEY2ATixMo5iEa_kDr_9-MEgEl57bwBFT5OZnGyrFreAaZTCf-IOwncyio0pXa68NiHoqD2-Bkw_yozpyYMVh6ag7asUiXwkD7EYRJqeEO_pma3VtLExeyDarPinrABKbAkYufA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeg6J4TqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0MQX0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=ImH-MajB9kc&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=906162475&adf=202107447&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822548&bpp=3&bdt=482&idt=774&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=PASHnsUd5M&p=https%3A//www.aiupnow.com&dtd=778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6FCE 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmDy5B6WyYuqyJ6SFwuIP7N2o2A7xjJ_naLSRv7uvENrZHhABIL305nBgu4aAgNAKoAGckpnmA8gBAakCEkzsyhOjsT6oAwHIA8sEqgSRAk_QgN2_xtl2zQKuXiH1YZqUgsuuOP_NhCmaAY1MJbSXoF6dJdsuPjaHdfaZSQmcV7XLeW4XN_FnPzD8NY5_14ehkYQBZtBeyYumfhF-0ic57N23GnMOJ0WoTU-sz5EMaqeKM7WgIzhh0nvWaJUFK6-59A_Br6TkWE3ed7SZe5MGvojW-xKiIcsZXkTW_rq_Mg7KjfHCI7fyhejFbtO8zOqJyh8hfP8B6bf4m9d5A2Nw0KCKkiyC0sCiB2wPInB6ZJVtHxODHyma2hmZiE-sdFt-uCCf6UO3nPDxbKW1bOQ4vr4BMKJkLuzp44j35VqMB1wXm60pgfr2AgnXxG2J8FBc2ZP7iEJQcTekGbyX0LnYDsAEqLHW8dUDkgUECAQYAZIFBAgFGASgBi6AB8zt5hmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDeygvSCAkIgOGAcBABGB-ACgHICwG4E50n2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=OaKrm05p8pw&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=600&slotname=7895522530&adk=850359815&adf=2527300461&pi=t.ma~as.7895522530&w=300&lmt=1655871916&psa=0&format=300x600&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822556&bpp=1&bdt=490&idt=1037&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=3200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XWTlJxeteM&p=https%3A//www.aiupnow.com&dtd=1042
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7003 143 B
163 B 51ms
47ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1639 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32d4a5a4b4a42c2a460592095881d285b086322933f41a1a8dd1c07a251ba2a7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1241730724350375616/ Frame 6FCE 3 KB
3 KB 44ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1241730724350375616/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d9eada2b65ec1b8c5cd4f64b524db4551da51e6ef7273dc042d7a155e0ebc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 05:32:34 GMT
x-content-type-options: nosniff
age: 171670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2641
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 17:29:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Jun 2023 05:32:34 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6078017111935314722/ Frame 6FCE 14 KB
14 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6078017111935314722/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c17e10d965fb763c47cfd9ca3066b811b0decbe8fb17caada607b0de90f895e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 06:05:03 GMT
x-content-type-options: nosniff
age: 428921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14314
x-xss-protection: 0
last-modified: Wed, 11 May 2022 12:51:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Jun 2023 06:05:03 GMT

GET
DATA 200
OK truncated
/ Frame 6FCE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6c503f9233c127fe8f2b8aac650e8bf29bbe042622f18852964aa27c81768a8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6FCE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/ Frame E95E 31 KB
7 KB 42ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731c5ba43396ee2e1bdf7d3068a2f88f9e806bd4390ec83f1ae46f90d4f01c30

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 224734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 7039
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 14:48:10 GMT
expires: Mon, 19 Jun 2023 14:48:10 GMT
last-modified: Wed, 04 May 2022 19:19:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FE20 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2KaSB6WyYv7PLIGD7gTXlqGAC5SHuLVq5ebP8uYP-Pv9w48OEAEgvfTmcGC7hoCA0AqgAaa4xNEDyAEJqAMByANIqgSMAk_Q6YYIQHzriVb04a2t9YRsAJmspmnh9atLczQP7XmjE_os0DTHKUGkxwCkuFcNbvvKLsEw2G-uk3g074sQhcG9xWmglFJQa9PKzK2ixTg5GIuUr026BsD5PXPo8Epx7vLMr5jq_jO0FcvYWoKjsERRjowIalbk4v3j9b6vdt3Vrni3i0qciwCofbF60eJzFXUd2sMD_sqlgET3IZWQ7vtx8N8NV2ShGMaeI7LmyMLTgHZzgcpXoaFVTBAJvG9bZ7sxWIu0VV74sFESynGiKEHejXglLLjFPFVN6idBjJ0_BfAz7eBTJyvCPrWSAlmWNDJtEHvdtxcT_Tn7D6TPrBWixoO12UkkSr9wuT_ABJ3f0dDdA5IFBAgEGAGSBQQIBRgEoAYugAfCx7suqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4KcD0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzNDIzNDc4NDMzNTEzMzgYAA&sigh=_Frb3UyX_6U&uach_m=[UACH]&template_id=419

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 22 Jun 2022 05:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame FE20 21 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874a9021e27d128e4f05770a3cdef0fe3d923fc9604634e629d16ee32aba61be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 03:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: cafe
etag: 24672940107833240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 03:53:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame FE20 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:14:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE20 137 KB
42 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame FE20 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:47:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FE20 0
0 48ms
48ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvroAKcAVkuUteCl1voo5TjXCEFwKhMvZspebRfPu0_SGMU7pzU5CtrEgppXtLNVhEY9zk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1639 28 KB
28 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 549410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:36:54 GMT

GET
DATA 200
OK truncated
/ Frame 323B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3c5a87bfc7c6e76d6a4c6d14f16bf5e87de8153239266978b5c0127af33d7d9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D6A9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d912180005b1bd9339ec5808cb6090877830c1164236d0d340ce7dd50b3c37

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 how-inflation-impacts-businesses.png
media.smallbiztrends.com/2022/06/ 193 KB
194 KB 56ms
55ms Image
image/png 2606:4700:10::6816:2449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.smallbiztrends.com/2022/06/how-inflation-impacts-businesses.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2449 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d6b7e4c2c5f0953c5a3d8c86cf76fef87f07d68825eee9382812d22c95ee415

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 67641
cf-polished: status=not_needed
cf-ray: 71f27f184ac001fc-ZRH
x-cache: Hit from cloudfront
content-length: 197822
last-modified: Fri, 17 Jun 2022 12:29:56 GMT
server: cloudflare
etag: "b3ecb71b8b013a89e676465d896e7c73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: NKIDF3qw6gmOVbAJRc6tymZjlls5he8J
cache-control: max-age=2678400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: OfR_-h45npuCld2_SPqNu9_n3iO_eFuh81knnhvfJPx0OBWyOCSaZg==
cf-bgj: imgq:85,h2pri

GET
H2 200 nth.png
3.bp.blogspot.com/-Yw8BIuvwoSQ/VsjkCIMoltI/AAAAAAAAC4c/s55PW6xEKn0/s1600-r/ 3 KB
3 KB 56ms
42ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Yw8BIuvwoSQ/VsjkCIMoltI/AAAAAAAAC4c/s55PW6xEKn0/s1600-r/nth.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f4b70c4cd11d64db7c587fa68ed12651b684fe2e78a9a9d46812f89beb496acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 02:58:25 GMT
x-content-type-options: nosniff
age: 8120
content-disposition: inline;filename="nth.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3362
x-xss-protection: 0
server: fife
etag: "vb88"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Dec 2021 15:00:37 GMT

GET
H2 200 Best-POS-system-bars-2022-300x200.jpeg.optimal.jpeg
s37564.pcdn.co/wp-content/uploads/2022/06/ 14 KB
15 KB 145ms
48ms Image
image/jpeg 143.204.89.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s37564.pcdn.co/wp-content/uploads/2022/06/Best-POS-system-bars-2022-300x200.jpeg.optimal.jpeg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-48.fra50.r.cloudfront.net

Software

Pagely-ARES/1.10.7 /

Resource Hash

bf82e2f08d169157ce9dd36ba3317d1643e0235a0d2a11c4c88b89f828248a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 15:13:09 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 50436
x-cache: Hit from cloudfront
content-length: 14839
x-xss-protection: 1; mode=block
x-gateway-cache-status: MISS
x-gateway-request-id: a3a7591fb49c63cdc8ccfa4cf2db1f93
server: Pagely-ARES/1.10.7
etag: "534b6c92bdf6b3f2d6eb5797487feed63bad3154"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 0
x-gateway-cache-key: 1655816694.066||https|smallbusiness.co.uk||/wp-content/uploads/2022/06/Best-POS-system-bars-2022-300x200.jpeg.optimal.jpeg
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
x-amz-cf-id: ywkRxM0cGy2EymIeU9tbGufD7EtdTu6rKeJIFMRoPmSWlKWBJ1AtQw==
expires: Wed, 21 Jun 2023 15:13:09 GMT

GET
H3 200 SmallBusinessTrends
feeds.feedburner.com/~ff/ 1 KB
1 KB 157ms
156ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/SmallBusinessTrends?i=ChFYLI4sz84:hJQE1Ml9cv0:F7zBnMyn0Lo

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e90e08d8a22b844f2702324b2dabe4db40b99a5046caeb23cca6bd85394b175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
x-content-type-options: nosniff
server: GSE
etag: GIgtavs8EhMZPhoLHv+mnXcrvqA
content-type: image/gif
cache-control: max-age=899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1058
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 05:28:45 GMT

GET
H3 200 SmallBusinessTrends
feeds.feedburner.com/~ff/ 997 B
1015 B 67ms
67ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/SmallBusinessTrends?d=yIl2AUoC8zA

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6991b0dfb02f46e2bb00808bd3eaaf97cfb4caa209a24ceb5a5c3482b091d6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
x-content-type-options: nosniff
server: GSE
etag: Kg31R1CGIqw4HTZpTQkVWDFniR0
content-type: image/gif
cache-control: max-age=72958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 997
x-xss-protection: 1; mode=block
expires: Thu, 23 Jun 2022 01:29:43 GMT

GET
H3 200 SmallBusinessTrends
feeds.feedburner.com/~ff/ 1 KB
1 KB 154ms
153ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/SmallBusinessTrends?i=ChFYLI4sz84:hJQE1Ml9cv0:D7DqB2pKExk

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b033a45e2be62a90dc3247d1976967ad3be3adf4a187496852438307c0311fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
x-content-type-options: nosniff
server: GSE
etag: /YcdS/4hQ3DXKZqPMAbTiIhkYSI
content-type: image/gif
cache-control: max-age=899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 05:28:45 GMT

GET
H3 200 SmallBusinessTrends
feeds.feedburner.com/~ff/ 43 B
60 B 155ms
154ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feeds.feedburner.com/~ff/SmallBusinessTrends?i=ChFYLI4sz84:hJQE1Ml9cv0:gIN9vFwOqvQ

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
x-content-type-options: nosniff
server: GSE
etag: 0
content-type: image/gif
cache-control: max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22 Jun 2022 05:28:45 GMT

GET
H2 200 Best-POS-system-bars-2022-1024x683.jpeg.optimal.jpeg
s37564.pcdn.co/wp-content/uploads/2022/06/ 94 KB
95 KB 151ms
60ms Image
image/jpeg 143.204.89.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s37564.pcdn.co/wp-content/uploads/2022/06/Best-POS-system-bars-2022-1024x683.jpeg.optimal.jpeg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-48.fra50.r.cloudfront.net

Software

Pagely-ARES/1.10.7 /

Resource Hash

9731fe9baf267ca8881398308237ffb11a3809fb79fae3af296131291464cc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:54:04 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 40781
x-cache: Hit from cloudfront
content-length: 96114
x-xss-protection: 1; mode=block
x-gateway-cache-status: MISS
x-gateway-request-id: 1e5bd143fc020c71e87a3f79a6af69fc
server: Pagely-ARES/1.10.7
etag: "d9bdc7224079b60cf62a85b494a73d722cecda8a"
x-frame-options: SAMEORIGIN
x-gateway-skip-cache: 0
x-gateway-cache-key: 1655816694.066||https|smallbusiness.co.uk||/wp-content/uploads/2022/06/Best-POS-system-bars-2022-1024x683.jpeg.optimal.jpeg
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA50-C1
content-type: image/jpeg
x-amz-cf-id: F-24zz7SnweUaIKd2yg5uub7VLf2865F-oVp3Ziq3GGJn0h9oAfvdQ==
expires: Wed, 21 Jun 2023 17:54:04 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame E930 0
9 B 40ms
39ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gc21IA
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 4723 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:02:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 09AE 143 B
163 B 40ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 k0mtnwaPiJWk8CavAZCSyiiuy4U.js Show response
snd.click/cdn-cgi/apps/head/ Frame 0AB9 7 KB
3 KB 143ms
71ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/cdn-cgi/apps/head/k0mtnwaPiJWk8CavAZCSyiiuy4U.js
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f21406615f1546dd9ced7d75db04dffb75609a92a35f835405784c78119447

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16388637
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31KYZ1HH3TZ556FR
x-amz-id-2: 0R6Wca3ll0GVsNFJ0J7Om7wcEeCZqxNOPFejMjLMyKc6gDSWO/3mWKAuvWpVFjxRs4vOJS65huc=
last-modified: Mon, 21 Oct 2019 15:01:53 GMT
server: cloudflare
etag: W/"7031c38f280b4d0118a771a4d493828b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7S01gsnOdxNF%2FeLbWb5NHrm71Imv%2BaJY92n0ZTv2KMQMNffmlXrbPQJ4QN3%2B0mmpJwfEPvYvxZdUHFJMRRmVPLVp2mtLzFuXx2UUCpLvwy9b%2BNbW4jiYy92hzxEgj0NtPXfjXGRYY30%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6YU3RAlWGj1iJUnxcHmzNeblwGRVBezJ
cf-ray: 71f27f197d9783af-MXP

GET
H3 200 css
fonts.googleapis.com/ Frame 0AB9 7 KB
756 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu|Open+Sans:400,600

Requested by

Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5915d19663759c92cdc204faf60abb9ad2f915c26aa132553138cd3d2a475ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 05:13:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 05:13:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 05:13:45 GMT

GET
H3 200 bootstrap.min.css
snd.click/frameworks/bootstrap/css/ Frame 0AB9 152 KB
24 KB 140ms
73ms Stylesheet
text/css 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/frameworks/bootstrap/css/bootstrap.min.css
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 May 2021 13:25:00 GMT
server: cloudflare
age: 823868
etag: W/"609d28ac-2606e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xin66mZwEVcm%2B%2Bzb8S1BR13QKiySxteqRI2jYvuhEami91wS%2BJpTYoLTwqf%2FP2M31fHwSYQ6dh0pgJ3eVPjg5WJf%2FiU0SRZUUZvt%2FKYFiJCQIk30a57yKyDouM5E5WbZvlIYyjkGjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f197d9c83af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.min.css
snd.click/landing/css/ Frame 0AB9 9 KB
3 KB 264ms
198ms Stylesheet
text/css 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/css/style.min.css?id=cecc8f3ce54a139a39cf
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cf34d605f353037a0ab53e0d1abfe48d1c54263e5e763c23366e77d45960bfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 25 Oct 2021 13:56:45 GMT
server: cloudflare
etag: W/"6176b79d-2326"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWcvliq92EG2BS3By%2FdT3H271DdDwXz54vH%2Bto6M93H1kGDKC660XFHKDJtqlgUf7hcAhba%2BRymOAHfJC5zPqk3PUkqdADzA%2BF%2BCuOmT7ruESYbvybu%2Bwr%2BEZ8OkgxPIJQed0tNXTWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f197d9983af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 play.png
snd.click/landing/img/ Frame 0AB9 51 KB
52 KB 70ms
70ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/landing/img/play.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07820f0ee3e5c253462bade268025f7712fdf14c0821fdaeb25040791fca9e4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1400471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52519
last-modified: Tue, 11 Jun 2019 11:54:48 GMT
server: cloudflare
etag: "5cff9688-cd27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jj62U1ZEgqsK2NBCj853WtjJUV%2FAHp65b4QqqH5Y1OCCkcd45fdbZZ5FacSeyznlGcekEdJViqHASRCOg6Reca5ptv7ygRsyUk0W9T%2B3A9qFeebNAOPcBx%2F3wf7VgskEUiSctufDcSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1bf90583af-MXP

GET
H/1.1 200
OK ab67616d0000b273b44a889766069a5020b316e0
i.scdn.co/image/ Frame 0AB9 121 KB
121 KB 102ms
28ms Image
image/jpeg 2a04:4e42:f::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67616d0000b273b44a889766069a5020b316e0
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:f::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a5a22d776fce4072b2a71ac14dc467a9da67a084c8c06d02412d3ae6a29a339

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:45 GMT
Last-Modified: Thu, 12 May 2022 07:07:42 GMT
Age: 595636
ETag: "75b5ccf58d34e98ad16493939cfc2530"
X-Served-By: cache-ord1726-ORD, cache-chi-kigq8000086-CHI, cache-lhr7371-LHR
X-Cache: MISS, HIT, HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 123817
X-Cache-Hits: 0, 1, 1

GET
H3 200 9_1560249795_youtube.png
snd.click/storage/platforms/ Frame 0AB9 8 KB
9 KB 75ms
72ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/9_1560249795_youtube.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29fe732a3a3512aedec5358e02eee2156a1b783cbc27ac7ed3a023c0b8cf507f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1796997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8256
last-modified: Tue, 11 Jun 2019 10:43:15 GMT
server: cloudflare
etag: "5cff85c3-2040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxgglO8%2F158SeXNzmb%2BNgXNjEySEoaR2Se5DfZ43XlXiP73duZsgOXK1tB9IBvytwWQeP2jKsCPnSKBo9q2U9%2B5vsykbzDjJ1t0Vym6WXkaFyH%2FM79nGAbVRId2idNwYwdKsSOYSlgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda3083af-MXP

GET
H3 200 6_1629198382_spotify.png
snd.click/storage/platforms/ Frame 0AB9 5 KB
5 KB 73ms
69ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/6_1629198382_spotify.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2b259176d1712ca42f68767b3dc61a2a2385fbb48ba3a7e5b587910e50d642

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2536086
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5041
last-modified: Tue, 17 Aug 2021 11:06:22 GMT
server: cloudflare
etag: "611b982e-13b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uughFrQ0w7AkaJUJ9dOrqk8bp%2Bpj%2BEl6YfXm7fX4SRf8fpZ4UubA%2FVlnb6hhizSFrSsmSzv9HC0kWCwIfjc68SPBnsBW%2FiO37EQC9P5kq6iTQUechcBeeFOzhHtfDwLJtrbVPXfr4RE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda3583af-MXP

GET
H3 200 11_1619597220_apple_music_logo.png
snd.click/storage/platforms/ Frame 0AB9 6 KB
6 KB 170ms
166ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/11_1619597220_apple_music_logo.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fc9e14f36c6590ef42bc2eec54e925cf573a2656de164817ba40c67bc71a5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Apr 2021 08:07:00 GMT
server: cloudflare
etag: "608917a4-17d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wND1tnf9aztlQjzVXy3jKvFaxWB3cZN4qNSreyjhnyw1n2qcV%2BvOwJGr5aG6fqiFjD4ycB6uzRJQrTdaxCRbAMkmB9EGHORxeSFQzyrv8ywyJ9sS8bC0HMLbFXcd7fznATkNQnjIQxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda3683af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6100

GET
H3 200 19_1629199063_pandora.png
snd.click/storage/platforms/ Frame 0AB9 3 KB
4 KB 172ms
168ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/19_1629199063_pandora.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c90b7e832a212a6390a5ec8c2c1161bda9375fb414ad87bfea2e282d2284be79

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 11:17:43 GMT
server: cloudflare
etag: "611b9ad7-bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PhMVWetqc6BJI21Sgd%2FmnzR77xOCP73wg41dtFwuUba2hxpWUuyLOXbv6bT%2B8TcvnEIwbpDL9g5uQWwAdToVRSuVha8B1Lr6y3M99%2FJhznaZrdgfSa8RiLjBLRSpd6tQ4hPPgczov0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda3783af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3062

GET
H3 200 47_1629202649_qobuz.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
7 KB 203ms
198ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/47_1629202649_qobuz.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9222037993e442ba70d3b56378f359c8c37b8e2cadfb301735de27bd0ea24635

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 12:17:29 GMT
server: cloudflare
etag: "611ba8d9-1a44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQZTYg2PGDS%2FeYBXRcOxGd8uyRjzAuO6IfACHG%2F0En3LZlNuvmB%2BucV4ZIEQCvyqeCLQ%2FiAF5Fk%2F3Wy8iqRozcDHXS3PssIAror%2FHU%2FleLXQWE48VMTrYDebQA3WrGpn7pzlr4z48sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda3983af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6724

GET
H3 200 12_1629198849_deezer.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
8 KB 138ms
133ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/12_1629198849_deezer.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa0d1383cd6184c9654b458ceb23a3ad8c700d98cab32478b805e385efd97af0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7419
last-modified: Tue, 17 Aug 2021 11:14:09 GMT
server: cloudflare
etag: "611b9a01-1cfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upg9eLyyrgKb%2BlDY9unmj5VbS%2Bfg8IXJD2sdj%2FFLIYdaJbGzrjM2dFdo4wq9RfvfQF1sEZPdvkQXJ7%2FT%2BdnmWfpeZUhkQFsMc4woU4uapsPjJ3x8fYW7jkStwR8xQFwe%2FzCoSwhYBbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda3b83af-MXP

GET
H3 200 8_1560250345_soundcloud.png
snd.click/storage/platforms/ Frame 0AB9 5 KB
6 KB 76ms
71ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/8_1560250345_soundcloud.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8559b7e5e86976ac2b43d84dca46f5710852e2e1c50d5fdce5fd532efcb2154e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5510
last-modified: Tue, 11 Jun 2019 10:52:25 GMT
server: cloudflare
etag: "5cff87e9-1586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzaWVdKlXfBTrdn57mLuuHCfAvGqC22o8fwsbjXyuTQQk9%2BztzNYSOxNrGi27ypYpRKLbxFi6d8i40oI0P6XNQ%2FPDFWSc3I25ZJ3o%2BB0OhS2jQCUiN7VgtjcoPmqmSLLFR8vTBLNY4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda3c83af-MXP

GET
H3 200 16_1560252521_tidal.png
snd.click/storage/platforms/ Frame 0AB9 5 KB
5 KB 75ms
70ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/16_1560252521_tidal.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4476c31489084f057d971484ea8337d294bdce33db840a204e800da4e37ebe1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4664
last-modified: Tue, 11 Jun 2019 11:28:41 GMT
server: cloudflare
etag: "5cff9069-1238"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FwZVPi1Nk1m1zpVbyAkdDC6w0%2F1J%2BxZWsyC%2BOr2FocybYiKjwfQv1RlOJzjeYqFLvfk7upLOINbSTg%2BbtWKnVH%2Fq9caYAXOJVK1KeQkOLxdZziytssW5mYaefGM0voKP1biHjDAIpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda3e83af-MXP

GET
H3 200 17_1560253092_napster.png
snd.click/storage/platforms/ Frame 0AB9 8 KB
9 KB 76ms
71ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/17_1560253092_napster.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec2fc40578b5d3c7c8ac12187d460fbde0d2775e48091c1363e4fac43f99a0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8456
last-modified: Tue, 11 Jun 2019 11:38:12 GMT
server: cloudflare
etag: "5cff92a4-2108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1JlXLYeLFY0tVcg78eGmfFr4656IZWYLn2JLQ6JXHnzBSsjdD6UQhNfkl2B%2B8uSylTt77q7MzknPIpiYNsH2u6%2Fz2KGWIl44hLy3NqTVqpGoXS4oIClLloEWakdDzohYx8vNiJGBZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda3f83af-MXP

GET
H3 200 31_1629200927_iheart.png
snd.click/storage/platforms/ Frame 0AB9 5 KB
5 KB 200ms
196ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/31_1629200927_iheart.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c8ec967ccde3b64e5317b356d5ca6ac6a0b39ba32f6de2f8c3b1a4e38c2574

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 11:48:47 GMT
server: cloudflare
etag: "611ba21f-1354"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj1rOqwux2WoFT0gxr0h4efJ9TvQdUFFcYl%2BhNVnU82scR8EjPZakdweRJrd9H%2FEhibj%2BqNKIH7CKJ1Hh2fA3NlHgEufRNPf4Jo4xmeeoV3%2F0pw8ElPMP2uZmGnJ%2FV%2BNFQmhu7ABnXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4083af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4948

GET
H3 200 118_1617886201_amazon_music_alt_black.png
snd.click/storage/platforms/ Frame 0AB9 41 KB
41 KB 199ms
195ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/118_1617886201_amazon_music_alt_black.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884bab512acc3235af224271f85a9030fd7461211c697519808bcb7702c1a091

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Apr 2021 12:50:01 GMT
server: cloudflare
etag: "606efbf9-a3a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OyeJ1vw4l5suTApbF7CGS%2BH9riNclVy1HrP%2B19POi5dvfJzGXdu9vag49BwMSjKQF6egAlaPpynzNqe2wFiOWX34Ubwaw%2B2BBST7m%2Fk8rrIydi6iD6GIFzerTI3Iuemwshesn8c%2Bqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4183af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41889

GET
H3 200 54_1597838664_yt_music.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
7 KB 136ms
132ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/54_1597838664_yt_music.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871f64d89795838c773a27fb668e45b3e494fb3c24758cfcca6934f305f0db72

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250456
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6852
last-modified: Wed, 19 Aug 2020 12:04:24 GMT
server: cloudflare
etag: "5f3d1548-1ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYUG6OEhEF7oUD82pCUjhji9Od9jYeKlWUzuBtSbBizJPkZ4sGHEw8%2B88j4g%2BZ71jKEMgNMIaDLCv4erag5RIFf2pxks6BRe24Uusq4BpDfPFqlQHvRFG6KIWktNziQCDAP7tu259Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda4283af-MXP

GET
H3 200 24_1560252942_audiomack.png
snd.click/storage/platforms/ Frame 0AB9 5 KB
5 KB 172ms
167ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/24_1560252942_audiomack.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654fbcbda47c2aa67f212492935f5f7ac35cb0a0ce269ac8ba0ee283c4afb691

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jun 2019 11:35:42 GMT
server: cloudflare
etag: "5cff920e-12ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoLnGXYvG%2B%2F7Q0QIYIFQL%2BjgYrR60Co4ruJP6uNf3CFIVZWVaIaSOL3HFOJwUYN1rfSvwzps0YKJhK3pvQbkfahPb6G1H2NGijDcU%2F8k387rIce2Va4Zu5LSuAfejkoeitA0cs%2F2g6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4383af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4847

GET
H3 200 42_1551453680_awa.png
snd.click/storage/platforms/ Frame 0AB9 3 KB
3 KB 202ms
198ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/42_1551453680_awa.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9379a60c9161c83f5075dec933369e78b3be0d8c3b7827ceda7d7a038ee62ce9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Mar 2019 15:21:20 GMT
server: cloudflare
etag: "5c794df0-b2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOCq1PICSlWG9EN1G5eiI3MyWlTDat4LZZBbqy6LWPPSxJuXwf25cpvsVqWW5XFy4x8FzmfMhpZQrTjHVJwji9XstMXxdvVJyOyHB2lNW0ktzGgspuDUr2KQGwC5w4Lv6ozuVV4UMeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4483af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2858

GET
H3 200 33_1629201073_anghami.png
snd.click/storage/platforms/ Frame 0AB9 6 KB
7 KB 203ms
199ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/33_1629201073_anghami.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a75ea27451c167b4bd5b2b9ba97f4ec7d1bcb3bf5e4725e41ff35cee1b4ffe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 11:51:13 GMT
server: cloudflare
etag: "611ba2b1-1866"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJDfi1wwFvJMGFt9ca6BuylUqAlpl0OgkHeZPMcFTchkOosVZKe5Rb6JwEhJ4W2fzS5C203NlMvT3jPvY1ISVlwQJsiG4x21GVyoAA0Io6ZhW%2F3a3hFNh4TdKBb6TJUiDNIIboul3i0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4583af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6246

GET
H3 200 35_1629201159_jiosaavn.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
8 KB 203ms
199ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/35_1629201159_jiosaavn.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b41ba92728e08797cd85b6f9683afbe13d450d1b3213358c48ac18d242846a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 11:52:39 GMT
server: cloudflare
etag: "611ba307-1c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIks4l7snimkvKtsxwStNNGxdetAIVmvuRGJxNYcBzpRTeMAtMKx16BvI%2B7zkSISOUqUdq57gvAnL43iav5Xlb7Q4aQF4%2BChl68%2F3JOJ3B0sgDO7%2B5r0M5Ut%2BjIf5X0IdEDH%2FTIlroo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4683af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7192

GET
H3 200 94_1583854462_wynk.png
snd.click/storage/platforms/ Frame 0AB9 4 KB
5 KB 203ms
200ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/94_1583854462_wynk.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bbd1c0c28ea0f2af4254c62d76b86321cecfd45a3cea933d29b37fb53ba6e28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Mar 2020 15:34:22 GMT
server: cloudflare
etag: "5e67b37e-10c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bkPB3mDphLg%2Fhn%2Fl%2BKeRmpIGXCVKzQECzBqkiJjU3cWRh6UVAl9ZfTGMnSEY1TUe9z2HC6XnOJZKSLD8j4oAK2XDsarEpngAVnkBN2bDQDyV2JBTr9SWVMJeLEgp7gJaYnyPgXcv5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71f27f1cda4783af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4294

GET
H3 200 logo_itunes.svg
snd.click/landing/img/ Frame 0AB9 14 KB
5 KB 137ms
133ms Image
image/svg+xml 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/landing/img/logo_itunes.svg
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44b6e4f9164860ac419ab1e15cdd2aa55d8117b8fdee7b2545d1b4fe0704c55

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Apr 2020 13:50:49 GMT
server: cloudflare
age: 817851
etag: W/"5ea04bb9-37e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bkizgOHYXdROK9SNHRBoV%2BOhkY6LofpX6esusxtmeJSs8sXBTqO7%2BBjDtT9AaxT0G9T554Vjjpfo8ItJ5i8va1xYiqosp14Y%2BHUYTEd5ZfkhwYDsq3EaW7axgcOZ2qyFsjzd2AxK8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f1cda4883af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 25_1560246937_google_play.png
snd.click/storage/platforms/ Frame 0AB9 11 KB
12 KB 137ms
134ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/25_1560246937_google_play.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a744f38c6ace34651866bf42eb7dd14df089cdbb70c95854e766eb9b41d2361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11612
last-modified: Tue, 11 Jun 2019 09:55:37 GMT
server: cloudflare
etag: "5cff7a99-2d5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF1rCyxizOIug3zt7X4cKeBMuqAetZTqMpfvXDJYWEml00REyX42jQQPnLFrcBXfhJprKQPbZHvhhsPJFT8kBaYcsnjnF%2Bfo935BzGrAEK5dF0Zmy9j2uXVj5%2FckZ8scAYm9M9p7SxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda4983af-MXP

GET
H3 200 20_1629199143_bandcamp.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
7 KB 135ms
132ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/20_1629199143_bandcamp.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d410b3debb14b15512f904dc7d23856ae6389cdacffa8e8339027088719500

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145138
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6658
last-modified: Tue, 17 Aug 2021 11:19:03 GMT
server: cloudflare
etag: "611b9b27-1a02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kkMkVGN5JGfTFJRX8ERv9lyyNFTjF8Tx%2BkRz00%2FbfLz49fDmL%2BsXsdHF43z08tkjiRL8eUQ%2BqZ3OusxdguPdZkz0QBiWUaGY%2BHei%2FhWgBTAL3sNMCkv9VWSfGjoBhYY1x%2BvIiNZjgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda4a83af-MXP

GET
H3 200 icn_spotify_64.png
snd.click/landing/img/icons/ Frame 0AB9 3 KB
3 KB 138ms
135ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/landing/img/icons/icn_spotify_64.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fee9bee5192b952739299570f6f1d5880895edb6e518c14850651083c242fef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 817297
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2797
last-modified: Tue, 11 Jun 2019 09:47:21 GMT
server: cloudflare
etag: "5cff78a9-aed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Vnzpk4qMLpA%2BdOHIPYikMN9aqtCIfoK0n1J8aCfk3YTCLE1eP%2FXFWb%2FcoQxQXJrqeEpp5scRhORJ2DYsxysYVufpoV6Egn%2BumRVl3i0kykhqPfO0CEp3CKhBslYDJPPrFAVulXcNYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda4c83af-MXP

GET
H3 200 icn_deezer_64.png
snd.click/landing/img/icons/ Frame 0AB9 4 KB
4 KB 138ms
135ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/landing/img/icons/icn_deezer_64.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a32bc2f145aea8c098f09896ed081513a6f6fcb8adc1aecfdc2b43618393a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472355
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3586
last-modified: Wed, 19 Aug 2020 06:47:48 GMT
server: cloudflare
etag: "5f3ccb14-e02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjLIgIbRwr82WGaGDdXwy2TSMu5ehhUmDfY7P56%2FwfcPPN7cKmG0tep4AHwpW4HItl114lqXo210n3RCygu%2BNgH2rooxj6%2BEieP%2Fi2QzAfsGiYa77dcPJUHCuP%2FDogqW0s2zMhGTMB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda4d83af-MXP

GET
H3 200 icn_apple_64.png
snd.click/landing/img/icons/ Frame 0AB9 3 KB
3 KB 138ms
135ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/landing/img/icons/icn_apple_64.png
Requested by: Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d387f8955e673b6b83572bdd758e2b0be9da640de3fc2d83c2cb96dbf4c4037

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 817297
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2981
last-modified: Wed, 22 Apr 2020 13:50:49 GMT
server: cloudflare
etag: "5ea04bb9-ba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJAn1t55MWZm8EnK%2FcGhtnHHqDHqOIfDaOA8YgxmzxiLdKrxNcTjUDcZZqXqQbrQ6AQ4xHMksto7x9rpVJSMGdmVqhhw%2FOF%2BGS%2BFV7S9UgsJ40oezbxd1kaqKaBiJaI4LWGUcj%2F3Wvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f1cda4e83af-MXP

GET
H3 200 rocket-loader.min.js Show response
snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 0AB9 12 KB
4 KB 71ms
68ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Jun 2022 16:43:30 GMT
server: cloudflare
etag: W/"62a8bab2-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDc7Bf%2B87EqGn0hfCF3gcleOi0RNFcNQjhej9Pon9ANsDIPKMVL4DX5jk8RRDeQu%2BeLrHf9juhQN0zNYKPsM4vqnimDV6JusOsjJ7WYN%2F3RH6Cz2k5mKoEM40XL4NhkSuGEKCpLRm4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f1cda5083af-MXP
vary: Accept-Encoding
expires: Fri, 24 Jun 2022 05:13:45 GMT

GET
H2 200 common.bundle.a59fbd11efae764ccd959d61e4925fee.js Show response
c.disquscdn.com/next/recommendations/ Frame B3B4 262 KB
87 KB 41ms
41ms Script
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5474548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88804
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-15ae4"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:17 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: G9PDe36GgwU5S-advd5a7zpqamaX_XtjD9OMVQhYwZjPNBX9PYP5CA==
x-cache-hits: 0

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame DC66 165 KB
26 KB 42ms
42ms Stylesheet
text/css 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7984051
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: uZEYrA1zEWWLt52KfbaLi8X5WspudJ20P20qLBJnSV8OeYxAUw0ApQ==
x-cache-hits: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB02
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

90ms
90ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=2269704460&adf=3847043193&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822452&bpp=1&bdt=385&idt=528&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mgLABzUE25&p=https%3A//www.aiupnow.com&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Wed, 22 Jun 2022 05:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 323B 16 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 145060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:56:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 323B 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 122750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 19:07:55 GMT

GET
DATA 200
OK truncated
/ Frame 6FCE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 786efbce4d93b3bd5774b3998201a077c4c1a08fa27c3bb3a6ed62e9a86cd74a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 206 digital-brands-closer-sundry-acquisition_io7dzc.wav
res.cloudinary.com/dmgi9movl/video/upload/q_1/v1655825028/news/text_to_speech/ 1 MB
0 834ms
693ms Media
audio/wav 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/dmgi9movl/video/upload/q_1/v1655825028/news/text_to_speech/digital-brands-closer-sundry-acquisition_io7dzc.wav

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.aiupnow.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
last-modified: Tue, 21 Jun 2022 15:38:36 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "1a5970e6a704d2f5f5eea9e94fe53d0c"
strict-transport-security: max-age=604800
content-type: audio/wav
Content-Range: bytes 0-3922635/3922636
access-control-expose-headers: Content-Length,Content-Range,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=629;cpu=1;start=2022-06-22T05:13:45.373Z;desc=miss,rtt;dur=62,cloudinary;dur=132;start=2022-06-22T05:13:45.724Z
accept-ranges: bytes
timing-allow-origin: *
Content-Length: 3922636

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E930 4 KB
2 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:45 GMT

GET
H2 200 getads.htm Show response
rt3002.infolinks.com/action/ 143 B
211 B 260ms
259ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3002.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A1%2C%22maw%22%3A342%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22artificial%22%2C%22scs%22%3A%22GYC4K-Dehd%22%7D%5D&rid=fc4220c6-f47f-4e0b-b373-f4d93bd0d1a8&jsv=1801.004-3.025&sr=1600X1200&rts=1655874825259&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=102.0.5005.115&dv=p&ce=t&purl=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&tzo=-0000&c=c&strg=true&rsd=vlOQuMIryPdscZ0rRvh5EsgydhTvPTCGwaD3FVzfNBB4ONURpKtp8ypjmfPr-LMpqsTWiQTO9RuRA6udCUfiOcLcM01lC8zmCG2uzLUUdtgqL1zmd0c2cbJEOBFChTlYR6hy88gTi4__p-GrftmF_BiHWKNouyZ28tdRsKRypDY&rsk=46&rcs=dK-n65fROBPcrIcsm_pAqA&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d643e6bf5521cd3df6bb1fe85123565b94282d52984dc1f049e5a03b022d9d43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: en-GB
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 71f27f19f81ee59b-MAN
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3002.infolinks.com/action/ 0
121 B 137ms
137ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3002.infolinks.com/action/dcl.htm?rid=fc4220c6-f47f-4e0b-b373-f4d93bd0d1a8&jsv=1801.004-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A1%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1801.004-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 71f27f19f81fe59b-MAN
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E95E 9 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Jun 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E95E 26 KB
10 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:13:42 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E95E 236 KB
63 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Jun 2022 05:13:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C07 143 B
163 B 53ms
52ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:08:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE8F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 054b6c1a62209d8183da7a3c52abc04321dd64fdba0e9e6a6333feb21f7f0f14

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js Show response
c.disquscdn.com/next/embed/ Frame DC66 476 KB
121 KB 42ms
42ms Script
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1598403
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123109
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1e0e5"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Sat, 03 Jun 2023 17:13:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: sITJOuPKAYw4tqdkziz2H734IKNT8OVMRN_BDDyBKOsZfxllwV05Mg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame DC66 15 KB
16 KB 37ms
37ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4a56966a95f564be8dc98114f74e45268dc11fb6f12bebbae392d18c269601c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:45 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 19
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15407
X-XSS-Protection: 1; mode=block

GET
H3 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2
fonts.gstatic.com/s/rubik/v20/ Frame A6A0 17 KB
17 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v20/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700|Rubik:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f36d3add46f6a425f70f833b75be801d705199e7dbfdb11e4de9a935082a1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:48:01 GMT
x-content-type-options: nosniff
age: 552344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:48:01 GMT

GET
H3 200 7Aulp_0qiz-aVz7u3PJLcUMYOFkpl0k30eg.woff2
fonts.gstatic.com/s/muli/v27/ Frame A6A0 17 KB
17 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v27/7Aulp_0qiz-aVz7u3PJLcUMYOFkpl0k30eg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700|Rubik:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2401b6c90334f69bca585263201ccddb9d34412d38acaa83251fc63346716a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:18:06 GMT
x-content-type-options: nosniff
age: 42939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17020
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:18:06 GMT

GET
H3 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes_style_bubble/exm=auth,profile,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 15 KB
5 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes_style_bubble/exm=auth,profile,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_3?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d11f76ccc5e545d66afea9000097e1ea7c80816d276abf21e53f654d2b5537c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5065
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:53:40 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6FCE 28 KB
28 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 549411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:36:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D487
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

79ms
79ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Wed, 22 Jun 2022 05:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 931B 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012205270638000/ 23 KB
8 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15322ff7c7a2aab7ebbce94e36f7b22dab420757563953f82fda039259cfe35

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 24965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: sffe
date: Tue, 21 Jun 2022 22:17:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "38917a0112ce3845"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Jun 2023 22:17:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CB76
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

110ms
109ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Wed, 22 Jun 2022 05:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FE20 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8702ad50fb999824187d672f0247d079a87f4cea6924b1e5c7facfec2df84635

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

127ms
126ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Wed, 22 Jun 2022 05:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame FD5D 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1257 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0AB9 101 KB
39 KB 148ms
55ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75423470-2

Requested by

Host: snd.click
URL: https://snd.click/cdn-cgi/apps/head/k0mtnwaPiJWk8CavAZCSyiiuy4U.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7c01dcaa9b4f27c658fb77ebd491f61f3595a7a9da54cef29bdddd4ee1dab3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39869
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Jun 2022 05:13:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7003
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

60ms
60ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Wed, 22 Jun 2022 05:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B9F 42 B
64 B 159ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPqbpWDN2BjCHide1GKVF4_N_-7r2tpN7emtcOL19gqv-K6rl2asLynMBQdQNoqPr-TpwFsqU6VHuaPng460B_HDO2vDHrjgQIPrBri8PEDlLmHRuEBn5JPeYQVCo&sai=AMfl-YTmGaIhKk5gOYcMJwHUpT2Np5p_8PWJIJ7DU83tCtYFrPiI-5Nx5_LeYMlsTmMTEP1yt5q3EHatshvi&sig=Cg0ArKJSzMxKQ-ktXOD-EAE&id=lidar2&mcvt=1108&p=0,0,90,728&mtos=1108,1108,1108,1108,1108&tos=1108,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=743980787&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655874822916&rpt=1563&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 57C4 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=90&slotname=4147849215&adk=3822660987&adf=2038951932&pi=t.ma~as.4147849215&w=728&lmt=1655871916&psa=0&format=728x90&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822472&bpp=1&bdt=405&idt=543&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OAeiTgI8D5&p=https%3A//www.aiupnow.com&dtd=548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
DATA 200
OK truncated
/ Frame 4723 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42d44a542a2fd547468d2b554dcd130a141d288d83cc64c354f8e82156d840b9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

tgcMQP8iv04 Show response
www.youtube.com/embed/ Frame 13B9
Redirect Chain

https://youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

62 KB
26 KB

78ms
77ms

Document
text/html

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Requested by

Host: snd.click
URL: https://snd.click/mjI0tjt?embed=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b12fe3aebedba8a4053a936d79d0d7f92d30086b78adf6b758a5b5e9b14aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://snd.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=31536000
content-length: 0
content-type: application/binary
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 22 Jun 2022 05:13:45 GMT
expires: Wed, 22 Jun 2022 05:13:45 GMT
location: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/102/ Frame E930 52 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/102/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 07:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15092
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 22 Jun 2022 07:35:48 GMT

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame B3B4 14 KB
3 KB 41ms
41ms Stylesheet
text/css 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21282620
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 7yP5-43DCHBFyjSXQik7VRBF9cKpqs3UA__HzLKacjLPmtMtad-LhQ==
x-cache-hits: 0

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 0AB9 34 KB
34 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu|Open+Sans:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://snd.click
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 08:45:37 GMT
x-content-type-options: nosniff
age: 73688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 08:45:37 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E930 98 B
142 B 52ms
51ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52a6af380b8a4987d9d4ac52902883f15d6008bd5793517af645bf57eda095c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 22 Jun 2022 05:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 50ms
49ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 22 Jun 2022 05:13:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame DAE6 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 09AE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

67ms
67ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:46 GMT
expires: Wed, 22 Jun 2022 05:13:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 chamber.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 23 KB
23 KB 42ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/chamber.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a96d7b610ef0fc6294316659f5548844963f386de511d0b965de25ab04bf0ca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23562
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:14 GMT

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame D9D9 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=280&slotname=9466596839&adk=3392451642&adf=4038499821&pi=t.ma~as.9466596839&w=340&fwrn=4&fwrnh=100&lmt=1655871916&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822533&bpp=1&bdt=467&idt=737&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VlgNtwxUkU&p=https%3A//www.aiupnow.com&dtd=741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame B3B4 65 KB
20 KB 43ms
41ms Script
application/javascript 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21890882
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: dOeWKGfawdyVVfdAmijhDKMSiHyCxDiXrTTqlToI51FIdyV9-UYzTA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame B3B4 15 KB
16 KB 29ms
29ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4a56966a95f564be8dc98114f74e45268dc11fb6f12bebbae392d18c269601c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:45 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15407
X-XSS-Protection: 1; mode=block

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 50D1 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H3 200 5-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/5-01.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9819d05369f799cad755666b8f38ab27c5115e20dee9ab7742e0dac76ff25b87

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1729
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 4-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 2 KB
2 KB 43ms
43ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/4-01.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941599ef67ea3cc66658bf5c0a5198fe55554c8a2cbf2f9f7453ff6da4ca3ef2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2353
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 3-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 1 KB
1 KB 45ms
44ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/3-01.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5847d9cac5da8d2e372bb3efc7e3adbb21dcb675266b422e5de761c7be48385

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1420
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 2-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 2 KB
2 KB 46ms
45ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/2-01.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0adf904cad59825c050f52926f940b1a1eb8748a941d8331f8d555d2da9fbf94

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1940
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 1-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 2 KB
2 KB 63ms
62ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/1-01.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

322327d3a33c7034d08645ec8ece89a48f452abc215e454e31eee838fb0ca638

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2277
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 bg-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 2 KB
2 KB 63ms
62ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/bg-01.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854c7944c8fc86224cd9c384d5db98c0d34467671552bafa5fd7cc1800d3637b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1692
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 bg1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 9 KB
9 KB 61ms
60ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/bg1.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308ca99bb8ad6a132cc62a2d1406886ad84f4a9d6b6799a80df11642536a237c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8968
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 bg2_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 44 KB
44 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/bg2_1.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e682f015d17f27909b774d07d2dea78b549124b0f726d507ae241d1176f8124f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45091
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 bg3_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 23 KB
23 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/bg3_1.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbc1ec1882d87ae329a0b370987bf23d974ba513761ee302f62022b7cb8791c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23679
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 bg4_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 28 KB
28 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/bg4_1.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

689e5562d56dc1e3f0a581ab2664d960e4ecfa91a1069da69699f559ee0f45cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28667
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 bg5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/ Frame 50D1 21 KB
21 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3499534063342242848/bg5.jpg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df7742c20d36750d872fcdc918b4e8727ede5e1dd9f3850638e78897228880f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 84753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21040
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:29:46 GMT
server: sffe
date: Tue, 21 Jun 2022 05:41:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 05:41:13 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame DBEB 601 B
288 B 77ms
77ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e846a2c1d5dc6910fd8f41c2159d96712c540be2b0e3730efde2315b1ea0bbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 22 Jun 2022 05:13:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 140ms
43ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 36837
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Jun 2023 18:59:49 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 140ms
56ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 05:32:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 603668
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Jun 2023 05:32:38 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 128ms
44ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 32452
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Jun 2023 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 127ms
43ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 565747
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Jun 2023 16:04:39 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 124ms
44ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 36837
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 21 Jun 2023 18:59:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C07
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

61ms
61ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1342347843351338&output=html&h=250&slotname=3651997524&adk=4109335272&adf=556582571&pi=t.ma~as.3651997524&w=250&lmt=1655871916&psa=0&format=250x250&url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655874822612&bpp=4&bdt=546&idt=1061&shv=r20220616&mjsv=m202206150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D615671ac85f19a56-22dcd3d9b8cd004f%3AT%3D1655874823%3ART%3D1655874823%3AS%3DALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ&prev_fmts=728x90%2C728x90%2C728x90%2C796x199%2C796x280%2C340x280%2C250x250%2C250x250%2C300x600&correlator=8240063065079&frm=20&pv=1&ga_vid=830107522.1655874822&ga_sid=1655874823&ga_hid=1395041782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31068030%2C21066433&oid=2&pvsid=2920669157383389&tmod=1780552089&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=2OVe4L2CBc&p=https%3A//www.aiupnow.com&dtd=1065

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:46 GMT
expires: Wed, 22 Jun 2022 05:13:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 05:13:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame DC66 3 KB
3 KB 145ms
144ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=sigma2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2d612b36bcf538270a26299731449a62bd2964b2a6f6f3f64e79d331e80445dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3033
X-XSS-Protection: 1; mode=block

GET
H3 200 Asset_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame A6A0 1 KB
696 B 47ms
47ms Image
image/svg+xml 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_3.svg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2606aa711e586bfe1be8beb2a08289903cf5b87e7a53403dabf1eda1b8c0d177

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 15010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 656
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 22 Jun 2022 01:03:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Jun 2023 01:03:36 GMT

GET
H3 200 Asset_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame A6A0 3 KB
1 KB 45ms
44ms Image
image/svg+xml 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_2.svg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8c3e5e1d44aa8a15c7db3c62ebdad04d9ab76c7b8c24430596d9ac1957b583

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 15010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1341
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 22 Jun 2022 01:03:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Jun 2023 01:03:36 GMT

GET
H3 200 Asset_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame A6A0 51 KB
19 KB 45ms
45ms Image
image/svg+xml 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_4.svg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6729d94c53fca9ac3b791dfc6ce13328fb3f313a472f86d52ebb8e0ae90496ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 15010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19815
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 22 Jun 2022 01:03:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Jun 2023 01:03:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4723 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPXBwaZn7ZyqC_YshdtkK2lKsyl2JWGQHQpiHxmAfBCI_wVAL50SzFI1tn5Xndt3dbzsO6I7mzwArN53CluedNQL1W__5zoPJJEC4looeSFHEPl76ctRVpDg6cbsc&sai=AMfl-YTxsS2FAbxpupNb7326AFtRiXYxk0yEuVRCpt9ZhdxQhgTaQJ1hqi1QHFgsCwrhuk0wYHWmq9bA6pau&sig=Cg0ArKJSzFaf7CiuujlFEAE&id=lidar2&mcvt=1301&p=0,0,90,728&mtos=1301,1301,1301,1301,1301&tos=1301,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2269704460&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655874822992&rpt=1836&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 landing.js Show response
snd.click/landing/js/ Frame 0AB9 4 KB
2 KB 182ms
181ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/js/landing.js?id=a4d4ab09a2052e8cd0bc
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c811b52b159c35e96af4b1f0b999753162f21933e5e520e288de72dbd5a2018a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 24 Jun 2021 11:55:19 GMT
server: cloudflare
etag: W/"60d472a7-10aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQnMSimTlhbRuYg0fn4sd96s5QM5U54%2B1ic0%2FT%2B3D3YBxm4zAcIw45%2F6N%2B1DL8FO6gB7MGBnO9vNaJBhv4dMBNnZVJEgaEKa76CcQ9S8OrPq3KhwJuIn4wX2sZE3TwfROaI%2B2S%2FV4kI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f209f4d83af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.jcarousellite.js Show response
snd.click/landing/js/jcarousel/ Frame 0AB9 13 KB
4 KB 177ms
176ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/js/jcarousel/jquery.jcarousellite.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5aa8749b707f73090c7fc4938f6452803ccfe09c30ff8ff5adbd6735b799e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Dec 2018 18:23:40 GMT
server: cloudflare
etag: W/"5c0d5dac-326e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3NCvpZuESE6ecksviwoGlP9REKrEBoCSdZiggRyDTyPowCff5hxew8jDIAp3omUPFkTY5GG9OoQLUL2fp01Ap6i47VgCQ0nLhW9qR12dyP5UWke4v9OkTuZVzXxPBJpc3vtIisLMPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f209f4f83af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.mousewheel-3.1.12.js Show response
snd.click/landing/js/jcarousel/ Frame 0AB9 8 KB
3 KB 168ms
167ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/js/jcarousel/jquery.mousewheel-3.1.12.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac45e4c266a4fb5e7d49b00f4b3b9c53b70ccb5754d3a6d5cfc338ca3b98bd84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Dec 2018 18:23:40 GMT
server: cloudflare
etag: W/"5c0d5dac-204e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDsrrm0mVflw%2F46Ic9v6ZYQJl2WUQ7VAnYNSXXZO%2B9lsrSVimhMKTAeIN%2F8phHwxac83sBuHVUMK8E%2B%2BUfi4ZAVWAdZ364a4EGR%2FMHZ48b4qw0MlHaVb9bvOJCRvUX7lRdmWy5eYlFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f209f5083af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 jquery.easing-1.3.js
snd.click/landing/js%7D/jcarousel/ Frame 0AB9 0
0 247ms
247ms Script
text/html 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/js%7D/jcarousel/jquery.easing-1.3.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09niQww%2BCH4B3Tkeh4r1IhLSD2QYIqU9Fs0j%2BVH7OE9wQsH3GPswAYxBEKNt%2B%2FCabj%2F%2B5kf2NAuLr7C7AH%2FINqzczpZ8pqQZbUZcrsjuAI0AosHEroQ7cNoYdas6TVg1Ydai6OM7i6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 71f27f209f5283af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: -1

GET
H3 200 clipboard.min.js Show response
snd.click/landing/js/ Frame 0AB9 10 KB
4 KB 70ms
69ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/js/clipboard.min.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Dec 2018 18:23:40 GMT
server: cloudflare
age: 824320
etag: W/"5c0d5dac-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JF4YdrmJTerTwEY%2FZShkXHmVae%2BAlerqa%2BIKEPRVtm1orXLIfLT611R98sseUrjl7vXR4Aod7%2F7nnsvKJIsgMhgRc%2BqtgVZB03QZNYwPSBJQ0IoXO83WYv3Q0VeSWW0DFdPVB2nswCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f209f5483af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
snd.click/frameworks/bootstrap/js/ Frame 0AB9 57 KB
16 KB 81ms
80ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/frameworks/bootstrap/js/bootstrap.min.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 May 2021 13:25:00 GMT
server: cloudflare
age: 473807
etag: W/"609d28ac-e2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxhyGCp3qoT64i0bI9EGnOaK36kwFZVc%2FU2ZBIOspYm00m8fvbwpaME6q8%2FYKW8QmZeHIvYNilX1cdTJQUmMQc3psP7JOA5z%2FIhKJSdU9U7b8pKFwiPeNAhIEOgxFcBQCQh%2FQEYVoCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f209f5583af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ Frame 0AB9 19 KB
7 KB 160ms
65ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1055783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEF1quN7rwcbXk2VyhRDDdkrp2%2BbLzAn8N6bw5F%2F3nekxDL%2FVGpcklIdEgkNwhOeYgbTNjUO3L9ktspVPfYloPxo3iM%2FiDp3vsM9dT52By7G0TobLtfibdH86N4ddXXVRBUWk43xV6onHCFSM1JXIjn3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71f27f213c8301e7-ZRH
expires: Mon, 12 Jun 2023 05:13:46 GMT

GET
H2 200 musickit.js Show response
js-cdn.music.apple.com/musickit/v1/ Frame 0AB9 230 KB
54 KB 300ms
52ms Script
application/javascript 2a02:26f0:6c00:299::1fcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://js-cdn.music.apple.com/musickit/v1/musickit.js

Requested by

Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::1fcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

0ccb2ab37cedaef2eab9c7044c99afdb8c73a122a29ad8b7344af644a15bd14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-apple-jingle-correlation-key: A3ZH77UYDQ32AOANLN3766D6LU
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-responding-instance: silverbullet-external:3002:mr28p00it-ztdg08092301:8301:21REL13
x-daiquiri-instance: daiquiri:15887001:mr85p00it-hyhk03154901:7987:21HOTFIX34:daiquiri-amp-all-shared-int-001-mr, daiquiri:18493001:mr85p00it-hyhk03154801:7987:21HOTFIX34:daiquiri-amp-all-shared-ext-001-mr, daiquiri:14904002:mr85p00it-hyhk04184801:7987:22RELEASE72:daiquiri-amp-store-shared-ext-004-mr
x-apple-request-uuid: 06f27ffe-981c-37a0-380d-5b77ff787e5d
content-length: 54285
etag: "728844cd8b5cdcdac8133296871f4b55"
apple-tk: false
last-modified: Tue, 14 Jun 2022 22:58:44 GMT
server: daiquiri/3.0.0
apple-seq: 0.0
date: Wed, 22 Jun 2022 05:13:46 GMT
apple-originating-system: UnknownOriginatingSystem
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, max-age=136
x-apple-version-number: 2224.6.0

GET
H3 200 jquery-1.11.1.js Show response
snd.click/landing/js/jcarousel/ Frame 0AB9 276 KB
84 KB 82ms
82ms Script
application/javascript 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Dec 2018 18:23:40 GMT
server: cloudflare
age: 64712
etag: W/"5c0d5dac-4508e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkCyCcopxiX%2FSeAAjdttBP7yULk%2B4EJRqV12rMq3UJHm4zJxrpTgje2P9JwBm0LjBK4nzkO4F3gbm4Ei8%2B7HiaPtZbTVU59y%2FUuGSknUvrCAzu44v%2BRBBfUTwsIgVBzgZiu9q5Oy1%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f209f5683af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 53791720 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 91ms
90ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53791720?wmode=0&wv-part=1&wv-hit=447861480&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rn=499489118&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1655874826%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220622051346%3Au%3A1655874823129053414%3Avf%3A1axv6s0ia38tfbuwalw54%3Awe%3A1%3Ast%3A1655874826&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
last-modified: Wed, 22-Jun-2022 05:13:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:46 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 5 KB
6 KB 49ms
48ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/logo.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1aa0913c663dfd397be7d8f264da13bd066beeb46d780e8e69ea70890fe5de6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:14 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/50ce972d/ Frame 13B9 339 KB
47 KB 45ms
43ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ca49f83ae63de5d30ea69c990f093ed7bcbcad34169f7db6b63b759724fb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47644
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:08:30 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/50ce972d/www-embed-player.vflset/ Frame 13B9 302 KB
93 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3f592c7284d7a75ba9082bec003ef81ace2c99ab03e59998bcb2fbf110dc1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95654
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:09:07 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/ Frame 13B9 2 MB
535 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1423878f96d42902b1074096646a191e26ca23a5642dc8c682e5304bbaacba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547803
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:17:09 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50ce972d/fetch-polyfill.vflset/ Frame 13B9 9 KB
3 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:09:07 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame DBEB 9 KB
2 KB 44ms
42ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 18:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Jun 2023 18:19:01 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame DBEB 149 KB
44 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC67hmyuSwjdLKHGnMR1Qe2Q&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 18:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Jun 2023 18:19:01 GMT

GET
DATA 200
OK truncated
/ Frame A6A0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Asset_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame A6A0 3 KB
1 KB 45ms
44ms Image
image/svg+xml 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_2.svg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8c3e5e1d44aa8a15c7db3c62ebdad04d9ab76c7b8c24430596d9ac1957b583

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 15010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1341
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 22 Jun 2022 01:03:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Jun 2023 01:03:36 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 13B9 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 43625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 17:06:41 GMT

POST
H2 200 53791720 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 914ms
100ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53791720?wmode=0&wv-part=3&wv-hit=447861480&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rn=819576334&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1655874827%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220622051346%3Au%3A1655874823129053414%3Avf%3A1axv6s0ia38tfbuwalw54%3Awe%3A1%3Ast%3A1655874827&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:47 GMT
last-modified: Wed, 22-Jun-2022 05:13:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:47 GMT

POST
H2 200 53791720 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 365ms
95ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53791720?wmode=0&wv-part=1&wv-hit=447861480&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rn=835631801&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1655874827%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220622051346%3Au%3A1655874823129053414%3Avf%3A1axv6s0ia38tfbuwalw54%3Awe%3A1%3Ast%3A1655874827&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
last-modified: Wed, 22-Jun-2022 05:13:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:46 GMT

POST
H2 200 53791720 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 360ms
91ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53791720?wmode=0&wv-part=2&wv-hit=447861480&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rn=1033865081&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1655874827%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220622051346%3Au%3A1655874823129053414%3Avf%3A1axv6s0ia38tfbuwalw54%3Awe%3A1%3Ast%3A1655874827&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
last-modified: Wed, 22-Jun-2022 05:13:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:46 GMT

POST
H2 200 53791720 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 361ms
92ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53791720?wmode=0&wv-part=1&wv-hit=447861480&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rn=818748153&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1655874827%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220622051346%3Au%3A1655874823129053414%3Avf%3A1axv6s0ia38tfbuwalw54%3Awe%3A1%3Ast%3A1655874827&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
last-modified: Wed, 22-Jun-2022 05:13:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE8F 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_eqE9gqneZUwX4L8tXDWsC5DH6XS4_NSFB0SurAgy5FxS35TkhEJNrvKHx0k4I0MeoxneKn0sSQB-0aOC4fGqdKyeP7zSbYU6gwP-OzQ2MNz5-ws0g7JN4cdMmwI&sai=AMfl-YRa5FXCZZgfQLk9zc6FtT6bLc00ldFXL7KNKvAAW26CLJ13QSlBD6LbdWKSf8NhGiNV078rfQ3fsox-&sig=Cg0ArKJSzFxa5L0UOf4tEAE&id=lidar2&mcvt=1220&p=0,2,280,338&mtos=1220,1220,1220,1220,1220&tos=1220,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3392451642&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655874823275&rpt=2127&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame E95E 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0AB9 49 KB
20 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75423470-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1479
date: Wed, 22 Jun 2022 04:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Jun 2022 06:49:07 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1647409581/images/ Frame DC66 2 KB
2 KB 98ms
29ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1647409581/images/noavatar92.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 100436
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: LHR3-C2
content-length: 1644
x-amz-cf-id: nfDpEkBWMyMXufOhC6eGI6GlJkfIYSRofkg0QqrCrsMRzp7XjQklIw==
expires: Thu, 28 Apr 2022 20:11:44 GMT

GET
DATA 200
OK truncated
/ Frame DC66 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1639 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAYN8_77im_hPh2kNrY_P3FVF2IzKuqDunqeW1MRrA_v0aW6N5nKnNkGBPxDQfnYqwO5poGUU25-aIhrkNdNboH852wU-N5Xq4pEa1Cji_bj1g31iwJrQ_UgzALKJPXKjsKsBT0w&sai=AMfl-YT-S1sU9epL8k2e_cLoNShXssXxf6v-TItivXWy7epqyypIAEgo8OALTVRkmpBdksHtOgT9i6ZfcErO&sig=Cg0ArKJSzGxvLPiFd7EmEAE&id=lidar2&mcvt=1115&p=0,0,90,728&mtos=1115,1115,1115,1115,1115&tos=1115,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3822660987&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655874823021&rpt=2519&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame B3B4 3 KB
3 KB 29ms
29ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=sigma2&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2d612b36bcf538270a26299731449a62bd2964b2a6f6f3f64e79d331e80445dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3033
X-XSS-Protection: 1; mode=block

GET
H3 200 printedPart.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 11 KB
11 KB 43ms
43ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/printedPart.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fd9ee1b8fcd194b03c576520478299958d96037df850c6f4908f757b1a1cffb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10805
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:14 GMT

GET
H3 200 Asset_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/ Frame A6A0 51 KB
19 KB 41ms
41ms Image
image/svg+xml 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/92716964203462656/Asset_4.svg

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6729d94c53fca9ac3b791dfc6ce13328fb3f313a472f86d52ebb8e0ae90496ed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 15010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19815
x-xss-protection: 0
last-modified: Wed, 18 Mar 2020 11:40:29 GMT
server: sffe
date: Wed, 22 Jun 2022 01:03:36 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Jun 2023 01:03:36 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ Frame DBEB 128 KB
42 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63bd1290734d42988618531f116ded35108d357633fd4ec34676f5824684d16e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 23:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42807
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:43:40 GMT

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 5B28 337 B
839 B 42ms
42ms Stylesheet
text/css 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3124689
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-f4"
content-type: text/css; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Wed, 17 May 2023 01:15:37 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: pD9_vvdLmX9bTUuc7xxVk9r9ld2EcgpWn5B33qmXWjeSaQCR1_164w==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 866B 337 B
839 B 43ms
42ms Stylesheet
text/css 2600:9000:2156:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3124689
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-f4"
content-type: text/css; charset=utf-8
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
expires: Wed, 17 May 2023 01:15:37 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: qAEsN8MKxu5zkpqwRTfj3pgT4xf0uW79rvafsKQ1HLFb7htbUHTK7g==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame DC66 43 B
339 B 172ms
106ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=1622&event=init_embed&thread=9228214616&forum=sigma2&forum_id=526051&imp=5dmnep91aom2p&thread_slug=new_toddycat_hacker_group_on_experts_radar_after_targeting_ms_exchange_servers_cybersecurity_05&user_type=anon&referrer=https%3A%2F%2Fwww.aiupnow.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=true

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 printer2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 9 KB
10 KB 42ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/printer2.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63f6f4dfcb096de45b10cbe5e2a1934d61b6102ed643ca1d6a728d0e6bc6fd3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9713
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:15 GMT

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame B3B4 8 KB
8 KB 107ms
107ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=sigma2&thread=url%3Ahttps%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e14012f1f88618c3cc4d5336659236168bdbd43822415503d98de8b83d95f458

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&t_d=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A&t_t=%0ANew%20ToddyCat%20Hacker%20Group%20on%20Experts%27%20Radar%20After%20Targeting%20MS%20Exchange%20Servers%20%23Cybersecurity%0A
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 659
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 7821
X-XSS-Protection: 1; mode=block

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 13B9 113 B
159 B 48ms
48ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ddf4b3808381e2aa9c430851aa6b477a0b92c0d01b9d06cf68b95137289be76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 13B9 29 B
54 B 122ms
40ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:04:42 GMT
x-content-type-options: nosniff
age: 545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Jun 2022 05:19:42 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 49ms
48ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 22 Jun 2022 05:13:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 13B9 64 KB
30 KB 56ms
56ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33ea774f6b92826380075bf15df00e064cb3d5e5dd863e3516eb1f08c0382547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30373
x-xss-protection: 0

GET
H3 200 neLWrzQQwrLuSjLunjDl8WO25FW7p4vlNGwO3v1xINA.js Show response
www.google.com/js/th/ Frame 13B9 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/neLWrzQQwrLuSjLunjDl8WO25FW7p4vlNGwO3v1xINA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2d6af3410c2b2ee4a32ee9e30e5f163b6e455bba78be5346c0edefd7120d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 13:32:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 13:32:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/ Frame 13B9 27 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4874ac817fcf625e0f4b0fe8fe1201a19e31abcbde0058b5090ed88ec17a38af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8058
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 00:18:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:17:09 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E930 28 B
56 B 56ms
55ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
X-YouTube-Client-Version: 1.20220619.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZanFoTTA5aGJqTSiGysqVBg%3D%3D
X-YouTube-Ad-Signals: dt=1655874823529&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C340%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo3gp4XSHtjHv6c3fzMmnFlfkhclvq-i-HDGqWpmVhjwht0tgnn9UjEsJ3fYVkbW3dL2IDEKNfSqr_L5Zlqo6-iQv7yow

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:47 GMT

GET
H3 200 text2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/text2.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0909362ff29eead81238bc2f055362cb0678e2e6c4d172838165ecb89099bcea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3089
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:18 GMT

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
339 B 105ms
105ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=failed_recommendations.server.undefined

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 text3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 6 KB
6 KB 42ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/text3.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db327ff1e7f09669a6483f25210ed52cf2349dd594106bfa6facdcd58dbdec67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6000
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 13B9 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?nlL5wA
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0AB9 49 KB
20 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1480
date: Wed, 22 Jun 2022 04:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Jun 2022 06:49:07 GMT

GET
H3 200 text4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 7 KB
7 KB 42ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/text4.png

Requested by

Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a691d6c2b0e66a5d9e8395471cde59527e3ecce07c120c16e3a39d1c50f1c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6788
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 56ms
56ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220616&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d260b63b22b9ec3d1c49893271ad9564834b321d9a4439c2c7de489b39d10b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10529
x-xss-protection: 0

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame D4E7
Redirect Chain

https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_...

139 KB
31 KB

2783ms
2782ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6a483ba87190a7bae7d0f647cb5b9a9b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f26539d3dbdcd4c01234d792d2c29ad8ea465375dabc3c328b94c58edbbb93a6

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Wed, 22 Jun 2022 05:13:50 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ZmedI2Jhal+bOVVBWK1DbnZrNW3puS6/xSKIumTaZJrin2uu3SnE/vtqVYfOEtqpYma6laZZVBTSa8yFKoMHyA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Wed, 22 Jun 2022 05:13:47 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: snvWuZAomFjq+ytEz5/+dL5ieWZaAAtorQjqVORkoybXg9UonYhOQH/z45ltnTqLUUCTXF/soP/4QfE4bZhZCQ==

GET
H3 200 textEnd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/ Frame E95E 3 KB
3 KB 41ms
41ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6752852151195281511/300x250c/images/textEnd.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9508ef69d7d9cd49e9b9a56ea09a4972db9f1654dfa81911205857fed20a1da5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3421
x-xss-protection: 0
last-modified: Wed, 04 May 2022 19:19:18 GMT
server: sffe
date: Sun, 19 Jun 2022 12:29:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Jun 2023 12:29:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 05:13:47 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.9/js/ Frame 0AB9 682 KB
247 KB 211ms
85ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.9/js/all.js
Requested by: Host: snd.click
URL: https://snd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0

Request headers

Referer: https://snd.click/
Origin: https://snd.click
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1044763
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CX9DGW2AMP3HZK03
x-amz-id-2: OF5m3yr1NVDNNLFmzfk6gvBVdMwXkEoG1u0rhx8T4HHzZ3cXNybDP+7TRt0WEqlqN7wGw+pZOMs=
last-modified: Wed, 30 Jun 2021 15:28:17 GMT
server: cloudflare
etag: W/"bffc6023835e717c0348c41583e56eba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uZTKSuWCezqVfxjlYLETDyP47fLScIo%2FrmGsex8EQijYaCYaTRznhbMABRbimqJdsA8wPV2iGfVt4pEmEn5jI5x6Y8V69KbYJRv3SlIxV23tYXmchggUW7%2BudR6zbARjt9qu7DmjOIK5dAe06MHwZML"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 71f27f27dd8483b8-MXP

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 13B9 98 B
142 B 51ms
51ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6f223d905e14a91da6a7fc1efc32b681883fd018d73d376e95a6cbc264b6b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 49ms
49ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 22 Jun 2022 05:13:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E930 28 B
56 B 54ms
54ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
X-YouTube-Client-Version: 1.20220619.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZanFoTTA5aGJqTSiGysqVBg%3D%3D
X-YouTube-Ad-Signals: dt=1655874823425&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C340%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo3gp4XSHtjHv6c3fzMmnFlfkhclvq-i-HDGqWpmVhjwht0tgnn9UjEsJ3fYVkbW3dL2IDEKNfSqr_L5Zlqo6-iQv7yow

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F4D 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 15975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 00:47:32 GMT
expires: Thu, 22 Jun 2023 00:47:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1643 783 B
533 B 51ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

357021c2773b40d5aacaec065eff01c22cf525983bd0ea8f466e19fe3b770bfa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GPgouGvULlqyxpTMF9P2cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-GPgouGvULlqyxpTMF9P2cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 05:13:47 GMT
expires: Wed, 22 Jun 2022 05:13:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F4D 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Lm7rFgrIBRo_ITQOHaUzgnXfknBPfX56ETeLWpEgtsk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:37:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13764
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:37:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1643 0
0 90ms
90ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220616&jk=2920669157383389&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F4D 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gYMovg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 33_1629201073_anghami.png
snd.click/storage/platforms/ Frame 0AB9 6 KB
7 KB 70ms
70ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/33_1629201073_anghami.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a75ea27451c167b4bd5b2b9ba97f4ec7d1bcb3bf5e4725e41ff35cee1b4ffe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6246
last-modified: Tue, 17 Aug 2021 11:51:13 GMT
server: cloudflare
etag: "611ba2b1-1866"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YtlVKr8XA51VA4CatA24nt0JcWviUdHPZCL486t%2FeAMS7ryw%2BP1cTfYVGABlIGY0Zu7tBinIY%2BOd%2FPe%2BuGRTtQL8X5smwPCK%2BjTOMm0equR8LG211XqQY2dk7eJEDb6PLLYjq5s9Ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f295b2d83af-MXP

GET
H3 200 35_1629201159_jiosaavn.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
8 KB 71ms
70ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/35_1629201159_jiosaavn.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b41ba92728e08797cd85b6f9683afbe13d450d1b3213358c48ac18d242846a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7192
last-modified: Tue, 17 Aug 2021 11:52:39 GMT
server: cloudflare
etag: "611ba307-1c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owMMCe%2BzC8bDIhRONmdoJC%2F8z7hAKc%2BS4DDvQ%2F3kYelvdGtLtKsEdp5UI0yKMEA5zhHrmMtmU0A6iN6t83%2FSImeg6WsJkwH40ExaoaAmsGK77qALjFpv%2BNq4exLKo%2BX1e96PGEwViHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f295b2e83af-MXP

GET
H3 200 94_1583854462_wynk.png
snd.click/storage/platforms/ Frame 0AB9 4 KB
5 KB 72ms
71ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/94_1583854462_wynk.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bbd1c0c28ea0f2af4254c62d76b86321cecfd45a3cea933d29b37fb53ba6e28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4294
last-modified: Tue, 10 Mar 2020 15:34:22 GMT
server: cloudflare
etag: "5e67b37e-10c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zORkzJXq5KJxVRSZTK0uLBpscnu5ccXIEW5T1%2FBH1%2B0wxtF25aHh3kRzl6aThef7E24rQOu6qnTg7izRQl7NbZJHGjn41Q35C1nqCi1EikFOPWqGmUlQZq6bDM5b8HONm9hCFTzXnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f295b2f83af-MXP

GET
H3 200 9_1560249795_youtube.png
snd.click/storage/platforms/ Frame 0AB9 8 KB
9 KB 71ms
70ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/9_1560249795_youtube.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29fe732a3a3512aedec5358e02eee2156a1b783cbc27ac7ed3a023c0b8cf507f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1796999
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8256
last-modified: Tue, 11 Jun 2019 10:43:15 GMT
server: cloudflare
etag: "5cff85c3-2040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IFfIm44Hz%2F%2Bz4Q3gy8roGR%2BG4MvwTe1188TTKteMfhu7me8%2ByIl0nZKS02iplf1b%2Fssn%2BVgpfwjW07YnfSr4Z16uXpLSHaulrUKHhW8PFL1V8ANCzT9aD%2Bh87Qic2rbpJ88YrNFOdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f295b3283af-MXP

GET
H3 200 6_1629198382_spotify.png
snd.click/storage/platforms/ Frame 0AB9 5 KB
5 KB 71ms
71ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/6_1629198382_spotify.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2b259176d1712ca42f68767b3dc61a2a2385fbb48ba3a7e5b587910e50d642

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2536088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5041
last-modified: Tue, 17 Aug 2021 11:06:22 GMT
server: cloudflare
etag: "611b982e-13b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swKPU9sKVDoXkE3MXarSZwCUyH7LPNIicqsaFvux1lkX72gm0y28IYnCQE5cUMXzfNjhO2v1B7niDJp6smZy%2FPiZ0qH82xVOT5lGZUKxzRMinMJdUkZz5K%2FwJJwW7XnAqeVLp0SQsPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f295b3483af-MXP

GET
H3 200 11_1619597220_apple_music_logo.png
snd.click/storage/platforms/ Frame 0AB9 6 KB
6 KB 72ms
72ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/11_1619597220_apple_music_logo.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fc9e14f36c6590ef42bc2eec54e925cf573a2656de164817ba40c67bc71a5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6100
last-modified: Wed, 28 Apr 2021 08:07:00 GMT
server: cloudflare
etag: "608917a4-17d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u6IhNKp9ND%2Fdxh5Im3Fgs8gbE%2Bu53vC30H70snZ5Nvi2ducOLOpywogSABYCX5k7S39D14RNfTHmA%2FhoC%2FFlWYmEppuJI%2FHYgBmx7hhZHTnsa4WmvjwTBkSZfiXuCVwilc%2F50rbs0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f295b3583af-MXP

GET
H3 200 logo_itunes.svg
snd.click/landing/img/ Frame 0AB9 14 KB
5 KB 77ms
76ms Image
image/svg+xml 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/landing/img/logo_itunes.svg
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44b6e4f9164860ac419ab1e15cdd2aa55d8117b8fdee7b2545d1b4fe0704c55

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Apr 2020 13:50:49 GMT
server: cloudflare
age: 817853
etag: W/"5ea04bb9-37e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B0k%2Bp115HGBM58JsisAM4OtFi%2BQ55cKGj3Xw1WSJl5tDBc4kLVdSrxdtCy3rOerWTiqWcamSownAL9niW2jeAXITwfPmUx0coqxPi74VfdRlOm9t6Ohd3X3r1PMRR1QDLjpNVUwfJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f27f296b4b83af-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 25_1560246937_google_play.png
snd.click/storage/platforms/ Frame 0AB9 11 KB
12 KB 70ms
69ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/25_1560246937_google_play.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a744f38c6ace34651866bf42eb7dd14df089cdbb70c95854e766eb9b41d2361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11612
last-modified: Tue, 11 Jun 2019 09:55:37 GMT
server: cloudflare
etag: "5cff7a99-2d5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdavhuTCWfnfQlQTqzj4K0svYPSmBLkZpPv4yDb7qPA2oMe1KiQIGodxJhY40mF%2BbCDcPjtqh2dTJWEDEtRvmfuHOyyiDGHM4dPdY7R6K6iREGFIkx7R5VzaOroqHVh7Xzi18RAETgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f296b4d83af-MXP

GET
H3 200 20_1629199143_bandcamp.png
snd.click/storage/platforms/ Frame 0AB9 7 KB
7 KB 69ms
69ms Image
image/png 2606:4700:3032::6815:5654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snd.click/storage/platforms/20_1629199143_bandcamp.png
Requested by: Host: snd.click
URL: https://snd.click/landing/js/jcarousel/jquery-1.11.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d410b3debb14b15512f904dc7d23856ae6389cdacffa8e8339027088719500

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/mjI0tjt?embed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145140
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6658
last-modified: Tue, 17 Aug 2021 11:19:03 GMT
server: cloudflare
etag: "611b9b27-1a02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0M84p240nFm3fb0s0X3zDwQwapk97nW1pIOOHueQww3EdGnc5Rio4xSRsb4Ykuhxg93PrfefPkvnA2L2%2BlkPeXrw1cgR9NJG%2Fah%2FqqyLt2b3%2F2pO8Z0CO2HvkRrTpU9%2FT6OuviwbFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 71f27f296b4e83af-MXP

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ Frame 0AB9 38 KB
14 KB 99ms
32ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: www.aiupnow.com
URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: J3CZ71ZS80WGER7X
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: uC28ZawfAE2+AVUR4YdAQJPfJbbKbiVhUI41qKgLWbNVBPwFVoO6RbUSJwtsxcGQ817OVmMiuxc=
x-served-by: cache-lcy19221-LCY
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1655874828.801501,VS0,VE0
date: Wed, 22 Jun 2022 05:13:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2746

GET
H2 200 iubenda.js Show response
cdn.iubenda.com/ Frame 0AB9 14 KB
5 KB 137ms
43ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/iubenda.js
Requested by: Host: snd.click
URL: https://snd.click/landing/js/landing.js?id=a4d4ab09a2052e8cd0bc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39ffb5a9e67544a56b3ec4b1b8060a8c9a7cd29b750e624394a37f414cdf630b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:47 GMT
content-encoding: br
last-modified: Fri, 17 Jun 2022 09:08:38 GMT
etag: "62ac4496-145c"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=86400
content-type: application/javascript
content-length: 5212
expires: Thu, 23 Jun 2022 05:13:47 GMT

GET
H/1.1 200
OK db9141e72b Show response
bam.nr-data.net/1/ Frame 0AB9 49 B
721 B 204ms
146ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/db9141e72b?a=184865423&v=1216.487a282&to=ZAMANRNYWxZYAUxeXF1JIwIVUFoLFhFdUQ%3D%3D&rst=5112&ck=1&ref=https://snd.click/mjI0tjt&ap=1635&be=4420&fe=5005&dc=4990&perf=%7B%22timing%22:%7B%22of%22:1655874822713,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:13,%22rq%22:13,%22rp%22:1855,%22rpe%22:1857,%22dl%22:2119,%22di%22:3591,%22ds%22:3595,%22de%22:3595,%22dc%22:4419,%22l%22:4419,%22le%22:4422%7D,%22navigation%22:%7B%7D%7D&at=SEQDQ1tCSBg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://snd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 05:13:48 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 71f27f2a5a8a000a-MAN

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
94ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220616&jk=2920669157383389&bg=!SkmlSQ3NAAZlcKWdRXA7ACkAdvg8WnUzFvbVCbCL54mzYey0g1p8TVMkqCZESi8OTwVsFxsdmPFEswIAAABlUgAAAAJoAQcKANESu2ogWuqdnUUlSNORoKwxQBCgRkm117wpyOtyJBsZrLeTwh5IPirGDsI4aD8XpvniHOBPwmaLbQjMPZLOffiJSPGO5VSOgu0S23vNWp6MSd2Vvo5SVTP4Ccpr1xxfzkOh77c248ySBbDEJYOaNjkzSPvH7qKCvnsNIT9nGEOWlis-Hcb0Z1Z0vMpUSWaha2f3W6BgR83e90sBaB0AonSXi5uBw1_yG9IlPThyY5_4zw3Fz6UIwk7cYGEs1kTu5-4Xp92FV6kmbCkAtsUdjhntWpkClDLvAYNS4Bg-gP2Z8HT3ORDoqS0AECzlGP3KSZ0uefSln4WxY8LVgmi_thRHgvYkLrrZl_biNsOHoexnuGlsTtgNj9WJdshVQS_5psr-q7TyQqLfcDhmI6uEsb96I8QyiMeR02MjkYYIct8oGkaQjSHZwsGw1HUFIstWfKw-0LD5d5g_g9jNjnry0mWmA3j0P9xDRmagofxjTx7gHX0cI7lQuV-awWmNX1DspBSyEWRCCY082A8JfnUhIa_KpXdtnJu5EeDwFkbHauX8g75SXjKLNE9t_Srs1PzIIzJYS8Wy4gyx35e33sGMH6CMC22Fjqk4Wbof70qe4lkD83_efcl-QrrHI2fJHgG33uKdIB7iQ75Shoyi7BKZ49suiEvbPBfEamZETiy3PHjYwDdbnIwovX6C_TM4xf0vOUkzmVchtV9PXc5rUbWtnBI0ohWly_EUy0fvt_CE6uGC-AeWt-lEuBigz-o7xij-tjA57xbT4O4Zl0maORg1I8Sqxp_BcpLUw-WaM_Wt3ra-PZSL6IpkqiWL-GAm2wTcG3jpyNVFdFkEUvCMZof3R17JHr8wAKd5wnYljzfETX7VJkFucH0Ip4VgPYNDY672hmmYhLCxvoedEx80i1nOma2SPgF-eArHXtICro-Sv5rrCUEIcDj8Rg72PyXpnsiLdaNGZskwEELc1nrEEB0_ZgIDoTzxBwcZBxu_qsF0iwPRYICspkM0MkN9NAIlK8CNk2p6iJDzGHaebueWDzbvUizZvYIXpvU-F-KMJVRm8hpxchqEyPcT00-2ZXWK9R-nYAkGJcDeUr6OW_sMrOM7FQjwDkyjadICli416pbF_LFbxUAvSlVvQ-osBwXGMAPg1fZfyDRqyQzm3w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.aiupnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

POST
H2 200 53791720 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 98ms
97ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53791720?wmode=0&wv-part=4&wv-hit=447861480&page-url=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&rn=413975177&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1655874828%3Aw%3A1600x1200%3Av%3A821%3Az%3A0%3Ai%3A20220622051348%3Au%3A1655874823129053414%3Avf%3A1axv6s0ia38tfbuwalw54%3Awe%3A1%3Ast%3A1655874828&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aiupnow.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 05:13:48 GMT
last-modified: Wed, 22-Jun-2022 05:13:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.aiupnow.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 22-Jun-2022 05:13:48 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 13B9 28 B
56 B 53ms
53ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/tgcMQP8iv04?rel=0&controls=0&enablejsapi=1&version=3&playerapiid=ytplayer
X-YouTube-Client-Version: 1.20220619.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZanFoTTA5aGJqTSiJysqVBg%3D%3D
X-YouTube-Ad-Signals: dt=1655874826811&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqa9nueJMdmlKjbz1Y8wzSdmiZmC2786qjayrSw8mxVbZTLCpMaog-userPh_pDDt9F8b2ZpGss1i0RBmZWCdxqJ4zKTA

Response headers

date: Wed, 22 Jun 2022 05:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:49 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E930 28 B
56 B 53ms
53ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50ce972d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu
X-YouTube-Client-Version: 1.20220619.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZanFoTTA5aGJqTSiGysqVBg%3D%3D
X-YouTube-Ad-Signals: dt=1655874823425&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C340%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo3gp4XSHtjHv6c3fzMmnFlfkhclvq-i-HDGqWpmVhjwht0tgnn9UjEsJ3fYVkbW3dL2IDEKNfSqr_L5Zlqo6-iQv7yow

Response headers

date: Wed, 22 Jun 2022 05:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 22 Jun 2022 05:13:49 GMT

GET
H3 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame D4E7 721 B
446 B 42ms
42ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310b6378b3f0b8%26domain%3Dwww.aiupnow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.aiupnow.com%252Ff1ff449a63bf394%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.aiupnow.com%2F2022%2F06%2Fnew-toddycat-hacker-group-on-experts.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qVSJF/6ycs/5uNocEebDvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 392
x-fb-rlafr: 0
x-fb-debug: ZA4IaiPhatPlSMA2Ntdnb3wJ96z0YQmjb6M3Ze/k1fMqloqm42Z4hE/vFs0Dyuj+JdF+rQ747/1yQsozqqaVSA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Jun 2023 19:32:23 GMT

GET
H3 200 wvZWaQbGrTr.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame D4E7 125 KB
20 KB 43ms
43ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/wvZWaQbGrTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4SeHpPROPfPtACyhfXFABg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20389
x-fb-rlafr: 0
x-fb-debug: IOyUH1kU3MqB60HYbAHLPOQAt47920YEYKx6xs6FORtuA9VsvapNT0PhUhAdo1wGotuMaeSQowDkKRkykf0fog==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Jun 2023 14:07:09 GMT

GET
H3 200 TxsJT5EpS4Q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame D4E7 318 KB
86 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/TxsJT5EpS4Q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b38c1f3a5f0f5ddbeadd9d08469b279d3db1f72e64e53f0c12c24403268d222a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GPC44jkc6swQtmIbFjYd1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87766
x-fb-rlafr: 0
x-fb-debug: /K1AsJ1LuV2uD9F9mmJMm9UYAI8c5qJL4OxOB67+txTmCOghHnfRqhhjfAB8AhZrVqjztvYB//dWBPzFb2AUvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 01:49:51 GMT

GET
H3 200 1H0BqMo_5Wo.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yQ/l/en_US/ Frame D4E7 152 KB
42 KB 43ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yQ/l/en_US/1H0BqMo_5Wo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

006f82612d2a260e9ceb884c3e927eab200cc49a4a774a80953ce48a5bf16c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vvaWjMC2siSLOPUCqeXOYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43077
x-fb-rlafr: 0
x-fb-debug: BlRVjLqRQdYDDVzTrIAIBYRuR3TWAQcLBt2uKTtf5Q2EhopNRnHuL/YkhJzqgglmTqQlaMXQBnzFUxbRHxOmoQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 21 Jun 2023 01:59:31 GMT

GET
H3 200 ITKalTN4UyR.js Show response
static.xx.fbcdn.net/rsrc.php/v3iqDT4/ya/l/en_US/ Frame D4E7 1 MB
336 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iqDT4/ya/l/en_US/ITKalTN4UyR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b8a6ddaaa38efc3ea1a6b384e1b36fe19d680aa300eb65a1ca48eae187f2858

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /dxVgY2ViXUPQ/xh5c9vvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 343622
x-fb-rlafr: 0
x-fb-debug: UmF+s8l64be1Hi+Gn9V8b1w7svlYWSUfLaU+FxrhjH2Iz7aaow+aTtSxzsHTd+p2OePb+FUZaI6DjQ3iHlxDPQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 22 Jun 2023 02:19:46 GMT

GET
H3 200 KM4vffuo-0L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame D4E7 2 KB
842 B 135ms
135ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHjmWcicjHzSu82QnUDDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 788
x-fb-rlafr: 0
x-fb-debug: HNIKta82Wu6jZ73QPa1YLcufl06JrzW39nm4KQ+plyhjVFrTt/tvFEvZJMunNxBMt+CmzQOtE5aiFjhxMJYBzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 15:55:06 GMT

GET
H3 200 2ygxy7WuaG1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame D4E7 32 KB
10 KB 134ms
133ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/2ygxy7WuaG1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e51863eb4dfff12e7587b1a503eb331fa92a5a780bf9a274a135196c975aac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: p+rKMMrkc0LDVvu0FJQNqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10263
x-fb-rlafr: 0
x-fb-debug: JiTZQ53dk8ME/4adXrTHMUqkALDq1NgeszECqD4oDR8ACx/0+iGhsriVY+lbrGeVMYh/o+Dm4w3R0eZ97tVGhQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 15 Jun 2023 00:22:52 GMT

GET
H3 200 AeDYPw7COGr.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yA/l/en_US/ Frame D4E7 42 KB
12 KB 136ms
135ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yA/l/en_US/AeDYPw7COGr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60a7086329479f1f78740a078f2cd495033ab02c9dea5381859a027a34897673

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7XT5zc5ueKWeh83fQkZ+kA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12607
x-fb-rlafr: 0
x-fb-debug: Z4MPNGdMkqpNLRxK4sWEkyhWn+g2RpKLxdLNXQY2tmlIl7B0VCN39eEvHwSiiBMOFh65rFFYX5lRilwInrezpg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Jun 2023 17:04:14 GMT

GET
H3 200 54A1zBzElGm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D4E7 145 KB
43 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/54A1zBzElGm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/TxsJT5EpS4Q.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d40154580101614f2c16eff8ed83ecf1b952f053a06b3eff2219b71b8322fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KQE7mHhc3sLEEEL3DyZi/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44288
x-fb-rlafr: 0
x-fb-debug: 1zHzpSp8GHnNGf7Ncb0BogNVjVXCTdQJlABnPsdl62dO9dzt53s6eoZwqijVZbvspWYtsYvmMer/4LbpuVlFig==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 20 Jun 2023 15:08:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PLTQo8AHoikl4XxhhAwb5RyZcwlDrrX8lu

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faiupnow%2F&tabs&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=1997641080334383

Domain: open.spotify.com
URL: https://open.spotify.com/follow/1?uri=spotify:artist:7MGsRbZ2l9Yi22CxuFpi1H?si=Gc_gop-YRV-hvsLIPOpT5Q&size=detail&theme=light

Domain: snd.click
URL: https://snd.click/mjI0tjt?embed=1

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.aiupnow.com/2022/06	1969-12-31 23:59:59	Name: logglytrackingsession Value: 33c03819-930a-4378-914c-094fe1bfff34
.aiupnow.com/	1970-01-20 21:29:06	Name: _ga Value: GA1.2.830107522.1655874822
.aiupnow.com/	1970-01-20 03:59:21	Name: _gid Value: GA1.2.419796161.1655874822
.aiupnow.com/	1970-01-20 03:57:54	Name: _gat_blogger Value: 1
.aiupnow.com/	1970-01-20 06:07:30	Name: _fbp Value: fb.1.1655874822568.980246668
.facebook.com/	1970-01-20 06:07:30	Name: fr Value: 0IBjemwrXJLuMkWqi..BisqUG...1.0.BisqUG.
.spotify.com/	1970-01-20 12:43:30	Name: sp_t Value: 3f4c98ed8ef4c5c5bf8ddfc93abfb917
.spotify.com/	1970-01-20 03:59:21	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Ffollow%2F1%3Fsp_cid%3D3f4c98ed8ef4c5c5bf8ddfc93abfb917%26device%3Ddesktop
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: wm1T4ULFAFg
.infolinks.com/	1970-01-20 21:29:06	Name: cuid Value: f8e35c92-a306-4332-8cd8-dda0d2f9c237
www.aiupnow.com/	1969-12-31 23:59:59	Name: cookie_consent Value: seen
.aiupnow.com/	1970-01-20 12:43:30	Name: _ym_uid Value: 1655874823129053414
.aiupnow.com/	1970-01-20 12:43:30	Name: _ym_d Value: 1655874823
.aiupnow.com/	1970-01-20 13:19:30	Name: __gads Value: ID=615671ac85f19a56-22dcd3d9b8cd004f:T=1655874823:RT=1655874823:S=ALNI_MYs8Z5O2mMlkg1fLLfBeuaSyRXhjQ
.yandex.ru/	1970-01-20 12:43:30	Name: yandexuid Value: 453057211655874823
.yandex.ru/	1970-01-20 12:43:30	Name: yuidss Value: 453057211655874823
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1321974961655874823
.yandex.ru/	1970-01-23 19:33:54	Name: i Value: 4tKi/iUmSBYymn5Jzom5Q6FLvnuFro0hkr319Excl5gOM47nWar3yPiYsF15WFC6LKVPYDCpsJubHyEBikQO2RYpEOs=
.yandex.ru/	1970-01-20 12:43:30	Name: ymex Value: 1687410823.yrts.1655874823#1687410823.yrtsi.1655874823
.vk.com/	1970-01-20 12:53:15	Name: remixlang Value: 3
.vk.com/	1970-01-20 12:43:30	Name: remixstlid Value: 9060892661426963370_61ky1AXwwdGrEwsmz9DoUoAxe7fqn9OMbKNgQTTOEXX
.aiupnow.com/	1970-01-20 03:59:06	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 13:19:30	Name: IDE Value: AHWqTUm_zBD5TQszvNKetzRR4UCD1kz64MwMpV5S5IfKde7CBpKoNKXMVoeQPMph_Nc
.aiupnow.com/	1970-01-20 03:57:56	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 03:57:58	Name: DSID Value: NO_DATA
disqus.com/	1970-01-20 03:57:56	Name: __jid Value: 5dkslsv11lh1ku
.disqus.com/	1970-01-20 12:43:30	Name: disqus_unique Value: 5dksm713v8fopn
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 641971786acf7cc9

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~r/wmexperts/~4/XMvfuvRqk3g'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~r/wmexperts/~4/tkpYeuiT0cA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-eAeO-DYJDws/Vkqtj4HFBFI/AAAAAAAAB0o/Q5OLsyONXM0/s1600-r/nth.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-eAeO-DYJDws/Vkqtj4HFBFI/AAAAAAAAB0o/Q5OLsyONXM0/s1600-r/nth.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-eAeO-DYJDws/Vkqtj4HFBFI/AAAAAAAAB0o/Q5OLsyONXM0/s1600-r/nth.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=yIl2AUoC8zA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=dnMXMwOfBR0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=7Q72WNTAKBA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=yIl2AUoC8zA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=dnMXMwOfBR0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=7Q72WNTAKBA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=yIl2AUoC8zA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=dnMXMwOfBR0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=7Q72WNTAKBA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://cdn.mos.cms.futurecdn.net/z28UUiGgnwUdY6A5fBfZ7Y.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.mos.cms.futurecdn.net/PUEwiHAcqCWiJs4G5fJQsL.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.mos.cms.futurecdn.net/nfMrkBo63jzATa7KNfkQS3.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.mos.cms.futurecdn.net/5b3JbVPPj7APQ2XsqQEFpW.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.mos.cms.futurecdn.net/xtZtBJVgiPPKiXuENcH2SB.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdn.mos.cms.futurecdn.net/Js4tGk8Xzm2XdntCAoAXgJ.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js(Line 2) Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-Yw8BIuvwoSQ/VsjkCIMoltI/AAAAAAAAC4c/s55PW6xEKn0/s1600-r/nth.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js(Line 2) Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-Yw8BIuvwoSQ/VsjkCIMoltI/AAAAAAAAC4c/s55PW6xEKn0/s1600-r/nth.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/SmallBusinessTrends?i=ChFYLI4sz84:hJQE1Ml9cv0:F7zBnMyn0Lo'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/SmallBusinessTrends?d=yIl2AUoC8zA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/SmallBusinessTrends?i=ChFYLI4sz84:hJQE1Ml9cv0:D7DqB2pKExk'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/SmallBusinessTrends?i=ChFYLI4sz84:hJQE1Ml9cv0:gIN9vFwOqvQ'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=yIl2AUoC8zA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=dnMXMwOfBR0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html Message: Mixed Content: The page at 'https://www.aiupnow.com/2022/06/new-toddycat-hacker-group-on-experts.html' was loaded over HTTPS, but requested an insecure element 'http://feeds.feedburner.com/~ff/AmazonWebServicesBlog?d=7Q72WNTAKBA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://snd.click/landing/js%7D/jcarousel/jquery.easing-1.3.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.disquscdn.com
accounts.google.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
analytics.shareaholic.com
api.bufferapp.com
api.pinterest.com
api.tumblr.com
api.viglink.com
apis.google.com
bam.nr-data.net
blogs.windows.com
c.disquscdn.com
cdn.ampproject.org
cdn.iubenda.com
cdn.mos.cms.futurecdn.net
cdn.shareaholic.net
cdn.viglink.com
cdnjs.cloudflare.com
connect.facebook.net
connect.ok.ru
contextual.media.net
d2908q01vomqb2.cloudfront.net
disqus.com
feeds.feedburner.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.scdn.co
i.ytimg.com
img.youtube.com
jnn-pa.googleapis.com
js-agent.newrelic.com
js-cdn.music.apple.com
juliaberolzheimer.com
lh3.googleusercontent.com
m9m6e2w5.stackpathcdn.com
maxcdn.bootstrapcdn.com
mc.yandex.ru
media-mbst-pub-ue1.s3.amazonaws.com
media.smallbiztrends.com
o.aolcdn.com
open.spotify.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
passport.mobilenations.com
recs.shareaholic.com
referrer.disqus.com
res.cloudinary.com
resources.blogblog.com
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
s.w.org
s.yimg.com
s0.2mdn.net
s37564.pcdn.co
sigma2.disqus.com
snd.click
ssl.gstatic.com
static.doubleclick.net
static.xx.fbcdn.net
tpc.googlesyndication.com
use.fontawesome.com
vk.com
www.aiupnow.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reddit.com
www.shareaholic.net
www.windowscentral.com
www.youtube.com
www.yummly.com
youtube.com
yt3.ggpht.com
open.spotify.com
snd.click
www.facebook.com
www.youtube.com
104.111.214.240
104.16.139.31
104.75.88.209
107.20.147.136
141.193.213.21
143.204.101.37
143.204.89.48
151.101.193.140
151.101.2.137
151.101.64.134
151.101.66.114
151.139.128.11
162.247.241.14
172.217.18.2
172.66.41.9
172.66.42.247
184.73.100.94
192.0.77.40
192.0.77.48
199.232.192.134
199.232.194.49
199.232.196.134
2.18.235.93
217.20.147.3
2600:1901:1:c36::
2600:9000:2156:aa00:6:8656:f5c0:93a1
2606:2800:233:af6:eab:2108:1892:6d8
2606:4700:10::6816:2449
2606:4700:3032::6815:5654
2606:4700::6810:a40d
2606:4700::6811:180e
2606:4700::6812:1a47
2606:4700::6812:4c34
2606:4700::6812:bcf
2a00:1288:80:807::2
2a00:1450:4001:803::200d
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:811::2013
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:812::2009
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:26f0:6c00:299::1fcf
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::393
2a04:4e42:f::760
2a06:98c1:3120::3
2a06:98c1:3121::3
3.220.182.115
34.246.24.138
52.217.200.1
54.152.90.100
67.26.137.252
87.240.190.78
002748d2650fbcee145d81c283ecdd1c3a69e5dbcc1d5343985dd9a036103c2c
006f82612d2a260e9ceb884c3e927eab200cc49a4a774a80953ce48a5bf16c8a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
026c405fffa4011b994664f03b59a6e24e78002ef00d0d717625cb903f5751ff
02a691d6c2b0e66a5d9e8395471cde59527e3ecce07c120c16e3a39d1c50f1c7
03ff0157d55ff75b58478fd3b4ee9694eb2545314ff1d080acc10789c374facc
04492033d981e2d81e27159207bb9fd9682eca335f7aa76af8922aa0e2bd9a3b
0511444b22076b1a440c35ee8665bd950b54e953c9eb7c2769a940c60f2248a7
054b6c1a62209d8183da7a3c52abc04321dd64fdba0e9e6a6333feb21f7f0f14
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06c653a370fa90f134601395d21c778e18b7ee9dcf8d295e552c5a2bfd283a4c
07820f0ee3e5c253462bade268025f7712fdf14c0821fdaeb25040791fca9e4d
0909362ff29eead81238bc2f055362cb0678e2e6c4d172838165ecb89099bcea
094b0fc42db289680ea15b64149c810734635fdc269652dbe4aa015d90a91541
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a5a22d776fce4072b2a71ac14dc467a9da67a084c8c06d02412d3ae6a29a339
0a744f38c6ace34651866bf42eb7dd14df089cdbb70c95854e766eb9b41d2361
0a7cdae489a25f10c82ff599f33b4e8c978ec008864e35ec64abe2b0f3687271
0a96d7b610ef0fc6294316659f5548844963f386de511d0b965de25ab04bf0ca
0adf904cad59825c050f52926f940b1a1eb8748a941d8331f8d555d2da9fbf94
0c2201ec5fea03d928741898605b3498b52b264d5299f52f9d5fc4ab39c7f497
0ccb2ab37cedaef2eab9c7044c99afdb8c73a122a29ad8b7344af644a15bd14b
0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03
0cffbe5f5e8fb12d8cf3147138b9dd994097329645f0cb2c5eedb8bb1dae3dd1
0d155fabafdd533a9427065538509ded01e97b16d86c1071625711ba764a8bae
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0ea5d009030ee35c398f1b52ef56366e57824f7ffaf0ab95008c143d539fc998
0f0ec6f18a1d347ae4d61b2ae846aa330c76f8ded4443b8ba484fea4cacf50d7
10a54814460951eba9e31d24e93e2c5593251ca86d3c4cb787d2cc4c9e621d7f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110641ca3ab7dad6d3932948c5df062a11525250026933fa806a7adb7e09ab00
131334eb140ed8d0b6e6d95fab6ab015116a136bbc8199dbdbafa21bcbebe238
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
159ba8031992c474706f80fcf40e53438ccee72d05a768c818ba02a69132d701
17710b0cbda106bd59c9bb320d152a06bba83cfed9e8a171b4e63f48adfc0a09
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a468873ef8f08be7a9bfadcf3d9dc90c83429abce20f5a8326fb869dd7357e7
1d11f76ccc5e545d66afea9000097e1ea7c80816d276abf21e53f654d2b5537c
1d2edfe4b9da6657460275a1e6ed9d7e114848f0b531ff229774a2dc92a60faf
1ec03fa7280f5c11bcb80472cbe4cf20138ff96bfb3d26d4eff6fe79a2f935bf
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
22a6b5ca081c7e993a6de605757cb5da85573221300021627663e89fb6950b18
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23cd07955419539fafbd15f1bea00b8dd008a791ddc4799e4d9341c3b6802f97
2401b6c90334f69bca585263201ccddb9d34412d38acaa83251fc63346716a9d
2606aa711e586bfe1be8beb2a08289903cf5b87e7a53403dabf1eda1b8c0d177
282abd1cd20c5623d2acd68bd597abbcbabb3e3d14029693c69af7ccd2ff5bb5
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
28a01ca0774f2944617326f584900a93585acd56d3ea8c5b01de25ed2b7d1e5a
29fe732a3a3512aedec5358e02eee2156a1b783cbc27ac7ed3a023c0b8cf507f
2a5aa8749b707f73090c7fc4938f6452803ccfe09c30ff8ff5adbd6735b799e6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b35091898c898bcef98c992d7d9e8effc8d0a8a7c4c91e7b9bbd5e3a47e922c
2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7
2c1965b32c1ac348412c93eee1c7b23afbfae3e8e5df67f2bb33cc92694d6b0d
2d387f8955e673b6b83572bdd758e2b0be9da640de3fc2d83c2cb96dbf4c4037
2d612b36bcf538270a26299731449a62bd2964b2a6f6f3f64e79d331e80445dd
2d64698d99f8cf1ab0a2ec60bd05821b2438c7a5632eed16b9bea1a7821e6cdc
2e6eeb160ac8051a3f21340e1da5338275df92704f7d7e7a11378b5a9120b6c9
2fd9ee1b8fcd194b03c576520478299958d96037df850c6f4908f757b1a1cffb
2fe3f82a0f41f37f5e3b078fe233b506bdc93ee998d1eb5d3a3eaf397bf25efe
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
308ca99bb8ad6a132cc62a2d1406886ad84f4a9d6b6799a80df11642536a237c
322327d3a33c7034d08645ec8ece89a48f452abc215e454e31eee838fb0ca638
32c8ec967ccde3b64e5317b356d5ca6ac6a0b39ba32f6de2f8c3b1a4e38c2574
32d4a5a4b4a42c2a460592095881d285b086322933f41a1a8dd1c07a251ba2a7
336d1424330028b2e93fc06bf8b8c738a06232c52b3f16323a2c523d952a95e8
33ea774f6b92826380075bf15df00e064cb3d5e5dd863e3516eb1f08c0382547
33fb4f945a35b6ccaf4d19c0e6d1d8ad39736c430884b7090fc0f965d3f748ad
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
357021c2773b40d5aacaec065eff01c22cf525983bd0ea8f466e19fe3b770bfa
35a8b24bf52d17b340f8ddd9867d39ffb2fa7fa10b6a607da3c60cbc40403fba
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
373b56920bb4ceed22fc51add53857c9c86c4e3a86cc324b2a5183ae42d4c2d4
381d4ac37d36e80c48f702647fecea3c68f6c50373aeb4fbe6baafc8bf49dfbb
383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863
3898c7eb371c27f6a80b3c5e6da07f1f18717cc0bfde43108e65948b4bcab812
3911e4722388593128aab44db997a81319b7cd9013c7d0b3e3896c065abf4a55
39ffb5a9e67544a56b3ec4b1b8060a8c9a7cd29b750e624394a37f414cdf630b
3bbd1c0c28ea0f2af4254c62d76b86321cecfd45a3cea933d29b37fb53ba6e28
3d70e4a45db995fb4e2e062a3a35fa5272840f0183eafb284905a455e55971d9
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3f80191d3f91043dd5ae270290a7b61009ecd25a99f59824d92c0699b6c0b9ce
403c435e20925bc3acb41347e68c451c9be3feeae23727cb721beeee04e21000
41d912180005b1bd9339ec5808cb6090877830c1164236d0d340ce7dd50b3c37
41de08800a265ace2583706a700329c0cef015db686998fccf72fffe6020128c
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
42a30bbada5dcf01392b69cc556f3bead93b9dc97abfcad2afbf2636e79adf59
42d44a542a2fd547468d2b554dcd130a141d288d83cc64c354f8e82156d840b9
42f6e92559837dcba7023a3d5fe1a633a0bb5e976ce7664f82d5ef9a1fba7ac5
4476c31489084f057d971484ea8337d294bdce33db840a204e800da4e37ebe1d
4512240dca2a59d6f18502229269f36846e194a33015ca8ca1a93a3535fb333b
458cde5732ec7725b01941e8f5de64da8f942659d64b310676cbc73581d6199f
464dd77316da80f7571d36051835a27d732db181d7817c600d9ec3d156614176
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
46dae536be7da54b906fd23359accbe477830bd86819a2a0e05782a1e4aa021b
4793da764ba41080e563c9c14f8cdb478f612d3c1f6f81f1ece8d5e8d55183be
47a5f381652e48eaff4120d5df8cc600ce1f4c9ba33cca6f60b81c5bd80c7947
4849e42ca45f3c3f17860bbf172b546a14fc05da21941672abd23757886dcd60
4874ac817fcf625e0f4b0fe8fe1201a19e31abcbde0058b5090ed88ec17a38af
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49e2b032998310b58314ec676d238c2d7796db6e44716f9188cd41eade762e5c
4a55ba734c42e1108d5a00d7c34df350ef715fc9dfe0af489295f898492922d6
4a56966a95f564be8dc98114f74e45268dc11fb6f12bebbae392d18c269601c8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4afa85f7f4fae2c5833727336ca9744e39e05d97c18cfa030528845974a7e93c
4b28bbd5d102f48c0a0f622633407342913980e52a8996d6c0ccf15274e60c31
4bd05bfd667a96d309ae17a38f5d378a892e5aa50294401936cfd63096f3a846
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d071d69e25eb8288369459a7fa77275fd654bc22f4965e50ca2e95fe63931c3
4d1224d07234fde9939af1cea0a28744ddb9a424ec87263dc19bd7b2a1f077cc
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4e7a4de80dbec3e143eea735672c7a5aff8303e551c431f479f7e9f8b6c20b78
4e9c61cb3ab5d2bcfbf8ebddad7f6c531ea3621fc5ab2adfe61a51f479fc3b69
50025bab5957b54d1b9ca5723796385e5cadae9a863b8427ce9adb225287121a
51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a
5162e161256d5ed6324f83aec392da39dcb81dd20807ca87f41bf94f825cc7a1
5275bab553c9cc2b84d80b51ff54ef80c1efebb288881c694cf792888426443f
52a6af380b8a4987d9d4ac52902883f15d6008bd5793517af645bf57eda095c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568cad9e1d346b6c9881e632f94f9e43990bc36155ad002e0f491f86c8f7029c
58967b22e0e0ed171c46f25a57cfb97f3dd40369cdf683667ebeb8c877664361
58a99caa168f3fb7ac80de25881a11c0f9b50d12c848bb7ee2cf7dc6309d8ee3
5915d19663759c92cdc204faf60abb9ad2f915c26aa132553138cd3d2a475ba2
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03
5bbad0f690f953d77e2e20838d495d7223486afe108a75f7c4bb7b45497ce4aa
5cf34d605f353037a0ab53e0d1abfe48d1c54263e5e763c23366e77d45960bfa
5e8c99a55dd5ce3311904f8bcf4d2c40fc68faaf745db582b49ab6ef686b997e
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f36d3add46f6a425f70f833b75be801d705199e7dbfdb11e4de9a935082a1c4
5fa01422a7c2f100e0f074533baa471795211f2020cf16505db159a73031177a
5fee9bee5192b952739299570f6f1d5880895edb6e518c14850651083c242fef
60a7086329479f1f78740a078f2cd495033ab02c9dea5381859a027a34897673
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6291312088281f1660edad81cde381d66b27e529f192766f2e211f5892d82ad5
6373db5c400f788f6b1a872daf6b495dc2d07ca9b5ea3d93608444804c518ea0
63bd1290734d42988618531f116ded35108d357633fd4ec34676f5824684d16e
6420d39f4dbb6fdad1b669c6a3afc1ffdfa0d53483598f5f31972bfc4d550cec
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
64d9e31c4270e4f2a48372accca6dc66e405f5f70381daac97751cbe3615254f
654fbcbda47c2aa67f212492935f5f7ac35cb0a0ce269ac8ba0ee283c4afb691
6729d94c53fca9ac3b791dfc6ce13328fb3f313a472f86d52ebb8e0ae90496ed
67d410b3debb14b15512f904dc7d23856ae6389cdacffa8e8339027088719500
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
689e5562d56dc1e3f0a581ab2664d960e4ecfa91a1069da69699f559ee0f45cb
6991b0dfb02f46e2bb00808bd3eaaf97cfb4caa209a24ceb5a5c3482b091d6ff
69ed8c0bb16c7e578e5d4615d8e94efca362f0da8c40a5aa7d6533e101e3e2e4
6a9efadda49bd1d787c3f4aaaae5d44a98d21c03005e43863bd2ea37ed107008
6b3527b9e2cf0c55da2e939fed42a667268a8dc5085cdb37a5394f481e63241a
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
6b8a6ddaaa38efc3ea1a6b384e1b36fe19d680aa300eb65a1ca48eae187f2858
6c1b7ea59e3eafa1db487594947587ad612bb73df0868fe9adc792acda166cd6
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6ca0ba132e317aa25845976719aecc3fbc11dfbe15c1ca37809b1d0d39bcf8c0
6ddf4b3808381e2aa9c430851aa6b477a0b92c0d01b9d06cf68b95137289be76
6e6221f8603843e33aea69f1eff610fc753d5689ce75d5324f27144a10cb475f
6e6c2d72399795fca17f0148142cdcfe10e88d357bcfcba5564ff020bd8d8268
6e90e08d8a22b844f2702324b2dabe4db40b99a5046caeb23cca6bd85394b175
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
70da3e4a8b6dec8ea9d499a54ec6441ce226091ce0b5ec27e76b00c5b25218b2
719d6aea9ac95b62fa771390c8eba337efeb62fdf103489d4de9a671513f073a
71e451c63b128494fbaa49cc9ed5b6283a925bad689fb7d8847d7230ad89505c
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
731c5ba43396ee2e1bdf7d3068a2f88f9e806bd4390ec83f1ae46f90d4f01c30
738161904fe560fd83c26e301998e35ac1e87cb40bebd4b190a5f141309d40b9
750daaf4023ca6d58e86ee995d0bcc69128d4a2fb882ddef4c5b56dd74ea3f1e
786efbce4d93b3bd5774b3998201a077c4c1a08fa27c3bb3a6ed62e9a86cd74a
78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c
79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c1eaad20196eec6bda4543394a169600b0295061c659f5c422f4156f7094ca
7baffcd39adabb6a310d3bb5a69280c3efdc156750c4aef01af18be7381b9530
7d4c3f8a7d28fde72a07039591f727ee8f4767d682cc325818262ebac67f266f
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ec2fc40578b5d3c7c8ac12187d460fbde0d2775e48091c1363e4fac43f99a0b
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fea6de988272634196e39af105aaf82c56cc5ee36a917a761c85a46b17b656c
8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee
8273db824fef2f9863530e0f9938d4077e755f33c3c74d0946df816ee0422347
854c7944c8fc86224cd9c384d5db98c0d34467671552bafa5fd7cc1800d3637b
8559b7e5e86976ac2b43d84dca46f5710852e2e1c50d5fdce5fd532efcb2154e
8702ad50fb999824187d672f0247d079a87f4cea6924b1e5c7facfec2df84635
871f64d89795838c773a27fb668e45b3e494fb3c24758cfcca6934f305f0db72
874a9021e27d128e4f05770a3cdef0fe3d923fc9604634e629d16ee32aba61be
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
884bab512acc3235af224271f85a9030fd7461211c697519808bcb7702c1a091
88b31efaa4bbefe3a418ff4e2501473cc2955dbe30b425b46fc18494a926f44a
896051fd2bad2ada3b6bac1baf64b020caca491bfbf6a80a5f032508b937ebca
8a741fa0b25369fd2ff18c53965ec0aa5f1b2450a7e7bf10859b061f2be58717
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8adc228f0767e394cb499718b8c2c9cbd0179a8480985e89ff84df3e53b40745
8b82f883c1cd11ad9b0f4cd6cea48c70c84a84f41c57ee6e637417ef78182f50
8d2437a3b18515aee1b2d76f1d05e42ceb83f2e949ea27d3c5d6232eac84bff4
8d3f592c7284d7a75ba9082bec003ef81ace2c99ab03e59998bcb2fbf110dc1d
8d7d4556acfbfba8ed4abe6383f2b610bce80b37f02221e094abac32071ea42b
90844fe274b2657c9a8b9650635ae474d948fa477cdb93392cd7d5cde750c264
90db3808153f3ad1a44baaca1fada1748ccaae82d01eac332939a58373849d01
90dc359b64614e16a8d5ed0292a0bc968915bf74cfc0319d01e08aa60b36ec39
90fadc153cb3202eb4e63fa7f561f19d28ba6b66e1a91a57813c66c3032d54d9
9222037993e442ba70d3b56378f359c8c37b8e2cadfb301735de27bd0ea24635
92fdd5d32170b539261767b6e04a3e5efea901fc4b2790bcc426c57145032037
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9379a60c9161c83f5075dec933369e78b3be0d8c3b7827ceda7d7a038ee62ce9
941599ef67ea3cc66658bf5c0a5198fe55554c8a2cbf2f9f7453ff6da4ca3ef2
9508ef69d7d9cd49e9b9a56ea09a4972db9f1654dfa81911205857fed20a1da5
95b41ba92728e08797cd85b6f9683afbe13d450d1b3213358c48ac18d242846a
960b8d173d23088824bfe7dfe8c3bc7eee45b7d66d3496da92ea4166566d807e
9731fe9baf267ca8881398308237ffb11a3809fb79fae3af296131291464cc52
9748a7cf008db812f02487bcbc8e0cb7985359fb5317326a577061b4f838e983
9819d05369f799cad755666b8f38ab27c5115e20dee9ab7742e0dac76ff25b87
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
998fc10e25aca6830280b9ba4e34835acaecad15407c042eaf31e1879705364c
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9a35dfd0fbddea69f4dd538f574f7355d24443d293dd9cd13d1bd9d2474ac7fe
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
9baac2c8b8f8e173f13473c10413a4ff7cd82e6438ea22b2757ba5e92cc18bdb
9c17e10d965fb763c47cfd9ca3066b811b0decbe8fb17caada607b0de90f895e
9d6b7e4c2c5f0953c5a3d8c86cf76fef87f07d68825eee9382812d22c95ee415
9de2d6af3410c2b2ee4a32ee9e30e5f163b6e455bba78be5346c0edefd7120d0
9f39765bdf3ab9ba9fbb4fda70d895af4e6c3cf6d2f499b10e3f939758110398
9fb2ff6f1c5ac72b5464008371d6b44e064c601c90877eadb492016ca5921bc0
a02b36b91390e249de2d580f6f7ff71536da2117a7efcb6a0274e22774ef79d8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ea6b15fcfc74d8e8140eff696c693807a2c51540cb13e022a6f80ac70ef94d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b9c28205959e1323e482a8ebab65490ba2200da1665b75004947fbc4e18672
a3c5a87bfc7c6e76d6a4c6d14f16bf5e87de8153239266978b5c0127af33d7d9
a3ca49f83ae63de5d30ea69c990f093ed7bcbcad34169f7db6b63b759724fb23
a40602f590fc844c5a6bef03d54f271e9b8a9776868fd2c1616bcfa3f5b28846
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e7b1ee2fc7c1478f4af33d71ddf64f3131a996133877f4c51a4c5f453d18e0
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a538c00fabae6f169ee92f2deecbc0e2dfda05f8ccbfa75e6e136d2a43b74ed3
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a68f9ca423cdc1f9e2eed7a6c49a9f7a20c898a641fa9edbe633ea5e4c24a851
a6b23275e1021906d556f67911e5b3e069aa10746fc268966d38a5081ea0e31a
a7fc9e14f36c6590ef42bc2eec54e925cf573a2656de164817ba40c67bc71a5e
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa0ebf6d5e42188be6a85c781ddcb88dad1d95d1bd1ef502cb10dcaeaf942043
aad77fa3e8eba7348082dbf8f831038898bf2e9534264f1ced2c2269f1869e2d
abbc1ec1882d87ae329a0b370987bf23d974ba513761ee302f62022b7cb8791c
ac31201bab6a5eb0f748739676d48c39ebce880c4fde2918426e3056dc82407e
ac45e4c266a4fb5e7d49b00f4b3b9c53b70ccb5754d3a6d5cfc338ca3b98bd84
acd7bda20059d2aa89358f3075f6a205e4cc4392f3a5fbd9198dfbd24a3a0d7b
ade880e899aa6c382ea77e5f11612eddde3c396e992dac49d2697527f9ac6a99
aefce711ee9945feaf46eff9bf392d6c404bab1ff6e7df2cbcaf45cbd728a890
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b033a45e2be62a90dc3247d1976967ad3be3adf4a187496852438307c0311fbc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15322ff7c7a2aab7ebbce94e36f7b22dab420757563953f82fda039259cfe35
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0
b38c1f3a5f0f5ddbeadd9d08469b279d3db1f72e64e53f0c12c24403268d222a
b5847d9cac5da8d2e372bb3efc7e3adbb21dcb675266b422e5de761c7be48385
b6505d031783d578dfe255734a48c9771e28a082c7b20ac05e612a17afa16dae
b802d5eb5e91c748d4b445382cd40a7ced94f07a5c54ee1d713403e2712b6238
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
b98b086ba4ad8110fba7fcb3bf7f9873d52d7156da37d7ebeb72fc33963cb465
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8c3e5e1d44aa8a15c7db3c62ebdad04d9ab76c7b8c24430596d9ac1957b583
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd1d46e090dd11a9123e403410ad1b3354ed4c0906c92a13ae0a0daf85a91421
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be736fbce86037e89ab53b9f20371784deacaebd125fa87a452fbb759184ec1f
bf2b259176d1712ca42f68767b3dc61a2a2385fbb48ba3a7e5b587910e50d642
bf82e2f08d169157ce9dd36ba3317d1643e0235a0d2a11c4c88b89f828248a68
bfcf2f413dc380622c42e0afc707fca3d6a3006ebd7b0f92cd27d9a4d16c9d2e
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c1a75ea27451c167b4bd5b2b9ba97f4ec7d1bcb3bf5e4725e41ff35cee1b4ffe
c1dd3ae27cd0cf43059c6571c71a67429c3071d2fba84eba2d62809aa38ba3d8
c254d452e98c435d518499ae322219492ec40d13d5d6ae15cb144eec863931c6
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c5adf29ad6219a93a979c63d03aa91a9752a5c534eafd39d89b8aae7abcda74b
c63f6f4dfcb096de45b10cbe5e2a1934d61b6102ed643ca1d6a728d0e6bc6fd3
c6c8fac98dc2cee8c748d2cde7722274ec6cf31efde0d22ad5f58def0e9056ba
c744f418c695d36c8dfae25d5577f8c0270b6087ac917ed37aa37c9998d2809c
c811b52b159c35e96af4b1f0b999753162f21933e5e520e288de72dbd5a2018a
c877ae293a83a1b207d78c214657b3ab30c68ebd2f3c50652725d72027e86491
c8a4075e2a01ffa6c7663107553667e3d66e3c68ca1825315b94bbfb3681a638
c8d9eada2b65ec1b8c5cd4f64b524db4551da51e6ef7273dc042d7a155e0ebc0
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c905702b6efc7101cfebdf9591f4b58619742a13fed8f039139ee00472029f6c
c90b7e832a212a6390a5ec8c2c1161bda9375fb414ad87bfea2e282d2284be79
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cbf52478eea923d6c8559defe2bd5ce6f23107952a3ab8056d0d2d97df20a79e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce4c83d04a291f7ed50d9ef37e8cb423d387fce35b0f4cedf57086e12d477d4a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15d6d258a1f1e170c07f0b5a806416e89f155f3547a5ff9b3d2d5dc36d5ae29
d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0
d33dec6befb03aaa2cbf0f6cb0cbbca14b9c2a033945f861ed4fc22ebcb30992
d40154580101614f2c16eff8ed83ecf1b952f053a06b3eff2219b71b8322fe77
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d44b6e4f9164860ac419ab1e15cdd2aa55d8117b8fdee7b2545d1b4fe0704c55
d5adf666701b746821cc08cfa7064589419b3e1aa81e6324ddd6843e5bebf082
d643e6bf5521cd3df6bb1fe85123565b94282d52984dc1f049e5a03b022d9d43
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6e25238d199a625a8cfbb8412fc0b06900eb39c5dd76c41021b540b3e5060e2
d76f32f8bd2f4896065ce24a53a651b8b31f8518eeffef24d8ff3b7942a2437b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d942b6eebcffa564cf2969b807b042df53bcf6471948254b63162cbf7b45412e
db327ff1e7f09669a6483f25210ed52cf2349dd594106bfa6facdcd58dbdec67
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dd60ece584de716694b7832e5f426af629c1dbc00bad2303f57d7fe31591a6cd
ddda96fbf909e81e7f4af1337d87796aab55c037726a46aefba294f78e8c0ce1
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df7742c20d36750d872fcdc918b4e8727ede5e1dd9f3850638e78897228880f7
e0b16aaf102afce67e1bdd00f81c2279e8638817c470e39c8214f65cfc0ccec3
e0c693f73e44bf953f15933e1524c08a847ace141daaacf74bc1e10f9a4d74c1
e14012f1f88618c3cc4d5336659236168bdbd43822415503d98de8b83d95f458
e1aa0913c663dfd397be7d8f264da13bd066beeb46d780e8e69ea70890fe5de6
e1da5cd02d74bb5ba944e3ce44037860ac9f42392eec6c99b9543910e1a3a5fe
e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20
e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654
e33de29236bd945ad5963c32fd373b982e0970b3a1f784b8e7ae07d7be8c254d
e39547bfe1e151d5b01bd6b1d2d7006751733d08e5204dd374e9cc55be75816c
e3a3234cf421be9d34f0f1dd2bb88c731e27e9f67cae8062bc89d2f2d934ab21
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b12fe3aebedba8a4053a936d79d0d7f92d30086b78adf6b758a5b5e9b14aad
e51863eb4dfff12e7587b1a503eb331fa92a5a780bf9a274a135196c975aac4c
e5d260b63b22b9ec3d1c49893271ad9564834b321d9a4439c2c7de489b39d10b
e682f015d17f27909b774d07d2dea78b549124b0f726d507ae241d1176f8124f
e6c503f9233c127fe8f2b8aac650e8bf29bbe042622f18852964aa27c81768a8
e6f223d905e14a91da6a7fc1efc32b681883fd018d73d376e95a6cbc264b6b93
e7c01dcaa9b4f27c658fb77ebd491f61f3595a7a9da54cef29bdddd4ee1dab3f
e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4
e846a2c1d5dc6910fd8f41c2159d96712c540be2b0e3730efde2315b1ea0bbea
e8611123ce21102c202b7ad30b1b2e00b3cf1fac6b925198016168381f074de2
e8a274e08d4c907f9defeaeca9e4b623e54dc6f91059af58da0499cece26366f
ea5f79ca338417cfb44161c7678865c62a1f13bced36426608fd7e08a44ce501
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed37ba87617b2811a867ec611261f201a5628a499d15116bfbcf476c9770266b
ed6f204f27c32404d364e05db560976e69c0ce3f10185cdf41fdb13333045422
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3861eaa40453f10a97ac09eca9eb4692572c784edddd12dac46bf0fcde0028
f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff
f1423878f96d42902b1074096646a191e26ca23a5642dc8c682e5304bbaacba4
f1a32bc2f145aea8c098f09896ed081513a6f6fcb8adc1aecfdc2b43618393a7
f26539d3dbdcd4c01234d792d2c29ad8ea465375dabc3c328b94c58edbbb93a6
f4307580070e0eb1580c43601d37927c5aeee6cfe60dd7f32cab60c186a670df
f4b70c4cd11d64db7c587fa68ed12651b684fe2e78a9a9d46812f89beb496acb
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
f5fb80c6ab695aec793967d59c135b29618aad2f987174711a218fc44da08d77
f615e7ba92273145a27dfc0773e0a936233f96a40cee0eb90cedf8cdcf2e6e0a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c7dbc12ac85799a6ad64ac688546c03f8e29a94de041a7a37cf74a90c423ef
f805d8680a41f1df39eb9d0ce2740b7870bc1e5656a16905e64545c44f6d91db
f8359c743e903be005a0aec613afaddbb2ced172c0cbbfdb3a7c4d4eabb7407c
f9f21406615f1546dd9ced7d75db04dffb75609a92a35f835405784c78119447
fa0d1383cd6184c9654b458ceb23a3ad8c700d98cab32478b805e385efd97af0
ff152104d728368ece053a5076962e4c7c0f7cbfeaca09969ed0b615d061874e
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.aiupnow.com Open in urlscan Pro 2a00:1450:4001:811::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

514 Requests

96 %HTTPS

60 %IPv6

63 Domains

85 Subdomains

74 IPs

6 Countries

16745 kBTransfer

33150 kBSize

28 Cookies

51 Outgoing links

Redirected requests

514 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.aiupnow.com Open in urlscan Pro
2a00:1450:4001:811::2013 Public Scan

Screenshot
Live screenshot

Full Image

514
Requests

96 %
HTTPS

60 %
IPv6

63
Domains

85
Subdomains

74
IPs

6
Countries

16745 kB
Transfer

33150 kB
Size

28
Cookies

514 HTTP transactions
17 data transactions