urlscan.io logo urlscan.io
SecurityTrails logo

www.tweaksforgeeks.com Open in urlscan Pro
2606:4700:3035::6815:141c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Effective URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Submission: On April 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 14 countries across 132 domains to perform 474 HTTP transactions. The main IP is 2606:4700:3035::6815:141c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tweaksforgeeks.com. The Cisco Umbrella rank of the primary domain is 960258.
TLS certificate: Issued by GTS CA 1P5 on April 22nd 2023. Valid for: 3 months.
This is the only time www.tweaksforgeeks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 37 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 34.242.83.137 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
1 2 2600:9000:238... 16509 (AMAZON-02)
28 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2.21.20.142 20940 (AKAMAI-ASN1)
1 4 108.156.60.4 16509 (AMAZON-02)
16 172.66.42.247 13335 (CLOUDFLAR...)
6 68.71.249.118 20093 (ZEROLAG)
2 2600:9000:223... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
12 54.38.64.100 16276 (OVH)
1 184.86.251.93 20940 (AKAMAI-ASN1)
3 2a02:2638:d::d 44788 (ASN-CRITE...)
25 2606:4700:10:... 13335 (CLOUDFLAR...)
2 145.239.192.166 16276 (OVH)
7 51.89.9.252 16276 (OVH)
1 5 2620:116:800d... 16509 (AMAZON-02)
1 34.242.149.101 16509 (AMAZON-02)
1 108.156.61.80 16509 (AMAZON-02)
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2.21.20.141 20940 (AKAMAI-ASN1)
5 162.19.138.83 16276 (OVH)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:238... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
4 2600:1f18:1ac... 14618 (AMAZON-AES)
9 10 142.250.184.226 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
2 207.148.121.250 20473 (AS-CHOOPA)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2.21.20.153 20940 (AKAMAI-ASN1)
1 18.65.38.185 16509 (AMAZON-02)
3 52.222.136.109 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 34.248.182.206 16509 (AMAZON-02)
1 184.86.251.82 20940 (AKAMAI-ASN1)
1 6 188.42.196.115 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.154.221.221 16509 (AMAZON-02)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
7 34.149.20.76 396982 (GOOGLE-CL...)
2 3.66.31.88 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
1 6 193.3.178.4 399668 (E-PLANNING-)
2 64.74.236.223 19024 (INTERNAP-...)
1 15 172.67.10.198 13335 (CLOUDFLAR...)
1 2a0c:5c81:514... 55081 (24SHELLS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:9000:238... 16509 (AMAZON-02)
5 5 185.89.210.20 29990 (ASN-APPNEX)
3 3 185.64.190.79 62713 (AS-PUBMATIC)
2 6 185.64.189.110 62713 (AS-PUBMATIC)
1 2 198.47.127.20 62713 (AS-PUBMATIC)
3 10 185.80.39.216 27381 (CASALE-MEDIA)
6 6 3.71.149.231 16509 (AMAZON-02)
1 69.166.1.12 27630 (AS-XFERNET)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.31.91.58 16509 (AMAZON-02)
4 35.71.131.137 16509 (AMAZON-02)
12 89.149.192.65 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.75.118.109 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.65.35.220 16509 (AMAZON-02)
2 34.224.205.52 14618 (AMAZON-AES)
1 13.227.219.68 16509 (AMAZON-02)
4 184.30.134.95 16625 (AKAMAI-AS)
1 52.222.139.100 16509 (AMAZON-02)
1 2 54.246.240.52 16509 (AMAZON-02)
1 52.222.139.95 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
15 193.108.153.7 20940 (AKAMAI-ASN1)
1 18.65.39.29 16509 (AMAZON-02)
7 67.202.105.21 32748 (STEADFAST)
3 23.35.236.201 16625 (AKAMAI-AS)
1 2a0c:5c81:516... 55081 (24SHELLS)
1 193.3.178.3 399668 (E-PLANNING-)
2 37.157.3.30 198622 (ADFORM)
1 34.149.40.38 15169 (GOOGLE)
1 67.202.105.33 32748 (STEADFAST)
4 6 185.89.211.132 29990 (ASN-APPNEX)
5 185.239.172.77 55081 (24SHELLS)
2 18.159.74.172 16509 (AMAZON-02)
10 12 18.185.164.153 16509 (AMAZON-02)
1 1 54.93.207.65 16509 (AMAZON-02)
2 98.98.134.242 21859 (ZEN-ECN)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 116.202.85.93 24940 (HETZNER-AS)
2 2 194.190.76.44 48061 (UMA-TECH-AS)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
3 4 37.157.4.28 198622 (ADFORM)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 4 198.47.127.19 3257 (GTT-BACKB...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.212.178.201 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.83 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 35.157.172.150 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 18.200.222.100 16509 (AMAZON-02)
1 3 162.55.233.28 24940 (HETZNER-AS)
2 3 151.101.130.49 54113 (FASTLY)
2 2 2.18.233.201 16625 (AKAMAI-AS)
1 1 3.86.135.117 14618 (AMAZON-AES)
1 3 67.220.226.233 16509 (AMAZON-02)
1 104.111.217.14 16625 (AKAMAI-AS)
2 2 54.76.238.177 16509 (AMAZON-02)
1 5 69.173.144.138 26667 (RUBICONPR...)
1 151.236.118.146 204720 (CDNETWORKS)
1 98.98.134.241 21859 (ZEN-ECN)
1 2 8.2.110.24 46636 (NATCOWEB)
1 35.227.252.103 15169 (GOOGLE)
1 193.3.178.2 399668 (E-PLANNING-)
1 1 44.205.146.26 14618 (AMAZON-AES)
2 2 104.80.242.37 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
1 205.234.175.175 30081 (CACHENETW...)
1 216.52.2.6 30282 (AS-INAPCD...)
3 5 52.46.151.131 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 13.248.245.213 16509 (AMAZON-02)
2 2 52.51.235.201 16509 (AMAZON-02)
4 4 213.19.147.44 26120 (RHYTHMONE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 8.2.108.175 46636 (NATCOWEB)
1 5 69.173.144.165 26667 (RUBICONPR...)
1 1 184.86.251.89 20940 (AKAMAI-ASN1)
1 18.159.43.130 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 3 31.172.81.172 44066 (DE-FIRSTC...)
2 2 89.108.119.28 197695 (AS-REG)
1 2 2a02:6b8::90 ()
1 52.212.164.179 16509 (AMAZON-02)
1 2 185.86.138.153 201081 (SMARTADSE...)
1 2 2001:6d0:4001... ()
11 185.64.190.80 ()
2 2 213.155.156.182 ()
2 2 193.0.160.131 ()
1 1 3.218.51.207 ()
1 35.186.193.173 ()
1 195.5.165.20 ()
1 2 2606:4700::68... ()
1 1 35.214.153.92 ()
1 72.251.241.196 ()
1 1 34.102.163.6 ()
1 34.247.20.4 ()
1 1 34.111.129.221 ()
1 34.91.62.186 ()
1 2a05:d018:d29... ()
1 2a02:fa8:8806... ()
1 1 34.102.253.54 ()
1 1 64.227.64.62 ()
474 139
1    2606:4700:3037::ac43:9a76 (United States)

ASN13335 (CLOUDFLARENET, US)
apple-insider.com
37    2606:4700:3035::6815:141c (United States)

ASN13335 (CLOUDFLARENET, US)
www.tweaksforgeeks.com
6    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
5    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
stats.systems
2    34.242.83.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-83-137.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
4    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2104:9200:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
2    2600:9000:238d:1c00:2:aa19:6400:21 (United States)

ASN16509 (AMAZON-02, US)
d280h7aj1u7b0w.cloudfront.net
28    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
cdn.globalsun.io
3    2.21.20.142 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-142.deploy.static.akamaitechnologies.com
bucket1.mm-syringe.com
4    108.156.60.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-4.ams1.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
16    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3066.infolinks.com
6    68.71.249.118 (Canada)

ASN20093 (ZEROLAG, US)
udmserve.net
2    2600:9000:223f:9400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    54.38.64.100 (None, )

ASN16276 (OVH, FR)
c.tmyzer.com
1    184.86.251.93 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-93.deploy.static.akamaitechnologies.com
ced.sascdn.com
3    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
25    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
7    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
5    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    34.242.149.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-149-101.eu-west-1.compute.amazonaws.com
p.cpx.to
1    108.156.61.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-80.ams1.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
9    2606:4700:3033::6815:55 (United States)

ASN13335 (CLOUDFLARENET, US)
player.globalsun.io
2    2.21.20.141 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-141.deploy.static.akamaitechnologies.com
vms-players.minutemediaservices.com
5    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    2600:9000:238d:9800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:1f18:1aca:4281:ea73:294d:a09b:a42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
10    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    207.148.121.250 (Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 207.148.121.250.vultrusercontent.com
api-player.globalsun.io
1    2606:4700:20::681a:450 (United States)

ASN13335 (CLOUDFLARENET, US)
content.wazimo.com
7    2.21.20.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-153.deploy.static.akamaitechnologies.com
www.oo-syringe.com
1    18.65.38.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-38-185.ams1.r.cloudfront.net
www.datadoghq-browser-agent.com
3    52.222.136.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-136-109.ams50.r.cloudfront.net
c.amazon-adsystem.com
2    2a02:26f0:3500:16::215:1488 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
content.voltaxservices.io
factor-service.prod.voltaxservices.io
4    34.248.182.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-182-206.eu-west-1.compute.amazonaws.com
s.cpx.to
1    184.86.251.82 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-82.deploy.static.akamaitechnologies.com
cdn.mmctsvc.com
6    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    54.154.221.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-221-221.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
7    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    3.66.31.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-31-88.eu-central-1.compute.amazonaws.com
d.vidoomy.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
6    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
u-ams03.e-planning.net
2    64.74.236.223 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1h.zemanta.com
15    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2600:9000:238d:dc00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
5    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
10    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2606:4700:20::681a:267 (United States)

ASN13335 (CLOUDFLARENET, US)
bqstreamer.com
1    52.31.91.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-91-58.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
12    89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ww1097.smartadserver.com
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:26f0:3500:16::215:1491 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
drm.mmvideosvc.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csi.gstatic.com
8    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    18.65.35.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-35-220.ams1.r.cloudfront.net
aax.amazon-adsystem.com
2    34.224.205.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-205-52.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    13.227.219.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-68.ams54.r.cloudfront.net
ats.rlcdn.com
4    184.30.134.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-134-95.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    52.222.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-100.ams50.r.cloudfront.net
tags.crwdcntrl.net
2    54.246.240.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-240-52.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    52.222.139.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-95.ams50.r.cloudfront.net
geo.privacymanager.io
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
15    193.108.153.7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-7.deploy.static.akamaitechnologies.com
vms-videos.minutemediaservices.com
1    18.65.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net
sb.scorecardresearch.com
7    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a0c:5c81:5161:0:225:90ff:fefb:20e3 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
6    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    185.239.172.77 (United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
2    18.159.74.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-74-172.eu-central-1.compute.amazonaws.com
a-prebid.vidoomy.com
12    18.185.164.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-164-153.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    54.93.207.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-207-65.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    116.202.85.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de
sync.dmp.otm-r.com
2    194.190.76.44 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net
px.adhigh.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2a05:d018:24:b001:201e:5368:865a:b144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.212.178.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-178-201.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    35.157.172.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-172-150.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    18.200.222.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-222-100.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.86.135.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-135-117.compute-1.amazonaws.com
usermatch.krxd.net
3    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.76.238.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-238-177.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    151.236.118.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    44.205.146.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-146-26.compute-1.amazonaws.com
ssp.disqus.com
2    104.80.242.37 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-242-37.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    205.234.175.175 (Cantonment, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
1    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    52.51.235.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-235-201.eu-west-1.compute.amazonaws.com
ads.avct.cloud
4    213.19.147.44 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    184.86.251.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-89.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    18.159.43.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-43-130.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
2    2a02:6b8::90 (None, )

ASN- ()
an.yandex.ru
1    52.212.164.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-164-179.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    2001:6d0:4001::226 (None, )

ASN- ()
www.tns-counter.ru
11    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
2    213.155.156.182 (None, )

ASN- ()
d5p.de17a.com
2    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
1    3.218.51.207 (None, )

ASN- ()
sync.srv.stackadapt.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    35.214.153.92 (None, )

ASN- ()
csync.loopme.me
1    72.251.241.196 (None, )

ASN- ()
cm.adgrx.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    34.247.20.4 (None, )

ASN- ()
sync.crwdcntrl.net
1    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.91.62.186 (None, )

ASN- ()
um.simpli.fi
1    2a05:d018:d29:3605:114e:557c:38c4:1287 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:20::2010 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
37 tweaksforgeeks.com
www.tweaksforgeeks.com — Cisco Umbrella Rank: 960258
307 KB
29 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1002
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image4.pubmatic.com — Cisco Umbrella Rank: 1704
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com
39 KB
25 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 4380
mwzeom.zeotap.com — Cisco Umbrella Rank: 3683
27 KB
22 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 39388
338 KB
20 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
pubads.g.doubleclick.net — Cisco Umbrella Rank: 377
4 KB
17 minutemediaservices.com
vms-players.minutemediaservices.com — Cisco Umbrella Rank: 37799
vms-videos.minutemediaservices.com — Cisco Umbrella Rank: 27337
6 MB
17 globalsun.io
player.globalsun.io — Cisco Umbrella Rank: 246852
api-player.globalsun.io — Cisco Umbrella Rank: 265066
cdn.globalsun.io — Cisco Umbrella Rank: 357045
9 MB
16 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036
25 KB
16 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 8956
router.infolinks.com — Cisco Umbrella Rank: 4518
rt3066.infolinks.com — Cisco Umbrella Rank: 121238
332 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7054
csync.smilewanted.com — Cisco Umbrella Rank: 6291
static.smilewanted.com — Cisco Umbrella Rank: 14565
17 KB
14 smartadserver.com
ww1097.smartadserver.com — Cisco Umbrella Rank: 39650
sync.smartadserver.com — Cisco Umbrella Rank: 2242
4 KB
14 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4454
ssc-cms.33across.com — Cisco Umbrella Rank: 1678
1 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
4 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
69 KB
12 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 33346
3 KB
12 gstatic.com
fonts.gstatic.com
csi.gstatic.com
148 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 604
ib.adnxs.com — Cisco Umbrella Rank: 319
11 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
ssum.casalemedia.com — Cisco Umbrella Rank: 1999
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
8 KB
9 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7759
ads.us.e-planning.net — Cisco Umbrella Rank: 7307
u-ams03.e-planning.net — Cisco Umbrella Rank: 85997
s.e-planning.net — Cisco Umbrella Rank: 24286
i.e-planning.net — Cisco Umbrella Rank: 19164
4 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
21 KB
9 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607
fonts.googleapis.com — Cisco Umbrella Rank: 119
imasdk.googleapis.com — Cisco Umbrella Rank: 520
632 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606
pr-bh.ybp.yahoo.com
3 KB
8 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
static.adsafeprotected.com — Cisco Umbrella Rank: 820
dt.adsafeprotected.com — Cisco Umbrella Rank: 738
99 KB
7 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 7095
s.adtelligent.com — Cisco Umbrella Rank: 11573
sync.adtelligent.com — Cisco Umbrella Rank: 7698
5 KB
7 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
cache.betweendigital.com — Cisco Umbrella Rank: 18848
5 KB
7 oo-syringe.com
www.oo-syringe.com — Cisco Umbrella Rank: 23938
243 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
369 B
6 adform.net
cm.adform.net — Cisco Umbrella Rank: 1622
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
2 KB
6 udmserve.net
udmserve.net — Cisco Umbrella Rank: 4407
8 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
4 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10289
s.cpx.to — Cisco Umbrella Rank: 3832
5 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1478
pixel.quantserve.com — Cisco Umbrella Rank: 1327
cms.quantserve.com
10 KB
5 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1543
186 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
cr.frontend.weborama.fr
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
pixel.mathtag.com — Cisco Umbrella Rank: 1405
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
sync.crwdcntrl.net
12 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
98 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
1 KB
4 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 12153
a-prebid.vidoomy.com — Cisco Umbrella Rank: 17308
1 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
mp.4dex.io — Cisco Umbrella Rank: 2960
u.4dex.io — Cisco Umbrella Rank: 5135
25 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
bidder.criteo.com — Cisco Umbrella Rank: 803
dis.criteo.com Failed
1006 B
4 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 18414
embedcdn.sendtonews.com — Cisco Umbrella Rank: 21043
7 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
207 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5978
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
1 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2933
801 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 807
usermatch.krxd.net — Cisco Umbrella Rank: 2085
943 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
pixel.sitescout.com — Cisco Umbrella Rank: 5223
561 B
3 google.com
adservice.google.com — Cisco Umbrella Rank: 130
743 B
3 bqstreamer.com
bqstreamer.com — Cisco Umbrella Rank: 20408
1 KB
3 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1291
2 KB
3 mm-syringe.com
bucket1.mm-syringe.com — Cisco Umbrella Rank: 43408
51 KB
3 cloudfront.net
d280h7aj1u7b0w.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
27 KB
3 stats.systems
stats.systems — Cisco Umbrella Rank: 277195
9 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 rfihub.com
p.rfihub.com
2 KB
2 de17a.com
d5p.de17a.com
560 B
2 tns-counter.ru
www.tns-counter.ru
704 B
2 yandex.ru
an.yandex.ru
670 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13273
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
728 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3732
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
952 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5438
1 KB
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 13535
913 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 44547
580 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2638
752 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 13391
824 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
59 KB
2 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 5403
pubmatic-match.dotomi.com
506 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
458 B
2 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 18610
168 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1925
66 KB
2 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 8287
5 KB
2 voltaxservices.io
content.voltaxservices.io — Cisco Umbrella Rank: 26478
factor-service.prod.voltaxservices.io — Cisco Umbrella Rank: 26115
3 KB
2 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 43478
6 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 playground.xyz
ads.playground.xyz
463 B
1 simpli.fi
um.simpli.fi
610 B
1 mrtnsvr.com
ad.mrtnsvr.com
307 B
1 adgrx.com
cm.adgrx.com
283 B
1 loopme.me
csync.loopme.me
226 B
1 iprom.net
core.iprom.net
279 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 stackadapt.com
sync.srv.stackadapt.com
944 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
433 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
616 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
481 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 535
140 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 28294
270 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
349 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2228
300 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1886
350 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 822
145 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1646
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
529 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 17523
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 129312
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 11047
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 16853
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 839
166 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 16445
70 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 9811
345 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 9073
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
299 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2374
606 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2476
35 KB
1 vimeocdn.com
i.vimeocdn.com — Cisco Umbrella Rank: 4534
81 KB
1 mmvideosvc.com
drm.mmvideosvc.com — Cisco Umbrella Rank: 72239
593 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
17 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 43056
533 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
47 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
500 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4211
2 KB
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
174 B
1 mmctsvc.com
cdn.mmctsvc.com — Cisco Umbrella Rank: 33744
421 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3063
16 KB
1 wazimo.com
content.wazimo.com — Cisco Umbrella Rank: 32046
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
409 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9167
35 KB
1 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 22627
34 KB
1 apple-insider.com
apple-insider.com — Cisco Umbrella Rank: 962117
842 B
0 audrte.com Failed
a.audrte.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 sddan.com Failed
kvt.sddan.com Failed
474 132
Domain Requested by
37 www.tweaksforgeeks.com 1 redirects apple-insider.com
www.tweaksforgeeks.com
22 ads.themoneytizer.com www.tweaksforgeeks.com
ads.themoneytizer.com
17 mwzeom.zeotap.com www.tweaksforgeeks.com
spl.zeotap.com
ads.us.e-planning.net
15 vms-videos.minutemediaservices.com www.oo-syringe.com
12 x.bidswitch.net 10 redirects www.tweaksforgeeks.com
ads.betweendigital.com
12 ww1097.smartadserver.com ced.sascdn.com
12 c.tmyzer.com ads.themoneytizer.com
11 simage2.pubmatic.com ads.pubmatic.com
www.tweaksforgeeks.com
10 cm.g.doubleclick.net 9 redirects eus.rubiconproject.com
9 player.globalsun.io www.tweaksforgeeks.com
player.globalsun.io
9 fonts.gstatic.com fonts.googleapis.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
ads.us.e-planning.net
7 csync.smilewanted.com 1 redirects ads.themoneytizer.com
csync.smilewanted.com
7 ssc-cms.33across.com ads.themoneytizer.com
7 prebid.smilewanted.com ads.themoneytizer.com
7 ssc.33across.com ads.themoneytizer.com
7 www.oo-syringe.com vms-players.minutemediaservices.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.tweaksforgeeks.com
7 onetag-sys.com ads.themoneytizer.com
ads.us.e-planning.net
s.adtelligent.com
cache.betweendigital.com
7 resources.infolinks.com www.tweaksforgeeks.com
apple-insider.com
resources.infolinks.com
6 ib.adnxs.com 4 redirects spl.zeotap.com
csync.smilewanted.com
6 cdn.globalsun.io player.globalsun.io
6 ups.analytics.yahoo.com 6 redirects
6 image2.pubmatic.com 2 redirects ads.pubmatic.com
www.tweaksforgeeks.com
6 ads.betweendigital.com 1 redirects ads.themoneytizer.com
ads.betweendigital.com
www.tweaksforgeeks.com
6 rt3066.infolinks.com resources.infolinks.com
6 udmserve.net www.tweaksforgeeks.com
bid.underdog.media
5 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
eus.rubiconproject.com
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
5 pixel.rubiconproject.com 1 redirects spl.zeotap.com
s.adtelligent.com
eus.rubiconproject.com
5 sync.adtelligent.com ads.themoneytizer.com
s.adtelligent.com
ads.us.e-planning.net
ads.pubmatic.com
5 secure.adnxs.com 5 redirects
5 id5-sync.com ads.themoneytizer.com
ced.sascdn.com
www.tweaksforgeeks.com
eus.rubiconproject.com
5 use.fontawesome.com www.tweaksforgeeks.com
use.fontawesome.com
4 token.rubiconproject.com 1 redirects eus.rubiconproject.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
cache.betweendigital.com
4 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 image6.pubmatic.com 1 redirects spl.zeotap.com
ads.pubmatic.com
4 pixel.tapad.com 3 redirects www.tweaksforgeeks.com
4 secure.cdn.fastclick.net apple-insider.com
secure.cdn.fastclick.net
4 match.adsrvr.org www.tweaksforgeeks.com
spl.zeotap.com
ssum.casalemedia.com
4 s.cpx.to p.cpx.to
www.tweaksforgeeks.com
4 dt.adsafeprotected.com www.tweaksforgeeks.com
4 www.googletagmanager.com www.tweaksforgeeks.com
www.googletagmanager.com
3 sync.bumlam.com 3 redirects
3 sync.1rx.io 3 redirects
3 c1.adform.net 3 redirects
3 aax-eu.amazon-adsystem.com 1 redirects www.tweaksforgeeks.com
ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 sync.richaudience.com 1 redirects spl.zeotap.com
csync.smilewanted.com
3 idsync.frontend.weborama.fr 2 redirects www.tweaksforgeeks.com
3 ads.pubmatic.com ads.themoneytizer.com
s.adtelligent.com
www.tweaksforgeeks.com
3 csi.gstatic.com imasdk.googleapis.com
3 adservice.google.com imasdk.googleapis.com
3 bqstreamer.com vms-players.minutemediaservices.com
3 imasdk.googleapis.com vms-players.minutemediaservices.com
imasdk.googleapis.com
3 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
3 image8.pubmatic.com 3 redirects
3 pixel.quantserve.com www.tweaksforgeeks.com
3 c.amazon-adsystem.com vms-players.minutemediaservices.com
c.amazon-adsystem.com
3 rules.quantcount.com secure.quantserve.com
3 router.infolinks.com resources.infolinks.com
3 gum.criteo.com ads.themoneytizer.com
3 bucket1.mm-syringe.com www.tweaksforgeeks.com
www.oo-syringe.com
3 stats.systems www.tweaksforgeeks.com
3 fonts.googleapis.com www.tweaksforgeeks.com
vms-players.minutemediaservices.com
3 ajax.googleapis.com www.tweaksforgeeks.com
d2zur9cc2gf1tx.cloudfront.net
2 p.rfihub.com 2 redirects
2 d5p.de17a.com 2 redirects
2 www.tns-counter.ru 1 redirects www.tweaksforgeeks.com
2 sync.smartadserver.com 1 redirects eus.rubiconproject.com
2 an.yandex.ru 1 redirects www.tweaksforgeeks.com
2 x01.aidata.io 2 redirects
2 creativecdn.com 2 redirects
2 us.ck-ie.com csync.smilewanted.com
2 ad.turn.com 2 redirects
2 ads.avct.cloud 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 sync.admanmedia.com 1 redirects www.tweaksforgeeks.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 pixel.mathtag.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
www.tweaksforgeeks.com
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 px.adhigh.net 2 redirects
2 sync.mathtag.com 2 redirects
2 pixel-sync.sitescout.com www.tweaksforgeeks.com
2 a-prebid.vidoomy.com www.tweaksforgeeks.com
2 cm.adform.net ads.themoneytizer.com
www.tweaksforgeeks.com
2 static.criteo.net ads.themoneytizer.com
static.criteo.net
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 region1.google-analytics.com www.googletagmanager.com
2 image4.pubmatic.com 1 redirects www.tweaksforgeeks.com
2 bid.underdog.media udmserve.net
bid.underdog.media
2 cdn.confiant-integrations.net udmserve.net
cdn.confiant-integrations.net
2 stats.g.doubleclick.net www.google-analytics.com
2 b1h.zemanta.com ads.themoneytizer.com
www.tweaksforgeeks.com
2 pbjs.e-planning.net 1 redirects www.tweaksforgeeks.com
2 d.vidoomy.com ads.themoneytizer.com
2 api-player.globalsun.io player.globalsun.io
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 vms-players.minutemediaservices.com bucket1.mm-syringe.com
vms-players.minutemediaservices.com
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.tweaksforgeeks.com
2 embedcdn.sendtonews.com www.tweaksforgeeks.com
2 embed.sendtonews.com 1 redirects apple-insider.com
2 d280h7aj1u7b0w.cloudfront.net 1 redirects www.tweaksforgeeks.com
2 pixel.adsafeprotected.com www.tweaksforgeeks.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com www.tweaksforgeeks.com
1 pr-bh.ybp.yahoo.com www.tweaksforgeeks.com
1 um.simpli.fi www.tweaksforgeeks.com
1 cr.frontend.weborama.fr 1 redirects
1 sync.crwdcntrl.net www.tweaksforgeeks.com
1 ad.mrtnsvr.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 match.prod.bidr.io eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 eb2.3lift.com ads.us.e-planning.net
1 euexchangesync.digitaleast.mobi 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ap.lijit.com csync.smilewanted.com
1 i.e-planning.net ads.us.e-planning.net
1 ssum.casalemedia.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 pixel.sitescout.com ads.us.e-planning.net
1 static.smilewanted.com csync.smilewanted.com
1 cache.betweendigital.com ads.betweendigital.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ic.tynt.com ads.themoneytizer.com
1 u.4dex.io ads.themoneytizer.com
1 ads.us.e-planning.net ads.themoneytizer.com
1 s.adtelligent.com ads.themoneytizer.com
1 sb.scorecardresearch.com www.tweaksforgeeks.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 geo.privacymanager.io ats.rlcdn.com
1 tags.crwdcntrl.net apple-insider.com
1 ats.rlcdn.com apple-insider.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 i.vimeocdn.com www.tweaksforgeeks.com
1 drm.mmvideosvc.com vms-players.minutemediaservices.com
1 s0.2mdn.net imasdk.googleapis.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 factor-service.prod.voltaxservices.io vms-players.minutemediaservices.com
1 pagead2.googlesyndication.com cdn.unblockia.com
1 sync.go.sonobi.com www.tweaksforgeeks.com
1 ghb.adtelligent.com ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 bidder.criteo.com ads.themoneytizer.com
1 ad.360yield.com ads.themoneytizer.com
1 mp.4dex.io ads.themoneytizer.com
1 cdn.mmctsvc.com vms-players.minutemediaservices.com
1 content.voltaxservices.io vms-players.minutemediaservices.com
1 www.datadoghq-browser-agent.com vms-players.minutemediaservices.com
1 content.wazimo.com vms-players.minutemediaservices.com
1 lb.eu-1-id5-sync.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 cdn.unblockia.com www.tweaksforgeeks.com
1 apple-insider.com
0 a.audrte.com Failed www.tweaksforgeeks.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 dis.criteo.com Failed ads.pubmatic.com
0 kvt.sddan.com Failed ads.themoneytizer.com
474 196

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
globalsun.io
Subject Issuer Validity Valid
*.apple-insider.com
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
tweaksforgeeks.com
GTS CA 1P5		 2023-04-22 -
2023-07-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.unblockia.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
1266287590.rsc.cdn77.org
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
www.90min.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-25 -
2023-08-27		 a year crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.tmyzer.com
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2022-09-13 -
2023-09-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2022-11-21 -
2023-12-20		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-05-08		 2 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
api-player.globalsun.io
ZeroSSL RSA Domain Secure Site CA		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
content.voltaxservices.io
R3		 2023-04-21 -
2023-07-20		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
cdn.mmctsvc.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-27		 6 months crt.sh
ssc.33across.com
GTS CA 1D4		 2023-03-08 -
2023-06-06		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.prod.voltaxservices.io
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
adtrack.adleadevent.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-12		 5 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
1660445907.rsc.cdn77.org
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
cdn.mmvideosvc.com
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-18 -
2024-03-21		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-28 -
2023-06-26		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-03-05 -
2023-06-03		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.e-planning.net
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh

This page contains 73 frames:

Primary Page: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Frame ID: 3EE64A85605B5E542CE19DDA5151CFBD
Requests: 281 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682347042639
Frame ID: 12CC961ABD62635CE8D56D06B65F8B76
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Frame ID: 76DC18FC6E4F0521078A9B0DF7FAECE6
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3236112&wsid=12&pdom=www.tweaksforgeeks.com&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F
Frame ID: 28C00B744E1F55BCC33044132015004E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9179029AE1ED8A2E8422AEB19883A5DB
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&id=MTIZ
Frame ID: B46C93ABF4C968CA9BC4D1757A7AA47B
Requests: 1 HTTP requests in this frame

Frame: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Frame ID: B23F84FBF59AF9004328397598891559
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: C5D4338760B7B17E04D8C16960B8C1DC
Requests: 15 HTTP requests in this frame

Frame: https://vms-players.minutemediaservices.com/mplayer-bridge.html
Frame ID: 7E04CF724EA3DD3975AA46D6A9929F8D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 6D6A17EC5E9322FBAFB3A45F370B17A7
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 65E7859099CE2BC84768078330CF3F46
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=btze1Sza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 9E3FA3BCA46E658098E979EAC3FE9A90
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: E7062C3FF6462043274997794A458D22
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 1058813EBFEAA62593061FB2A41F539A
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d5jv24zaar7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6E27B1D48D985C32A3D7F54E667B7882
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: A1AEE51688D2A52749E2A4C0B4739502
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bpjP6uza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: F664C95BCC7DD26CC52C24A1F12A91B4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 1B7F3C1D7C7D423EECD36474C829FAE2
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=byadUMza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: B506ADE6A916260F2660446E78C6CA56
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682347043702
Frame ID: CA8E603B184FBC655B40186A88E1F4CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 8EA17226382C49CF18D42B81A7CA869B
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=andN_Kzaer7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7E20D5FD5A930395E6655521EDF1861A
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 15D60CD67DDF4153080E9775539F1754
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Frame ID: CF994790EB8F7EF4B42396663ECBA464
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bHj7xyza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8E547DB291A819B1DB9C67B735D2523C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&cmp=0
Frame ID: 713EBA607A6CC98DD3F70BBA8E1429F5
Requests: 33 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Frame ID: A42581E7C3F93A02EE2F7BE1912D9436
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 8601C2C9CFCA8EF4D1D3D96DB5B375B9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=9201185162672373872
Frame ID: D08869AA4504D00418FD0D4BA18D4F88
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aiQovMzaer7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 249418B443DD09B3AE7EAF76748B1730
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: 3FF0B0BF2B26BA339FE578B2073B06E7
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=5d9fd3e2-face-5272-b638-55ffd27ec1dc&CACHEBUSTER=48703
Frame ID: A804F735B8E68AB1116BF5CF5FC255CD
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 9BC149A49FA8EF6AE4A8B7F5D9AAA7B5
Requests: 12 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Frame ID: B2587488BF66C0061BAEA6FF18554670
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 4275363149E8DCE81C7514FA5161908F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 792D0D4CBD5BB692C2D2B16F1B379EFE
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361&cmp=0
Frame ID: A3F944B73BFABA0C5F2F6DDFEF7B6B35
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 2A884C12C46E9F4FA7CD9D993AB5EB8D
Requests: 18 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 4DAD8B98B09604B8815A37F5844FF7E4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: E53C46D8A3B98B0FFBF8F05E76C894C1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 5D6C1080DAA3EB8286031A99769A722B
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 2BE589AD32D820042EB0FC48EE12C0DD
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: ED450F555805DD471D3DDC0E67F6C7D7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFAcFVIoMyH1yOhK
Frame ID: A88464CA870CA5935C62840F06BA95AE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003
Frame ID: 665E5074427C11F0B8869FFF4D7BB954
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/5d9fd3e2-face-5272-b638-55ffd27ec1dc
Frame ID: D46DD43C816D207977B4231FA0A36F0C
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: C8B3198C765702856D1D24B93BBAA60F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/b089a1d8e57959b810e57250c1d4e26d?gdpr_consent=&gdpr=0
Frame ID: 7B336E9A064B63254CFD48261CDB6DBC
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 24C4F0065DF63AA127913DD9D947E505
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: C573A36540B773F463C397B0C2C4A651
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q0J8lBoYFd9e9KqVx0r6?pi=smilewanted&tc=1
Frame ID: A2A0FFCAAF126D5AC3886ABF42DE83E9
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb73c4788c0518018d12675dcebf04da
Frame ID: 9DC72B0FF49CE25FC0C0D39D52586415
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 1885F264886E6E1F6F7E67D127C65A67
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 4D929750585CF6AB37303C71C41D50F3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:65516446-9427-4d00-905e-b764c1cb921d&gdpr=0&gdpr_consent=
Frame ID: C72622CE0604F2CB3604BAFEF49F400D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508655812509207793
Frame ID: 91905EDC3845F4FE97D38E5BC2C2B962
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 36C4D58EDA951DEB59A8EB35C87CA399
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326093780833
Frame ID: 49A92CF11F32FD0774D9CA36D925DC7A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t-_Ks7jvzLas4pzm4uLTsODtmLes7cux5ePFn-83
Frame ID: 20EE26442FAA0CE4FDB890784E99CAAE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9FC097FF-5361-46CA-AD47-4426303570C6&redir=true&gdpr=0&gdpr_consent=
Frame ID: 39E87C00B27312CF6CCA84C7F36C1675
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9201185162672373872&gdpr=0&gdpr_consent=
Frame ID: A9D8F2B07414B43E3F162F3F5B4C9769
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7225625547400673428&gdpr=0&gdpr_consent=
Frame ID: F81CBAE80402CEC48E8D874E5D766EF5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Frame ID: 63B2B84EC53734F9150B92AA1E88E126
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACtkk7IjSgAACF2cS4Iog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8642267768220290310%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Frame ID: 43C099F0C42BDD029D85210896F77177
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: DB17D0D9B0E926C031DC8B37DA6E4EA7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 17F20D767997470BB913FCCABAAA72B5
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D14D5E65B73FC8D77A92EB9F0E081DF1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 87B3040CBBA62567111E86F5BCD5B67C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 51D13F5CDBC6870AD55D2991BF73C3ED
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: AEED4421BB47BF012C0CA5D2F5AAD0D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=iG_i7QKtM&gdpr=0&gdpr_consent=
Frame ID: E5DBA65B70607DD9C2E115350497DC1E
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 9A982BD85B22D915F6AD940F24318CD5
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=9FC097FF-5361-46CA-AD47-4426303570C6
Frame ID: BC7371E9A0DB48DE7EF3E96C8B17D3F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tweaks For Geeks

Page URL History Show full URLs

  1. https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm... Page URL
  2. https://www.tweaksforgeeks.com/featured/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_cam... HTTP 302
    https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distrib... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

474
Requests

85 %
HTTPS

28 %
IPv6

132
Domains

196
Subdomains

139
IPs

14
Countries

18137 kB
Transfer

27364 kB
Size

109
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am Page URL
  2. https://www.tweaksforgeeks.com/featured/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am&art%5B0%5D=NEVNZEttTmtVN2ZkcitXNlJFRTZEd1k9&art%5B1%5D=c0FWVmREVjlEZXllOUE9PQ--&knd=BbiZMPoT1bxDYYrodTVfqw-- HTTP 302
    https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://embed.sendtonews.com/player3/embedcode.js?fk=A4ACasdj&cid=11755&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
Request Chain 112
  • https://d280h7aj1u7b0w.cloudfront.net/player3/embedcode.js?fk=A4ACasdj&cid=11755&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHM_L4MA32bTT9YHbsi_HPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb&zdid=1258
Request Chain 159
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/www.tweaksforgeeks.com/ROS?rnd=0.6783062023934288&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&pbv=7.44.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&e_pubcid=68f75162-7985-412d-a8b6-a571a741e3c5 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/www.tweaksforgeeks.com/ROS?ct=1&r=pbjs&rnd=0.6783062023934288&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&pbv=7.44.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&e_pubcid=68f75162-7985-412d-a8b6-a571a741e3c5
Request Chain 179
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.14426123 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.14426123 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=9201185162672373872;cb=0.14426123
Request Chain 180
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.14426123 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.14426123&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkM2NDE5REUtREI1OS00NDU2LUIyRjYtMzVEMTQ2MDJFNzdG&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.14426123&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D9FC097FF-5361-46CA-AD47-4426303570C6 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=9FC097FF-5361-46CA-AD47-4426303570C6
Request Chain 181
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.14426123%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.14426123%3Bindx%3D&s=199174&C=1 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.14426123;indx=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB
Request Chain 182
  • https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.14426123 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.14426123&verify=true HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a8cb2c8e-88fb-4d42-8200-90736f345515 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&google_gid=CAESEJiyv9N6oYavtiFcZu_EtR8&google_cver=1
Request Chain 205
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da8cb2c8e-88fb-4d42-8200-90736f345515 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9FC097FF-5361-46CA-AD47-4426303570C6&fid=a8cb2c8e-88fb-4d42-8200-90736f345515
Request Chain 207
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.tweaksforgeeks.com%252Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%252F%26hn_ver%3D40%26fid%3Da8cb2c8e-88fb-4d42-8200-90736f345515%26dsp%3Dpub_common%26dsp_uid%3Da4cde59c-ae6f-41e5-8bb1-90b144d70595 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=9201185162672373872&pid=12771&ref=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&hn_ver=40&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&dsp=pub_common&dsp_uid=a4cde59c-ae6f-41e5-8bb1-90b144d70595
Request Chain 324
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=9201185162672373872
Request Chain 327
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9201185162672373872
Request Chain 328
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_660be387-1d12-426a-ac86-988765f1764b&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A&gdpr=0
Request Chain 333
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=65516446-9427-4d00-905e-b764c1cb921d&expires=30&ssp=between&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=
Request Chain 334
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1DdUJ6bWk1RTJ1Rl8yaVhoeGhfOHVJMnR4YnlzUlRqRVREQnNtWkUtfkE%3D&gdpr=0
Request Chain 336
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L84oQOsTO7x.AikABlGHs7K7Lg
Request Chain 338
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=eded6025-4c7a-414d-97e6-007139cd314a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 344
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8e8b119e-1c84-4c33-b5ae-c2f71bfd114c&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 345
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21161270249839823283296305279210715832&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 347
  • https://bn01.er.bemail.it/zeotap.php?_bid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023042416-92128-0.454005001682347047-14e0ba4a8f9a5b46b5cc63c81d0b2f3c&zdid=533&env=mWeb
Request Chain 348
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7225625547400673428&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 349
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
Request Chain 350
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361&bounce=1&random=1435408435 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=loDGlzgMKDLnTj/ksvwqPO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 352
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 353
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-gknGV3dE2oqlLwulMGMZput5GvU3.cBoDQ--~A&zpartnerid=570&env=mWeb
Request Chain 354
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=i1wNE6XmLfcj584laWhOc%2BF4fMv5AIkD%2BS41iYitP1U%3D
Request Chain 358
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361&_test=ZEaUJwAFLn7MEABa HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZEaUJwAFLn7MEABa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&_test=ZEaUJwAFLn7MEABa
Request Chain 359
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=65516446-9427-4d00-905e-b764c1cb921d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 360
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 361
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&dcc=t
Request Chain 363
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&puid=893ab8e0-e2ad-11ed-821a-9b29867dbf7b
Request Chain 365
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=24c23ae2-9a13-4803-9b26-34a4cf492831&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Request Chain 372
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D7c625d803254ea82%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7c625d803254ea82&uid=8e3e47a7-bea5-4a2f-9f3f-0ca2e397178c
Request Chain 375
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7c625d803254ea82%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7c625d803254ea82&uid=9201185162672373872
Request Chain 376
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7c625d803254ea82%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7c625d803254ea82&uid=ua-3e575d16-9214-3d17-b957-2d26a85f30b8
Request Chain 377
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 388
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3D851c29e5-6e01-420d-6631-fb4e81572f22%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
Request Chain 394
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEaUI230OeyRDMc8xZV0eQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHo5WtB7W5q3HyiUsMgtftY&google_cver=1
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_XO_eJ7BWgs-00P44Mizw&google_cver=1
Request Chain 397
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7a669c3e-b7c0-de39-1a239959
Request Chain 398
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9201185162672373872
Request Chain 399
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059250712242642139&expiration=1683556647
Request Chain 400
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85628a05-19f2-47c3-94f6-d6b83364fc3f
Request Chain 402
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 406
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=81ebe22c-221d-4b6b-a625-891830b09c7f&ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=24c23ae2-9a13-4803-9b26-34a4cf492831
Request Chain 407
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1682347047793 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=142827238 HTTP 302
  • https://sync.1rx.io/usersync/turn/4120244204822914046?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-50a132a9-e901-4d92-8637-787b4a159dfe-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003
Request Chain 408
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/5d9fd3e2-face-5272-b638-55ffd27ec1dc
Request Chain 412
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b089a1d8e57959b810e57250c1d4e26d?gdpr_consent=&gdpr=0
Request Chain 416
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q0J8lBoYFd9e9KqVx0r6?pi=smilewanted&tc=1
Request Chain 417
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARioqJqiBqIBEIlqOsrirRHthuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=896a3aca-e2ad-11ed-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=896a3aca-e2ad-11ed-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=8R4ti1REQOFVEM6jRQvy5A& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/896a3aca-e2ad-11ed-86e0-002590c0647c HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/896a3aca-e2ad-11ed-86e0-002590c0647c?redir-setuniq=1
Request Chain 418
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 420
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=upbqao3tROmYbn9dyRPexw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=upbqao3tROmYbn9dyRPexw
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfwoiNEnQKusZCVfw_VuyQ&google_cver=1
Request Chain 424
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Request Chain 425
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D HTTP 302
  • https://token.rubiconproject.com/token?pid=35912&puid=65516446-9427-4d00-905e-b764c1cb921d
Request Chain 426
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb73c4788c0518018d12675dcebf04da
Request Chain 428
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 431
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/48703 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/48703
Request Chain 434
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=5d9fd3e2-face-5272-b638-55ffd27ec1dc&expires=60 HTTP 302
  • https://sync.admanmedia.com/bidswitch.gif?puid=24c23ae2-9a13-4803-9b26-34a4cf492831&redir=[RED]
Request Chain 442
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:65516446-9427-4d00-905e-b764c1cb921d&gdpr=0&gdpr_consent=
Request Chain 443
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508655812509207793
Request Chain 445
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326093780833
Request Chain 446
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t-_Ks7jvzLas4pzm4uLTsODtmLes7cux5ePFn-83
Request Chain 448
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9201185162672373872&gdpr=0&gdpr_consent=
Request Chain 449
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7225625547400673428&gdpr=0&gdpr_consent=
Request Chain 450
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Request Chain 451
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDdGtrN0lqU2dBQUNGMmNTNElvZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACtkk7IjSgAACF2cS4Iog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8642267768220290310&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACtkk7IjSgAACF2cS4Iog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8642267768220290310%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Request Chain 455
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 456
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 458
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=iG_i7QKtM&gdpr=0&gdpr_consent=
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n8CX_1NhRsqtR0QmMDVwxg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 463
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9FC097FF-5361-46CA-AD47-4426303570C6
Request Chain 464
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9FC097FF-5361-46CA-AD47-4426303570C6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmxmYlpnM1dlMXBSUEs1ZFlEa1pGSDhXZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3wzWK7oSD0hLame3OLhU&google_cver=1
Request Chain 467
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8059250712242642139
Request Chain 469
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9FC097FF-5361-46CA-AD47-4426303570C6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m21qsVRE2uUxDYEUdCTseUS7qvLVZzs-~A&gdpr=0
Request Chain 471
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727411533869&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 474
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4120244204822914046&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 475
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9201185162672373872
Request Chain 476
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bc08744-5f41-4db1-93e6-62c69189dbd4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

474 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
apple-insider.com/i/7MyjJ5kWKI/ 		1 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.27
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bcf155fdc3a039a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md2ANq1IOuoWKRBb6rx7%2BSgl0UP%2BRDoOPhVRbh6gDSW1elM4BkoHXCBQ177O802%2B0q6L4IAvY8Yn6FyvXpcFy4AdOd3HvPHDOU2YlDgbiZOuj9YydRCcQAQLzyeUWxcJq%2F0kXM7%2B5GnO2Sujw3sFXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.27
Primary Request /
www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Redirect Chain
  • https://www.tweaksforgeeks.com/featured/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am&art%5B0%5D=NEVNZEttTmtVN2ZkcitXNlJFRTZEd1k9&art%5B1%5D=c0FWVmREVjlEZXllOUE9PQ--&k...
  • https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
95 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.27
Resource Hash
23329f33da29a62c21c0937f64a2cc89f2305ff0e806fdc5b478b81ae3d520b6

Request headers

Referer
https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
7bcf15685f009061-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
refresh
16;url=https://www.tweaksforgeeks.com/featured/microsoft-confirms-windows-11-remote-desktop-issue-affecting-a-wide-range-of-users/
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QTFo19SCQ%2FNBXxL%2FMgeQTGnb0%2BHxag0pLoVN6yctVPUQjjP63wLdCecBoD9LA7ZwfWQBe484tGZJpqXdgSMoJyg9OwYkxWWyiFQawfo2WulkD42%2F9GZFI%2BdZto%2BlrFFNZaq1SdbhSu0S5JxsaH6vPHO%2Fu1a"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-envoy-upstream-service-time
92
x-powered-by
PHP/8.0.27

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
7bcf15643a0b9061-FRA
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvXduaJ5henV9mr9jh2nMNEmifbIjYrL3fbxiKCp37yuu5iqDQZ%2FLAIRWQx1tVi8Nt5qRZ8YecIPpzvJ4APYlVtyF6tNawDBYpHyBqkmlB1%2FNfWCqmwPsxSl66lA2LD8UH3gLb8d5iKSvF1VKzjFJHz3a7wT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-envoy-upstream-service-time
9
x-powered-by
PHP/8.0.27
style.min.css
www.tweaksforgeeks.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 21:45:26 GMT
server
cloudflare
etag
W/"298348081"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgF5pHYy48%2BfC34OdQ5euhjdZSJC5N8kON3KqGaSF08Bp54v3I6YVwLvJOhgGdG%2FUwIFaB491GjHu%2BpYWCt4Af%2F28wyoHPGhfnC4S8W6N5zjcECTTInI0uwUzNRJlIfSyVIUqSUeB6Ewa1pXSLQZvudTiytD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156daff690fa-FRA
expires
Wed, 24 May 2023 14:37:20 GMT
dashicons.min.css
www.tweaksforgeeks.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-includes/css/dashicons.min.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1294302
x-envoy-upstream-service-time
59
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Apr 2021 11:50:27 GMT
server
cloudflare
etag
W/"3496818739"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikMmr2oT2gbiQKYBTUL9V3bar4hTRvifPcmki1lGSGetGqlJlfHfq2yVcMWRYO%2FKxKZbKcOsvMAbc4nTW7klMAhBOVagPQ5O%2Bn80zbhci00yR0ON3sngNj8m5tky5J4cpUZjItEjm6ukykI4fI1%2BkuBnt1iT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156daff990fa-FRA
expires
Tue, 09 May 2023 15:05:37 GMT
font-theme.css
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/css/font-theme.css?ver=1.15.1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78125999f6ec056a97290b4554b68328a18b9771f49a45d9abce91033ea01a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:56:49 GMT
server
cloudflare
etag
W/"4061651398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8VwLjftRnhTpqqCtdSM4N0i3BJJEfW7I1DXGXSoYQ%2F5ih2NS%2FF4PRij1VG%2FWoFtfN3gbMuZRIVAtfI5Nt0YgTzc9EFBo%2FQHeBVdpU8EOZ0lhcHw2AAzpKaWsd6VfCMkpXM1Zkqyl22vYI%2FPsNWpmgm7YRbT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156daffa90fa-FRA
expires
Wed, 24 May 2023 14:37:20 GMT
style.css
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/fonts/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/fonts/style.css?ver=1.15.1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bcc637896f680fc74dafaa350cf28a3480d121fad51e73c35ce26b5bb51738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:56:51 GMT
server
cloudflare
etag
W/"3436681306"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esDzS%2BLLFpq%2BM0Ea8SlKRhPYqJIMPc%2FyE3YTUFYnFx27y3VlMut3pifgnzhEIQPT9PNKPOjMHEmdi0373V2iCHHUoanA3VC2lfdNs09dwu5F0C1rQKdSKx8%2Fi82xwVHFIMfoMEl8b1FCXrC%2FgDpXLR7rQoE4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156daffb90fa-FRA
expires
Wed, 24 May 2023 14:37:20 GMT
wp-automatic.css
www.tweaksforgeeks.com/wp-content/plugins/wp-automatic/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 04 Feb 2023 05:07:26 GMT
server
cloudflare
etag
W/"362567401"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dD%2BduhY9ZtjWjxJvjvln7d0wQUtBh7AU8Ri%2F9nbeJ7mdEHmBkgp2pQnNOQsPLyH80WmFPOHPSB2rIe%2Bwu2Xp2o5o5PHcqsmFLeRe9qxZKxzAoM%2Bs446ef3PRZEXaLRP9GhI7d45Qy3NZNMRjCE7YwAtPGIdK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156daffc90fa-FRA
expires
Wed, 24 May 2023 14:37:20 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8422
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 16:42:48 GMT
style.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress/ 		180 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/style.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6230eddba95db2adc1df9294dbc1b9e759f5bd64eba48197ca6426f57f056d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
21
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"2943462945"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUPY8aeNVxA2IABa0c9FeIXea5i0Ssm8IHdcnW3NCe1SDoIehBu24TpXsR0lwEMcbN9YKJHqMUAhTAK0YDeDbTP8a2HMDuU9XLmpP%2Fv%2FcxftSrAtEzcN8uysUVrtfdygaH53wgf1KOHkhTKa7zSuojQ5%2FsPt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156daffd90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
wp-emoji-release.min.js
www.tweaksforgeeks.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 03 Jun 2022 14:26:02 GMT
server
cloudflare
etag
W/"1411457949"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FB%2FJW1LGGVP%2FkbI%2BueJZIvlEfVtGbBaLybNySJY2MbAvOJPzd55Hhv%2FOyKyMJB4MyEhhu0Th25%2Fh05y2UHLcpZpJH%2FgVk5GrCokIP63GAgqjvQ1d%2ByKhIhcQU6qEwxKP1eF1pQ6IuSd%2BnUgmg1d4Q7gX2an"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15783c0590fa-FRA
expires
Wed, 24 May 2023 14:37:22 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
120C7A5FHBF8D7FC
age
228842
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wlfdwL2B29Izfq/atCnbwtXr6pewKJKmH77gBDv/d/aH7bvsWDvoLPbmsu1E7+KpU+gjxpxA7ik=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHuxfw26DoHaXAzYYmKzaVcsSSFaN7qHdnv%2Fe7ci8XzYFvlGQY4qJzfNO6E5QqShySUvsbGXGkmXXKshV5pop6Lfmj1s8VcshojtHbwBmf3uDR7gI3TeyQxK6%2BJKnn%2FtwX%2BlK%2FK7joCgosL6N%2FxoPOaf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7bcf156eee1b9b34-FRA
style.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/ 		48 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/style.css?ver=1.0.0
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b171c05f32d68a987cb3511ebba4a3f276cdd6c801ce15c495da2b0ebee01cc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Aug 2021 09:57:43 GMT
server
cloudflare
etag
W/"4015540966"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St2NbC901J4GcoavdS3eJNPhRu6Gmbgu4orwy8IGDoKLukQjqKVqRhuWT1c2bT8p95cOGeJWHulofV4qmb0Z0GTDaakA6f%2BakdQJyESKmrEFtQ%2FMkEcP%2FKWwfjbOMXn%2BGg05Tv4xIneBiAaoLmDNOloqgEpP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88f190fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
all.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/font-awesome/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDXSk47dlXxTp8LqHaSs%2F7j3q%2FSEJpkwPGZbeqB1oM48qx%2FgQuDNv%2BUjrb1qfrHeboL40tMIDehu%2FOlFXtDklDwzZzAcvyFTEBpc6pLkH%2BKWLzqGo7sFpg6soW6R5Hzl%2BEuYCGAWalUsSQgHfDut1S5dtNFM"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
x-envoy-upstream-service-time
1
cf-ray
7bcf156e88f390fa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		173 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7ea16a5fc7ebc5912a3370b744763ee7be073e9e3a3ea8f0fe156f9ece05610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 14:37:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Apr 2023 14:37:21 GMT
media-queries.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress/css/ 		177 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/css/media-queries.css?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17ac635944062a253c5b67a857ac6de89bd234cafafb5e35a1b889a9c0da45c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"2838605382"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrjyYV5cnh71dcNc1jR6j62d3T5jVPyqe%2FnG6LgLZRckF8IwEbqFTprVUkhayxzvmzQFjm6WKG7ORMSVgE%2FYjKC8SZJ0LQoXmRjpiGN5KDkGVwdTcpFPjqFclhXp0WRDdyt%2FYImRV5j2W72V2pXOjficbbmy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88f590fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
jquery.min.js
www.tweaksforgeeks.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Aug 2021 11:37:54 GMT
server
cloudflare
etag
W/"2005503108"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ifx2ns6QEjKvN1MytV84O5XfL3mOI3hblRYKWVtK15itD%2F7bfR7fX82mNO6qvBLpNUqZdfIO7XFXvZEDr1zTwi0vtSLlevmCoPyp6nrCA3yq%2BdKdNl3AbhitOefaYjR4G9OoKNf2N4QY4n55w%2BeSHHmErSjZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88f690fa-FRA
expires
Wed, 19 Apr 2023 22:55:44 GMT
jquery-migrate.min.js
www.tweaksforgeeks.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1714734
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 31 Dec 2020 10:57:50 GMT
server
cloudflare
etag
W/"517605958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6qfPs7%2FLEQVvC%2BoneMV29rAFxD84Bmh0mX%2FTZp%2B7Z1sOAsBJ6kk2rbTRuYAxfGpEPxRqb9EHhel0sNF46eI1Nj07j4lYQWgxoxrF7PfmsSbi2o8IrzlaUdHmkJF3QGODaLDZJ1ZGbBMgjLTrPVx2lsnPuw9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88f990fa-FRA
expires
Thu, 04 May 2023 18:18:27 GMT
jquery.history.js
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/balupton-history.js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/balupton-history.js/jquery.history.js?ver=1.7.1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:56:58 GMT
server
cloudflare
etag
W/"1971622195"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pW78VsrQx0KGHsOIBehZiC0xGFOnNvNqDOB3oI0u52ZJjKdjwxsMn6hIJpmARxRpyVH9pTgFMa4A1bmzXpBoz4U0BdgqugfDy4dExU0NWn5LdRq5yR7oFmaQ%2FuMfL47ZkXH%2F8TQUzuXsNbfMcmWZtpfxAtqY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88fa90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
async.min.js
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/async.min.js?ver=14.09.2014
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1898501
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:56:59 GMT
server
cloudflare
etag
W/"916433207"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOjk%2BhksCTOz1B7gm8zmEt2QTVt8lItFW2%2BQzB5a%2Ff9wOr1%2FZQoQkptiyvqD%2BCodjkRsfGKWnMn5imG8aXkmgxnt2EmKE%2B0gYzn8WeIbcayuxysNudApRWrmdskWXvgarxzFIuPIfEm0yy6zwRjflKQpNxxU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88fb90fa-FRA
expires
Tue, 02 May 2023 15:15:40 GMT
tps.js
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/tps.js?ver=1.15.1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a79951e2228fb7c6818c78d76789d49f391bcd2b2fdd05371b940c5137e7180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:57:00 GMT
server
cloudflare
etag
W/"3031681438"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ya7J8BYnUemf7FPGf7C2C%2FYnFPHrMnMNt00E3CCw5V0oD22Nx2jgUEd8D7sGx15b0%2FbLh%2FjHzQ2fJyh0H0oJ%2FbILAs2e1UaD3fX5ZSyTthhpFIKXsOA1O%2FuMC74u9FiNUQaxTUG9GC2aB%2BeCGW1u9iIk2iwJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88fc90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
main.js
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/main.js?ver=1.15.1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d773392071a251b7020634b18a3397a3a9fc4cb006fa93354398a09c101521d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:57:00 GMT
server
cloudflare
etag
W/"450395872"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZIfXQrJmaYuJt4Oz%2BO%2FgRWJtGKIkAPtYFOnl3wPK1w7blghkJv2fLGFg6vwVIBeMdLza0iKRCxgRVCEl%2FpkAih3wpC0Gx7fHV3FfASOaHFfAGXCvksc0PQcUUHjBAGEBMsDXpMhDnAjwjd7Wu6kqMytEPBG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88fe90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
tps-transition-slide.js
www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/theia-post-slider/js/tps-transition-slide.js?ver=1.15.1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2387543cfe0367a59e6fe510d2dfb3e3b56e0ff707ed0573ed9936cefbcfc58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:57:00 GMT
server
cloudflare
etag
W/"3133732203"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7wCrxhb1%2FiJx1ojYRRVShW7bM77hMz11B8u2TRXw6kQSbCaFmtlo2vYz3uZQH%2BKGt%2FUqgqhcpZqjeMhtxDxfGq6wHRmybRoa83NEk6F54f7tgeD69a6mvUykppUk%2Fgr7AagoJVqEP0%2BuInhJQUgYKZtk%2BrI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e88ff90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
main-front.js
www.tweaksforgeeks.com/wp-content/plugins/wp-automatic/js/ 		1017 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.0.3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 04 Feb 2023 05:07:32 GMT
server
cloudflare
etag
W/"1197064648"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhfMBgiLM9A5j1r%2BJa%2FUTJmHoB6u3Oo5qsKBCLYpLcd6ZeCFXlpBpJptEn8xl02ogtmUoA66NBfbUUu7YCdYZbvek0ZWtKB1Q%2B4nWqP4MeHk51BBgd27Upv91RjYvx9XTFzmxxedRWJbobPrrvAfgU%2FsM6cZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e890090fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
9457193977244c13
www.tweaksforgeeks.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/9457193977244c13
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.27
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.27
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCxU5hc11LEZCSPqwq2RHkYdS%2FP6J5Dz%2BfYLlj4dcrtvoQ8AWfTCHLejWDV%2BmLlJk9tQfgTnGvf7I7ueccfXI2FUUHCyTB3%2B7VJbFvy8TZNFfehkOr%2FFNCuBmYUma7zUbTwwhogfyDX5MVURUhKrNNCx2Ole"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache
x-envoy-upstream-service-time
754
cf-ray
7bcf156e890290fa-FRA
link
<https://www.tweaksforgeeks.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8422
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 23:09:59 GMT
style.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress/ 		180 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/style.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6230eddba95db2adc1df9294dbc1b9e759f5bd64eba48197ca6426f57f056d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
13
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"2943462945"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHNXruB8Mlht3Iml%2Fbipr0Zsu8rafuQFX6D6MUxHKUejd5cvQM45OAZ7xTkxNqwdqOPtBA%2BAWhgcP6wSa3wA4YCZDJPo2pxbqnSJx4n8jGgZI8bZJfLMGLuOppxuVANA2ooUS74npUDSmndXTckX2Ax2WZRj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e890390fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JT339ZMAY28S97NR
age
2398830
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0Mz+nRwjBDV+uxzFDzK9dp5ghZhG3tMVGZ/qb2I5WbRMIPoakYKVKZmAMXhWc/u1n1mkdI5KucA=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9rqhzgKX1bIK7l4XUL4ny0mdSAv8FfF940K%2FY5mJ%2FZnHP6Cp3aqpm3PZ6DQKtGKUIy01EwW%2FT9jcF%2F1xEFbrNZOcH4Y%2BLnqMEa2Y3tMW3ZsOa0FheeIOcdTOvfomI%2FgbQSLdht3HcU34XJgiJYBYAV8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7bcf156eee1d9b34-FRA
style.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/ 		48 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/style.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b171c05f32d68a987cb3511ebba4a3f276cdd6c801ce15c495da2b0ebee01cc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Aug 2021 09:57:43 GMT
server
cloudflare
etag
W/"4015540966"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm4631GU1eY6jiXnYBoA410L1n7RAWzz5GjDWRyw1U2mdYKLQxxNRGocjvNprWkixrtKeOVJwcGu7wp%2FpRQgi8mX7lGwP%2B5CxxYv4ELbkrImPcDjRrtgM4RR%2F3IQFLJ2zE1VZ6wHohqbxJipmmjSiVwLp%2BmV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e890490fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
reset.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/css/reset.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"2495366777"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycvbJUZ91X4PGa7ygiTJk1r1OK6Xs1L66sHeci2PBgcSiN8WtDzzbqO19%2F%2FE7HfFxnHKQA1g%2B8rFqT5O6%2B4DxJ8rC56je6F3lN9IxcDSxKhI4%2B1QSluBKBJw6b2NfdXcsRAUGUWs5b3PKPIj44jJej4H2C1d"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e990990fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
all.css
use.fontawesome.com/releases/v5.12.1/css/ 		56 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/css/all.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y3W4DJTXH45MWRZ1
age
2398689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
mon9xC/GYePpDBbRNfLOfRE2E8uiuDTTHJ5QXcNW1SMEOEuYj9CkyPMLpmGOVOfHYT1F+c3SM9E=
last-modified
Wed, 30 Jun 2021 15:38:16 GMT
server
cloudflare
etag
W/"2a0e11a7655cf7af50d9152727c134ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN3sHFCTim2CCmGJamWfpN9dn9pEGpTaOLpljCxbi9Q%2Bbmo5RPiUyw6XNABU5qTL1MtrGYAcyGVnSO%2BlfX%2BoZWisbj3U2EP8Ixm%2F337eOjKIwlmHsaecCXO%2B5eIldneICaK7ySEotHrLOE6KUnZOKnXG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7bcf156eee1f9b34-FRA
css
fonts.googleapis.com/ 		169 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86310c1456f11a16d6195ff91928a28a2909f5fb51d60054d94763fea08ba714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 14:34:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Apr 2023 14:37:21 GMT
media-queries.css
www.tweaksforgeeks.com/wp-content/themes/zoxpress/css/ 		177 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/css/media-queries.css
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17ac635944062a253c5b67a857ac6de89bd234cafafb5e35a1b889a9c0da45c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"2838605382"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9RFtILboqPOpCFEw5V39LC25w9UXA6nYQyscIljsYW%2FwCkZ7Hw4BE6uXEkbA0boq%2BHVh4Yvg53RjHIx6TIHI6K29K12F%2FyuYjFSwuqFbuV12TYpVGZQzHsmXnRPSLCQHGQN%2BGDsljswGAZXEEB7IkY6Q0%2BS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf156e990b90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
stracker.js
stats.systems/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.systems/js/stracker.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc54a3ce1b17851cd92926279227eb43ccebced7cab0eb6f5283e147dda2987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5057
cf-polished
origSize=28584
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 27 Nov 2018 20:57:53 GMT
server
cloudflare
etag
W/"6fa8-57babb3fed640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CkGgJ4Pd8ZmQbQ7mRnrKfBat0hVKPMaQ2wcLEEO83JDoZACeu5MoNZNIhDy%2BPzcg987NsNFCD68dvQsO27g9ccRS2jR4J3P7rwWfw%2FV2d1kM0prq9oeRiIpqW6rnH7Ut8HRKHCFW%2FIf%2BTIP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7bcf156f0ef89c0d-FRA
jload
pixel.adsafeprotected.com/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931034&advId=dogpack&campId=t4gf&pubId=am_244025.971700
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.83.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-83-137.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d325d65591345f8ef525f544a6ead7ec9901e0e37d96163b71cb0ada8b6e77cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
js
www.googletagmanager.com/gtag/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-42921757-24
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6295067424cbf7d9014ddb70673137dc117d0962369da58a08ad5bcba7389be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45108
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 14:37:22 GMT
h.js
cdn.unblockia.com/ 		158 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:9200:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab012e0ef9d216cbafbc9d057b815095b1b70a3f86a99682a10e44b826f5508

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
iaFCyHLLfemIr_afEe1D7kUIrv2A4DBx
content-encoding
br
via
1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 11:35:50 GMT
x-amz-cf-pop
AMS1-C1
age
10893
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:b0f83aa2-a1c0-4c12-9af3-8a78241356b1
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
c7b1525a7f03ab097008dff82d61e510
last-modified
Fri, 21 Apr 2023 11:33:07 GMT
server
AmazonS3
etag
W/"07deafc1676b45a599d171dd95b6b991"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
75d79163a52d59d69f03162fd984855405f9a172d15856e441dc78e7bb52c69b
x-amz-cf-id
mKbLkDdFsJEGqF9FVKJv-qaOr9GMSkSjWnTxunLoqqCLqY9xmIe9YQ==
embed.js
d280h7aj1u7b0w.cloudfront.net/shim/ 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d280h7aj1u7b0w.cloudfront.net/shim/embed.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:1c00:2:aa19:6400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3817329b2b0306df1b2adbc5b0def56d41ca48ee151a09fc0fa6a919ff42035b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:16 GMT
content-encoding
br
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront), 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
x-amz-version-id
GQVNdTbhuYVu95RoCQuDPtw7KDf5yUki
last-modified
Mon, 21 Nov 2022 20:34:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7, AMS1-P1
age
7
etag
W/"896825c9e9de43fb9923c25966b68015"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
GD9OAZg3sBk_p7D71O9nbg4lhwT0--hfsdu5lvLlRgizVdlDjgLqEA==
custom-script.js
www.tweaksforgeeks.com/featured/assets/ 		0
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/featured/assets/custom-script.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Tue, 07 Mar 2023 21:59:07 GMT
server
cloudflare
etag
"2187781101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoWXKTz56npqSzh2gOc%2BUcgqEGkso164EyoICrMnb1Xg3%2B6wMMv0OOhPsBg3h1lf5gl2m7mnvdSBw65bYK3yZH83FNPchAu0lvYuPOqFgy8nmHPjRgYCnkmVj%2FHAp%2FujLtKdQJKzCUbVwfwyTV%2FatFNRPtSr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bcf156e990e90fa-FRA
expires
Wed, 24 May 2023 14:37:21 GMT
logowo.png
www.tweaksforgeeks.com/wp-content/uploads/2020/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tweaksforgeeks.com/wp-content/uploads/2020/07/logowo.png
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb19f75a2bc28b0a609180e008bb5e2c72c7f856421059aa12059b18faaa199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9688
last-modified
Tue, 28 Jul 2020 10:07:22 GMT
server
cloudflare
etag
"3418769344"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plIpEosZ%2F9Ps4%2BFJtzy17mK7kd2a4S75w5sR1xatsqugC%2Fso7b%2FDFKdOa8y7lvKfJjFj0cjhX%2BWYs4gfggpYPZtGjclJ%2BBdNC6VHwFjbh7l1h8NKGxUBtgAy8mcU8doXVMv835aNVT80DTH%2FBpOHzZvn%2BIsW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bcf15783c0690fa-FRA
expires
Wed, 19 Apr 2023 13:01:48 GMT
Untitled.png
www.tweaksforgeeks.com/wp-content/uploads/2020/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tweaksforgeeks.com/wp-content/uploads/2020/07/Untitled.png
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3346c18260c163df1ff2eeac65947cfb57341024316cad20d625ea7123b9a4d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
847154
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16223
last-modified
Tue, 28 Jul 2020 10:07:22 GMT
server
cloudflare
etag
"2805850728"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukZQ3mruiDorutDfUzXKnuGE3WT3ap7vDqBV1b%2FXRdYG%2BGKVoAFlCj%2FNojmHqsLg9ikBFks9MoOh11e%2BUVrBpYro47ppcqaBc81phVvtUW%2FhxVf%2BnqWVJc3C4nuU4PQarrYsBHDGyBsTTnATdAlU97kMZ6%2Bg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bcf15783c0890fa-FRA
expires
Sun, 14 May 2023 19:18:08 GMT
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgUkOz//lREAAA
x-accel-expires
@1682947340
date
Mon, 24 Apr 2023 14:37:21 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc321944664b25bbf36
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
4501
x-accel-date
1682342540
requestform.js
ads.themoneytizer.com/s/ 		155 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
384a7021f036cd8b959e50037a231ea4153c5ce4e6f2a3207c975c804426f7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgX3jSjB
x-accel-expires
@1682951841
date
Mon, 24 Apr 2023 14:37:21 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc3219446643bfb7338
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
email-decode.min.js
www.tweaksforgeeks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FipsLuSkPog%2FEhVCoiBHotwaDFSY22dEZgFUMWZBjF4qP8vwtlqNGabZYXTgHewhG7y6WufhFY9NWhvAuz1r1U%2B5IJeww4NFqs376PbKptyXHzFlAq%2BAitqcHAhWlV9NbE1Q%2F%2F5rbOTC3HMUfRhwmgwYcu7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bcf1574f80090fa-FRA
expires
Wed, 26 Apr 2023 14:37:22 GMT
ea0d1715-820f-f2f2-dfef-c53c15c98714.js
bucket1.mm-syringe.com/prod/configs/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/prod/configs/ea0d1715-820f-f2f2-dfef-c53c15c98714.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.142 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9870276d7d01261b88b8ce2db089b44f62531baa3f6dde16b1f24a6e1d3a4b0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nC3Kv7rOo3brq4XJEH3mki.M3n0kka1J
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:22 GMT
last-modified
Thu, 21 Apr 2022 16:58:12 GMT
x-amz-cf-pop
LAX50-C2
etag
"7ad584691084b3be329cde1ad9dc7582"
vary
Accept-Encoding
content-type
text/javascript
x-amz-meta-edge-cache-tag
injectionssrv|crate-network,injectionssrv|ea0d1715-820f-f2f2-dfef-c53c15c98714
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
vGCXbkLdKwNB3DkLBFXpLEIXVkAM62s2Gd8SiLOUwl1XaiM_Upzm6w==
content-length
3547
injector.1.5.3.js
bucket1.mm-syringe.com/prod/injector/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/prod/injector/injector.1.5.3.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.142 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c2bb1edc83db7e01b582f07603b904542b02338f03433c0fd7e907d7fef1369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
KHVG.I1nmJrWxnRtJSl2y4iWEUR5wRHc
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:22 GMT
x-check-cacheable
YES
last-modified
Sun, 24 Nov 2019 14:18:34 GMT
x-serial
259
x-akamai-pragma-client-ip
10.213.175.6, 75.149.229.74
etag
"3a91217800ebe0708f39c65080ffed30"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
content-length
4206
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=A4ACasdj&cid=11755&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
108.156.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-4.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ab833c6ef1337284173356a6076b4177eeeab26940045c59adac01cd837add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
x-amz-version-id
_cG5f5pWIDo5X_y9XxM6Bi97EDy3UzLs
content-encoding
br
last-modified
Fri, 21 Apr 2023 00:22:14 GMT
server
AmazonS3
via
1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
etag
W/"13264382259a3a549fc98e524a233069"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Kq6EmRT3svlAt1H1cDTbkTmsR__MyJyMzU33XVxx8vbOelhoIbOapw==

Redirect headers

date
Mon, 24 Apr 2023 14:37:22 GMT
via
1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P2
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
zaEhPy4_BZSYmCHSkXiJEDUway9x43Yg4uIFQe8MkQ3PtzQpgURRuQ==
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c78df6e79794bf4143246ebb358b2653ce7c5e2194825b36e5b586f569ed2f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 14:05:45 GMT
server
cloudflare
age
1888
etag
W/"e79-5fa1580cff9b3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7bcf15769a2d5b98-FRA
expires
Mon, 24 Apr 2023 15:05:54 GMT
img.fetch
udmserve.net/udm/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=15743;tid=1;dt=6;
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
9836fba16aad742038ff055cb2d75ddbf3f6dcb2731ee2c2a2751eb6874282c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:23 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgUmj6T/lxEAAA
x-accel-expires
@1682947339
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664d4c34916
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
4503
x-accel-date
1682342539
requestform.js
ads.themoneytizer.com/s/ 		155 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=6
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e24d122efce80d5414a65b024a89ef8a428d9c2905fcacd0716c4aefe3f69dfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgUWsnDB
x-accel-expires
@1682951842
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664abeb1418
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgX9A3X/lhEAAA
x-accel-expires
@1682947340
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc3229446642ddfb31f
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
4502
x-accel-date
1682342540
requestform.js
ads.themoneytizer.com/s/ 		154 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=19
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1c9a3e8e57189e64b39a7d160f553f1631c8e8303fe05b6a6fe04fa9dc6cbbb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgVudLnB
x-accel-expires
@1682951842
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc3229446640d94f421
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgUWdEn/lxEAAA
x-accel-expires
@1682947339
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc3229446645386f721
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
4503
x-accel-date
1682342539
requestform.js
ads.themoneytizer.com/s/ 		154 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=2
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eb7f9ce98c5df2da208c9af177668e565b01785e911e2ad251b7234c10133e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgVqJBDB
x-accel-expires
@1682951842
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664f937bd22
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgWGMHf/lxEAAA
x-accel-expires
@1682947339
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664d249e422
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
4503
x-accel-date
1682342539
requestform.js
ads.themoneytizer.com/s/ 		154 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=3
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
18335a332b9f991be03352d6c8809e7968aa4e712cc8720d80e4a5866b19addf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgXMSR7B
x-accel-expires
@1682951842
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc3229446645bfbea22
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=20
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgW39Pb/lhEAAA
x-accel-expires
@1682947340
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664fd1cee22
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
4502
x-accel-date
1682342540
requestform.js
ads.themoneytizer.com/s/ 		154 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=20
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
73b8991489724bb9aca6204e0b51d7978764d32c2599b90b50241dd47a72bc24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-nzt
AcO1rgV/V0TB
x-accel-expires
@1682951842
date
Mon, 24 Apr 2023 14:37:22 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664fc3af322
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
logowomark.png
www.tweaksforgeeks.com/wp-content/uploads/2020/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tweaksforgeeks.com/wp-content/uploads/2020/07/logowomark.png
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de65bcc14bd795a97a7a653f094538c13687591e4428e60632040656f113319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3488
last-modified
Tue, 28 Jul 2020 10:07:20 GMT
server
cloudflare
etag
"2341841018"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek0dS4EbiGomXeoK%2F0I06A4AOQDQPXUJhirWURcYLCUug39NrkrRWi7Wnn5ybogcmDGKFraONHtfzgoCCljbukfxfZEi8PA2eWyWZLuW1wWl3EescC9oNKeSXq98Nkse1uUhsvDaaue9XBwpEdJKQymgQpN3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bcf15783c0990fa-FRA
expires
Tue, 18 Apr 2023 09:48:45 GMT
core.min.js
www.tweaksforgeeks.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 03 Jun 2022 14:26:02 GMT
server
cloudflare
etag
W/"3616789363"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3Yfaoywzi%2BgHekFhHtuJJ%2BGXzAY33%2B3g57uW2UCJJLpDvApjOCvKUDwoVcwx8MCFJ4i4BZQPr5I98JebzZQKyebvp5q60%2FW1h6giXSw%2Fq6CpyzNmQnVqHa7UfidulOUxV2bbqOtMXJNRPMzw65rgL3XoXm2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15782bee90fa-FRA
expires
Wed, 24 May 2023 14:37:22 GMT
jquery.waypoints.min.js
www.tweaksforgeeks.com/wp-content/plugins/zoxpress-plugin//scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.waypoints.min.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 09:56:29 GMT
server
cloudflare
etag
W/"998128877"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGuipU4ZSYvJ9GXV6h47PAmgQxWmhIiVrEO0goiLsOZn21hUBrUKrkLalHobeLp4WU9cRwHmnvl1wQAKQqcEWXan7UHKrjWCNJkYjfP%2B2mIJLR4syGYBFwiYSEaCAWSkTjq6JMmGoZ8khvlqNlkOIOr4jGB3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15782bf090fa-FRA
expires
Wed, 24 May 2023 14:37:23 GMT
zoxcustom.js
www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/ 		0
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/zoxcustom.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
"2773739783"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOrBpamQYv7HDJb2jNLl%2BbXsyAfrEpCckWHp%2Fnbk52kq1ED4zaurTsx12Ua6emVDirx2aIFDWETiOGgdURpPyS5OyrH%2F%2ByjuhPJAEz0kdrFlujxHzBE%2FB9Q8ktXrwFJwkGUO78f7yobUtLC0Tjcy9br74eSM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bcf15782bf290fa-FRA
expires
Wed, 24 May 2023 14:37:22 GMT
scripts.js
www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/scripts.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6202a476302a153e4986e05caa8c557f0c58d5e4fa094d6540257e245e2e09c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
W/"703365629"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTR9OBkkP6VqZEqgLEDgaBqcw4wVSXSWaET0LBSVRcQnhOzK6zwsKWhrR3A%2BVDBK0W1rqdUC1LxlcsPv2V9WbKS3%2F91oyfq%2FnqEs1r9qifp0PfVMdBxj72DlqymDBJ8MmOnX5W4fppN9IAzgXKo6%2BkObrZhi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15782bf490fa-FRA
expires
Wed, 24 May 2023 14:37:22 GMT
retina.js
www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/retina.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
W/"1188141338"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEa3CMLrlmL%2Bem3Gd9msOKlK94KR316IOFriD0k2btAq2zzhwlPQ7qp1hjClRGsZwSLH3Nlj8yXft8SBxjGesLcWYAK5tm6d1mt155gKoceGmtujWThnkt9f8ilCCqO%2FiWo%2BywcQ%2FK7AEMJZCMZqjTkwXO26"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15782bf590fa-FRA
expires
Wed, 24 May 2023 14:37:22 GMT
intersection-observer.js
www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/intersection-observer.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e958f60fbf777edbd2d9b72c92c2ecd04dfbd4083f7cdbf80ca007c6e02335f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
W/"3095272744"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVxaXp3jeIDRUtyttMf5D6e4tLgeouOG8DO%2BPOQmNOpUV5AzNcttCi2bfcNcQOOYGFvWdcpzzupkhCSQO04kV141cTBOFmmenXukkLJEeBOotV42iM9KS3f24Rgek3xlquujaVtzRpe72Uw2AXEIRgx1uLdQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15782bf790fa-FRA
expires
Wed, 24 May 2023 14:37:23 GMT
lozad.min.js
www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tweaksforgeeks.com/wp-content/themes/zoxpress/js/lozad.min.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:141c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12420
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
W/"1462868296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpO80KtmbQbGEd3Ur8eOEeDOwTR3tEVqmIKs6dPL2oSy3BkWB6pux02WZDzk4E69x%2Fo1gm1l40c0jMbSJB%2F4%2Bm0YrxsGFS4TCIF1JGQk1OsBu2KzGLqNfpwEgW5dHZhTJAYPQMey5Ur%2FN8%2FfgarbCHP%2FfB0m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
7bcf15783c0190fa-FRA
expires
Wed, 24 May 2023 11:10:22 GMT
px_new.php
stats.systems/spx/ 		42 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.systems/spx/px_new.php?cname=am&sub_id=am_244025.971700&rprm=%7B%7D&rprId=HC-XXsju&pid=0&tdata=%5B%22https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F%22%2C%22%22%2C%22%22%5D&iframed=0&p_width=1600&p_height=1200&s_width=1600&s_height=1200&color_depth=24&pixel_depth=24&avail_width=1600&avail_height=1200&window_name=&screen_x=0&screen_y=0&screen_left=0&screen_top=0&app_code_name=Mozilla&app_name=Netscape&app_version=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&cookie_enabled=true&platform=Win32&js_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&window_referer=&window_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&flash_support=0&is_bot=0&securities=%7B%22s1%22%3Afalse%2C%22s2%22%3Afalse%2C%22s3%22%3Afalse%7D&cr=3869
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.36
Resource Hash
d16537f8743d8f95565136d9389f9b1d4410ac94eabc52fd1deca14ec02303aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.36
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5I2SyBycjV1Ft2sYN7mENRZyWY0MCnDb9AuDSL247rHxe2gdo5nnqQrgfyqtfKq5xqNTdiZBAGKPXiN5rTUGd%2Fc41xHjnxAAfdul9W%2FybDUNUwy13AAWFqxuTyoBUgCgQmO2scrCBclIdLt"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
p3p
CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"
cache-control
must-revalidate
cf-ray
7bcf15783f539c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 11 Nov 1998 11:11:11 GMT
main.19.8.400.js
static.adsafeprotected.com/ 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.400.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931034&advId=dogpack&campId=t4gf&pubId=am_244025.971700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 20:30:35 GMT
x-amz-version-id
9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding
gzip
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2916407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Mar 2023 18:43:44 GMT
server
AmazonS3
etag
W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
QtXKVp_CUlL10qp5paWfruO-qeDYt3EuatAVFi5Cvz6ujUtV4Arb-Q==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
203227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:10:15 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
4503
x-accel-date
1682342539
x-77-nzt
AcO1rgXAGAj/lxEAAA
pragma
public
x-accel-expires
@1682428939
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc32294466451299526
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 25 Apr 2023 13:22:19 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:22 GMT
server
nginx
x-iplb-request-id
D972DA17:8016_36264064:01BB_64469422_D8685FF:10955
x-iplb-instance
38439
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a200b67450da7b221ae617a078d3114819e73384cf781b22ca84cc8d53cc5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
35223
Expires
Mon, 24 Apr 2023 16:37:22 GMT
sync
gum.criteo.com/ 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
463935
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
641
cf-polished
origSize=62056
cf-bgj
minify
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.gewinnspiele.tv
cache-control
public, max-age=21600
access-control-allow-credentials
true
cf-ray
7bcf15792adc3627-FRA
access-control-allow-headers
*
expires
Mon, 24 Apr 2023 20:26:41 GMT
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:22 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.20.1
X-IPLB-Request-ID
D972DA17:C7B2_91EFC0A6:01BB_64469422_A8F193D8:237B9
ETag
"6167dbf8-15ab"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 12CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682347042639
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 01 May 2023 14:37:22 GMT
px.js
p.cpx.to/p/12771/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12771/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.149.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-149-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cache-control
max-age=2419200, public
content-length
1990
content-type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-61-80.ams1.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 03:32:16 GMT
Via
1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
AMS1-P2
Age
39907
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
xHopJbE4O85CkNn5D_RepaagGWbG0i79qWpEQOUU7ZVvrueNyFKQCg==
prebid.js
ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/ 		550 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5a566ab5846afe62b7d0c948670b307ff1a956bdbee61696790d71784c8c36d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
4496
x-accel-date
1682342546
x-77-nzt
AcO1rgW9WED/kBEAAA
pragma
public
x-accel-expires
@1682428946
last-modified
Thu, 13 Apr 2023 19:58:58 GMT
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc322944664dce6ce26
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 25 Apr 2023 13:22:26 GMT
gtm.js
www.googletagmanager.com/ 		305 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f3329d1022f342ba08782c6b20ab997222c3aa5cef0cd134fddb1f3a6d23a31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83895
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 14:37:22 GMT
ns.html
www.googletagmanager.com/ Frame 76DC 		268 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 14:37:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
304319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
202478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:22:44 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:58:23 GMT
x-content-type-options
nosniff
age
157139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 18:58:23 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.12.1/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.1/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer
https://use.fontawesome.com/releases/v5.12.1/css/all.css
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6R58VJ06GEZCT9HX
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76120
x-amz-id-2
Ci1fZBvKB3jh6nYqC9JOEl6vZSa6ux/SUTddXBH9jJ7GlD9yKhTIsfKMaDn2p1luTr9NTANqItY=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
"55eb2a60e8181f0e68b558c991973bf0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9YwJEtpUNLuPzTDsQs%2B2TGF%2FWEb1YrtY6%2BkRvdCpLm%2FjhhhZiUvOPmc8KvHojg2csYWgApBFAsruXWrDQ9Npeu%2FEsfVJrNR9M%2BxAJFfdnb0zHNrTHHDx%2BknUC%2B9TZPxFPK2Vs2M5ICSwJJnJnkxYfC0"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7bcf1579383e994e-FRA
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:41:35 GMT
x-content-type-options
nosniff
age
168947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 15:41:35 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:24 GMT
x-content-type-options
nosniff
age
304318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:24 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
304319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16372
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.12.1/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.1/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Referer
https://use.fontawesome.com/releases/v5.12.1/css/all.css
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6R5CAPGTVN01APPK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76548
x-amz-id-2
wOVRFR+i8pymZC+AL49ZYOzDpozgxEtu5lcoYxD5dBXO/heIdH+V//OOW/OhW2KItOGRDZEuvyE=
last-modified
Wed, 30 Jun 2021 15:38:37 GMT
server
cloudflare
etag
"067595ad77ecc0db9c81c8905a7eef32"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2f23WSyAorZMnV3xtH8qTMJnnBCYLVRx31175Nr0lKlRWGiKYMNkxDOzOcNpAe2e%2BwpCGy5B3Mry8qrnuPBqBjK6GFd6Z5ZA7ZNWILSXSM%2BqQYsPA5ZeFzK949lfVejPZIXPSJkPdyiQ436mpN%2F1jQU"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7bcf15793841994e-FRA
ice.js
resources.infolinks.com/js/1852.004-3.026/ 		184 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1852.004-3.026/ice.js
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2066cbddd11120323965d776a04384f7fc450854218082ce14873e9b06e7c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 12:22:57 GMT
server
cloudflare
age
4418
etag
W/"2e133-5f7e0cd96e691"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bcf1578dbd35b98-FRA
expires
Wed, 24 May 2023 13:23:44 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:22 GMT
server
nginx
x-iplb-request-id
D972DA17:8016_36264064:01BB_64469422_D868600:10955
x-iplb-instance
38439
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/ 		667 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
4502
x-accel-date
1682342540
x-77-nzt
AcO1rgULnCv/lhEAAA
pragma
public
x-accel-expires
@1682428940
last-modified
Thu, 19 Jan 2023 15:05:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
25b02131b1d26bc3229446642909cb29
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 25 Apr 2023 13:22:20 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.15.2-X/ 		134 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.15.2-X/easy-stn-player.js
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.156.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-4.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:36:47 GMT
x-amz-version-id
gXyAVgQY5q7suV2YWEKjQY4tNaF_YD_d
content-encoding
br
last-modified
Fri, 21 Apr 2023 00:22:13 GMT
server
AmazonS3
age
36
x-amz-cf-pop
AMS1-P2
etag
W/"88c6935b7906587de048d5f3382b4861"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JYAuslevWmo5ofw5aD50Vrx-jFNLTl60qLZXxRvdHhNL_rONs-jkhA==
content-player.js
player.globalsun.io/v/2.0/ 		90 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/v/2.0/content-player.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46698860e9e3853c1634845f8b1a5fa48d94761121da8036156b43cc652da554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41370
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 16:36:35 GMT
server
cloudflare
etag
W/"642ef513-16766"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1ubP%2BjAgEbvdzUU7PjJkc1HgrT0tcITEOi4c%2Fm2UdhqPV1FFLG2CSNJN71T6ox7Va9Jec6C5m7c%2FqATEaKE9raWSAQEM3L8YhinMqviwYiV0P4mxET8ArumjIgOb5V8pAff0BKKCjJY9XdJf3LAN52W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7bcf157adf5a996e-FRA
expires
Tue, 25 Apr 2023 03:07:53 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:22 GMT
server
nginx
x-iplb-request-id
D972DA17:808E_36264064:01BB_64469422_D889A1B:10958
x-iplb-instance
38439
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:23 GMT
server
nginx
x-iplb-request-id
D972DA17:809A_36264064:01BB_64469422_D85E2A0:1F80C
x-iplb-instance
20686
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=3&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:22 GMT
server
nginx
x-iplb-request-id
D972DA17:8016_36264064:01BB_64469422_D86860A:10955
x-iplb-instance
38439
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=20&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:23 GMT
server
nginx
x-iplb-request-id
D972DA17:80C8_36264064:01BB_64469422_D856ABB:C883
x-iplb-instance
24857
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
manage
router.infolinks.com/usync/ Frame 28C0 		0
43 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3236112&wsid=12&pdom=www.tweaksforgeeks.com&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7bcf1579ec795b98-FRA
content-length
0
date
Mon, 24 Apr 2023 14:37:22 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3236112&wsid=12&pdom=www.tweaksforgeeks.com&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7bcf1579ec7b5b98-FRA
content-length
0
gsd
router.infolinks.com/ 		328 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3236112&wsid=12&pdom=www.tweaksforgeeks.com&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&jsv=1852.004-3.026&_cb=16823470428460
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4520fc9924da602911cdd73ce313beabbe5f5c1263d1ecf676ef92601c85b095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:22 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
7bcf1579ec7d5b98-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
01g16gxs1vdgqwj47t.js
vms-players.minutemediaservices.com/ 		438 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Requested by
Host: bucket1.mm-syringe.com
URL: https://bucket1.mm-syringe.com/prod/configs/ea0d1715-820f-f2f2-dfef-c53c15c98714.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ba37ef6877cc8577f51faaa4c6242379292d8d78d024655f163f9394e1850a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
dVwW9tOjCd3oSppNPkb_YoSK8JOBedNN
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 12:00:40 GMT
etag
"f690cadf49dfbedcc11c43dd096d9810"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
content-length
126684
json
gum.criteo.com/sid/ 		2 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tweaksforgeeks.com%2F&domain=www.tweaksforgeeks.com&cw=1&lsw=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
299179
expires
0
prebid
id5-sync.com/api/config/ 		134 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
localstore.js
script.4dex.io/ 		483 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:23 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
332818
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gODc3hOgOi5UOdCHHhOOUtuGJ828pOCZfMHUra3kAcjAmk8RnIbx6yHTCFZSY77MmL4YD4lSxYZI2lBATDDAnaCyZjxezW3m68JA5V79UcqOb%2BlxgPIlcFNIiUrmF5sg2ho%2B1Ad7OdF97CVT"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bcf157ac93fbb3e-FRA
102.json
id5-sync.com/g/v2/ 		216 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
42f3f0a2e7d4434c073bb2444bbaccee86e3aea75e7d754456d21f92b9b47085
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9179 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
18572466
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CLo6hCej2Fg4J-Pgomvd-tS-0bc-sB3fhR-abGIp_s07ElQs_ddDrA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931034&advId=dogpack&campId=t4gf&pubId=am_244025.971700&adsafe_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2F&adsafe_type=f&adsafe_jsinfo=,id:cbe8539e-cce7-5694-b4eb-2110c1f22b89,c:aIih9O,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-67fb65999c-7wnbq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:357,mot:0,app:0,maw:0,fm:tCm8K3d+1*.931034%7C11%7C12%7C13,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:373,oid:8548bf09-e2ad-11ed-b03b-862a709fa855,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.83.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-83-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tweaksforgeeks.com%2F&domain=www.tweaksforgeeks.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 24 Apr 2023 14:37:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
276928
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
spl.zeotap.com/ 		429 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9632d55718ed8ebb657eccacfb40e6f21c0ef0365cb0aa525f3e47f263bf3aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
cf-ray
7bcf157ade1f3627-FRA
access-control-allow-headers
*
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 		0
0
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 13:48:08 GMT
content-encoding
gzip
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
2956
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
l904HuXtklq-BCD6SMbz359zH6LDA0NpxC-6-J8BP5110EGRMhoFbQ==
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/
Redirect Chain
  • https://d280h7aj1u7b0w.cloudfront.net/player3/embedcode.js?fk=A4ACasdj&cid=11755&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
108.156.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-4.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ab833c6ef1337284173356a6076b4177eeeab26940045c59adac01cd837add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
x-amz-version-id
_cG5f5pWIDo5X_y9XxM6Bi97EDy3UzLs
content-encoding
br
last-modified
Fri, 21 Apr 2023 00:22:14 GMT
server
AmazonS3
via
1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
etag
W/"13264382259a3a549fc98e524a233069"
age
1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sIXcOTqkoHUhR_XUMfKMjriHIJF2XkCcrHF8XkLGscs2mw0G_qIi7w==

Redirect headers

date
Mon, 24 Apr 2023 14:37:23 GMT
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront), 1.1 a8b68315e1e2575143f97748ffbb29a0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7, AMS1-P1
x-cache
Miss from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.15.2-X/embed.js
content-length
0
x-amz-cf-id
bR0RI-9PcxvE93e0NGlRrr0Ec6Jt4wESNse8I8Sqv0WNWInqsAD_rw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42921757-24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 14:35:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
99
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 24 Apr 2023 16:35:44 GMT
wckr.php
tag.leadplace.fr/ Frame B46C 		0
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Apr 2023 14:37:23 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
X-IPLB-Instance
30195
X-IPLB-Request-ID
D972DA17:C7B2_91EFC0A6:01BB_64469422_A8F193DD:237B9
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=cbe8539e-cce7-5694-b4eb-2110c1f22b89&tv=%7Bc:aIihcd,pingTime:-2,time:522,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1938,bdZ:2109,beA:3486,beZ:3487,mfA:3842,cmA:3844,inA:3844,inZ:3848,prA:3848,prZ:3852,si:3859,poA:3860,poZ:3877,cmZ:3877,mfZ:3877,loA:3925,loZ:3929,ltA:4007,ltZ:4007,mdA:3488,mdZ:3693,idA:3877,idZ:3938%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:373%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:522,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:372,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B162~0%5D,as:%5B162~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tCm8K3d+1*.931034%7C11%7C12%7C13,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:374,slid:%5B%5D,sinceFw:147,readyFired:false%7D&br=c
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:ea73:294d:a09b:a42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHM_L4MA32bTT9YHbsi_HPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78f...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHM_L4MA32bTT9YHbsi_HPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb&zdid=1258
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
cf-ray
7bcf157f3f543627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHM_L4MA32bTT9YHbsi_HPY&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=606d5f49-2511-4a64-78fa-498d0c4850cb&zdid=1258
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
92e58015bc353fedcfccb9245d36627d3b46df8d962548f4d0a38c754e8a8374
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
style.css
player.globalsun.io/css/ 		235 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/css/style.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d263fda337af552f00a2ee95fdfd8fc5553e1062864bfa3ab987396741fd5adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9952
cf-polished
origSize=345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Oct 2022 11:00:10 GMT
server
cloudflare
etag
W/"633ac0ba-159"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaLAApNcdRSE3%2B13vkket5NOZ5NjOsEIV0tklK5Ks6VXespbVyS7UGjM5aB%2FDx23qEOI7TIRzUgkbt2DBrHaIsyW2OvXAlzHIBm6goQDnWVbcK3uPiIR2qkkdFNZF62Y0t%2BCYZV%2B2eN1JLCvPKbWIhaA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7bcf157c1938996e-FRA
expires
Tue, 25 Apr 2023 11:51:31 GMT
video-js.min.css
player.globalsun.io/player/video.js-new/dist/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/video.js-new/dist/video-js.min.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b728eb13794287875457d5c53a7492142ff0955745251d80d08068e19a3dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 15:06:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
27931
etag
W/"634d6f6e-a0e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IsseMpc6%2BOTaKrnO4rw58LPmoxFWvwoEo8LSbT%2BBLhgbfOd9y%2B6%2F0sguGJBhdsHPQ8ww6rannc6FL%2BnnykxrMopka5ojciJLynFLabbBn3sqWtewVjZ9yblmhE6peaRaibZIiSFi%2Blb46cTiegnQ8cP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7bcf157c193a996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Apr 2023 06:51:52 GMT
videojs.ads.css
player.globalsun.io/player/videojs-contrib-ads/dist/ 		795 B
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-contrib-ads/dist/videojs.ads.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d6f740bada7720e8f5dd063e95878118767a1bb1bf4f4214156f579c935e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14602
cf-polished
origSize=916
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 05 Sep 2021 09:22:37 GMT
server
cloudflare
etag
W/"61348c5d-394"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfFGsReHBY%2BFekqDVED150FeLI%2FKO13TaUekkldNJraIBizxaqssxbh7Xgr%2BfcHfWZzPoBOQ1hgMQLZjfnss0eghSygP3GYuN6Rkby8sri7QxcFet5occ%2Fy2sWqFOw4C9G4mBr9WDc4dHNvnzmOb971D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7bcf157c193b996e-FRA
expires
Tue, 25 Apr 2023 10:34:01 GMT
videojs.ima.css
player.globalsun.io/player/videojs-ima-new/dist/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-ima-new/dist/videojs.ima.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78ee65d6be02a5a9c1f62ecd60f280215063624d80dac06328ddfc985a4b61c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41369
cf-polished
origSize=4484
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 05 Mar 2023 04:55:17 GMT
server
cloudflare
etag
W/"640420b5-1184"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ%2BskYwNHeRxO10Y2mtYWU1JAUpzcBuewfmFsXvVPvl2GO3jTuY4N0s3o1IH3WEs9w0gVzpOYX62jWg8vK%2FL6QB5M75b5eKiWM1gxq6o2EKHr7hXjvgs5r7j6tkg0BX5FV%2BcSvnFjYqvl1b9%2BXHzjLWW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7bcf157c193c996e-FRA
expires
Tue, 25 Apr 2023 03:07:54 GMT
content
api-player.globalsun.io/api/publishers/player/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-player.globalsun.io/api/publishers/player/content?category_id=e31942ac0e0a3bf20bf224&href=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&uid=&v=1682347043205&item_id=74932017489af0768d10b2&adserver_id=4a00b1ac96bc7941112e43
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.148.121.250 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.121.250.vultrusercontent.com
Software
/ Globalsun
Resource Hash
ffa5fa51a0723ec0ef2a5805a9e2698f5e81d0d6bdda93022febd4311942938e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-real-ip
217.114.218.23
x-powered-by
Globalsun
etag
W/"861-HQn34Poz1xwAdQBitdEptTXDlK0"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
public, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, *
content-length
2145
wzMM.logger.js
content.wazimo.com/engine/common/widgets/mmlogger/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.wazimo.com/engine/common/widgets/mmlogger/wzMM.logger.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:450 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3282900f478b5abd8d6e76d85a16e6d6ec60adba9b7648ff8e6c881505d9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 13:56:58 GMT
server
cloudflare
age
1093
cf-polished
origSize=1534
etag
W/"629f592a-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZm%2FxFi1HNu99ltAWmd9D26c07z6S%2FNjMn%2BxG0yh0ueMinCr1yuBin28haRbPRt3%2B1H09Dybx2y8d7APncFGOR1LgGRCHcc6bByglMT8WPqHkag8S7qrDCNh%2B1Jh28KoowznXDPvYJ4RN5Wq5kYxrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7bcf157ea9823661-FRA
mux.js
www.oo-syringe.com/prod/ 		337 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/mux.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
zKDr1tGTeMrjUohEczWF1VZiqUanfaXu
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Thu, 06 May 2021 12:05:42 GMT
x-amz-cf-pop
SEA73-P1
etag
"6d13ad5f29e69baba39798f1074bc746"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
o-f0AryYQrkiNb37JBJ8ef2y8zXT8c-crNx1QDkZD6T-yRf44abzlA==
content-length
79352
datadog-logs-v4.js
www.datadoghq-browser-agent.com/ Frame B23F 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.38.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-38-185.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77d8df4a50fc8f37c29d1b0197578268518114c8e4c565b78d22aebef85de7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:16 GMT
content-encoding
br
via
1.1 29d6db1b5ecb170f22487453430df556.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 09:59:07 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
8
x-amz-server-side-encryption
AES256
etag
W/"36255b1f56b69d40e9d511293834b4a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
nxeMoEMikZxtrE-J1bjtvmmTgGChCEKHAtbWkKgv9LL3rxUCYuIFFg==
mplayer_controls_plugin.4.4.83.js
www.oo-syringe.com/prod/players/ 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_controls_plugin.4.4.83.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05c244b797466bcd2cb8054cedaa4f323e7a0512e9576ab07a55087119843e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZXlmC0R0qb3GfK4Q0URI5aq61Kt2GuFx
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 09:59:54 GMT
x-amz-cf-pop
LAX3-C4
etag
"f492e8698d9695a29783b340875d50b2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
ALrYerYBMIryKV5T7B8Gd0J9k4pKgUprXy4NoZy80gI0gXs_y_tAXA==
content-length
17915
mplayer_read_more_plugin.4.4.83.js
www.oo-syringe.com/prod/players/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_read_more_plugin.4.4.83.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3a3121531396a812017dc037025b5492e2d52b386121e1b486d965e7da1dc80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
oBZ72KLTOJEiuPbbrHt9V8ukP8A5tIlf
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 09:59:54 GMT
x-amz-cf-pop
LAX3-C4
etag
"eb57c4f6214e5d8b52ca5b96a81dd477"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
aAXzBLBBRxrkIlSf1StpR-M1NZIXXXKBFzZMec4Cp_qE_r3iYNEaiA==
content-length
2564
mplayer_anchor_plugin.4.4.83.js
www.oo-syringe.com/prod/players/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_anchor_plugin.4.4.83.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
545a2386271fe2d8b1d93d0aa28dac7fe362429e603a37a72cb5f5e555c68b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
1qKxLUBZFNih8hvNBL4Nzg7Eb5kU2pP7
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 09:59:54 GMT
x-amz-cf-pop
LAX3-C4
etag
"6d3ff32db9fd0eebf183740283dd080b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
t-wkL90cwJ8g-toKyFi0plQL7XchrsznvrwPxvsBI1LtfJmDhh8k1A==
content-length
2267
apstag.js
c.amazon-adsystem.com/aax2/ Frame C5D4 		226 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:07:32 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
last-modified
Wed, 19 Apr 2023 20:25:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS50-C1
age
1792
x-amz-server-side-encryption
AES256
etag
W/"d0373f28cbce103f094bc2631a9c8dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Sf8_xacmXsYJcNd07pBBbLSxVL8VFJ7tN9Lf4bawfKiWZPb3KhL94A==
videos
content.voltaxservices.io/playlists/01g16gya91ts7bq9tq/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.voltaxservices.io/playlists/01g16gya91ts7bq9tq/videos?url=jvvru%253C11yyy0vygcmuhqtiggmu0eqo1iqqing%252Ffkueqxgtu%252Fc%252Fykpfqyu%252Fgzrnqkv%252Fvjcv%252Fecwug%252Foclqt%252Fur%257Byctg%252Ffkuvtkdwvkqp1&origin=www.tweaksforgeeks.com
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1488 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c9ee8c452dec747812f8b5f3ad19f0fbcd3d0c703f8e21e9e7b5b512b3e60137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
restricted-videos-ids
01dqr0whrdvv6k3a70,01dy5sth0jmd6btf5v
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
content-length
2423
destination
www.googletagmanager.com/gtag/ 		236 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-PEGZJDQ1BR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2acb583ec34423b1d57ff4665909c308b476f27bad71f98d8637ec5eca7cede0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82302
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 14:37:23 GMT
doq.htm
rt3066.infolinks.com/action/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3066.infolinks.com/action/doq.htm?pcode=utf-8&r=16823470431951
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e01e6449e6d862c3b92ef8ef9415a4b3bd56c0cc705fe69a804b23f8dcf335

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
7bcf157e98b62c21-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
fire.js
s.cpx.to/ 		803 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&hn_ver=40&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&dsp=pub_common&dsp_uid=a4cde59c-ae6f-41e5-8bb1-90b144d70595
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.182.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-182-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
246cf94734e152b83321e5a2f22620ec028fc448cbea8fd3440ae9efb5b31523

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Mon, 24 Apr 2023 14:37:23 GMT
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
803
expires
Mon, 24 Apr 2023 14:37:23 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 16:20:00 GMT
geo
cdn.mmctsvc.com/.mc/ 		58 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/.mc/geo
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
last-modified
2017-01-13
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-max-age
6000
access-control-allow-origin
*
content-length
75
css2
fonts.googleapis.com/ 		3 KB
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f51797e1efff8293561a55557059bdfa3d0780c1b27e177244fe1a2df69dc10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 14:37:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Apr 2023 14:37:23 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:23 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS03PEoHaprCP4%2BUemxcpO0Bfdpsg4kD%2FZ5I1Z54RaHSY04DJwsjyGuybBvF%2BpmkT%2FehWhrdDh%2Bu9XttHcJDTfFfe%2FHPT2eIBcTf%2FLQP0htD3A1C%2Fz9hM2TEsN9W3B9dnDRadHAuMQbGw9BN"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bcf157d9d7e9189-FRA
adjson
ads.betweendigital.com/ 		2 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
mp.4dex.io/ 		199 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0694f7732a53db84cbb235169c42ac4f66a5879c9f53e1792fac14585e191911

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 24 Apr 2023 14:37:23 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26711, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26300, Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bcf157eaff52bf1-FRA
expires
0
pb
ad.360yield.com/1033/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1033/pb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.221.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-221-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cdb
bidder.criteo.com/ 		18 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=56914999683&lsavail=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
moneybid.js
ads.themoneytizer.com/bidder1/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=11&formatid=video&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgWLuHqh
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb239446649910881d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		659 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=6&formatid=26328&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4e6ed5d40201b01cca38be11805b93af74dacd4db6a68f25c6e55d2cf8bed178

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgW97RCh
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb23944664f9d8951d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d90ee3910a61ff09aaa64620654b6af91316369da042c0a2792d8ae75a0d2090

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgWxKReh
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb23944664cc24921d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		624 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7ad7a1a3ae73263486e44b0cc8144cd91120f2fbb29b6f9cffe35fcdfc9aae89

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgX6nDeh
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb2394466411928d1d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		633 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=20&formatid=26706&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f523c89be3d3baf26927700d3ad8df0d42715563cb69e138217aa4808aaa002e

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgVG2Uqh
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb23944664308ba61d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		627 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a8b7167e915b47195a9dc63e7a607de05de3cbc8eb8d5fc096ee0908f91880a5

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgUvIMKh
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb23944664648fa01d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		626 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=94717&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
51d6efffb1d5371d7f703183fb2adb8e93f9344d3d891b84fafdc2421d491fa7

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AcO1rgVMsvih
x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
25b0213191c5beeb2394466439c9991d
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
x-77-cache
MISS
cache-control
max-age=604800
hb
ssc.33across.com/api/v1/ 		87 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=andN_Kzaer7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bHj7xyza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d5jv24zaar7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=byadUMza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aiQovMzaer7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=btze1Sza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bpjP6uza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=26871&adtype=banner&auc=26328&w=1&h=1&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=53756070c55f544&schain=1.0%2C1!themoneytizer.com%2C88435%2C1%2C%2C%2C&bidfloor=0&d=tweaksforgeeks.com&sp=https%253A%252F%252Fwww.tweaksforgeeks.com%252Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%252F&usp=&coppa=false&videoContext=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.31.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-31-88.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=26872&adtype=banner&auc=26711&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=5402994ead8e44a&schain=1.0%2C1!themoneytizer.com%2C88435%2C1%2C%2C%2C&bidfloor=0&d=tweaksforgeeks.com&sp=https%253A%252F%252Fwww.tweaksforgeeks.com%252Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%252F&usp=&coppa=false&videoContext=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.31.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-31-88.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&PageUrl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&PageReferrer=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
44cdd152524fd900a690a22b2e7a8c58d57d3c82fdd3f403963e8e9de34398c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
32
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
1248
expires
0
ROS
pbjs.e-planning.net/hb/1/2a156/1/www.tweaksforgeeks.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/www.tweaksforgeeks.com/ROS?rnd=0.6783062023934288&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000...
  • https://pbjs.e-planning.net/hb/1/2a156/1/www.tweaksforgeeks.com/ROS?ct=1&r=pbjs&rnd=0.6783062023934288&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000...
373 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/www.tweaksforgeeks.com/ROS?ct=1&r=pbjs&rnd=0.6783062023934288&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&pbv=7.44.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&e_pubcid=68f75162-7985-412d-a8b6-a571a741e3c5
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
9d3b92ec9ff39693d9c8d91d6c44489933f58a0bc6ac54bd46ebb48636a5eb61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Mon, 24 Apr 2023 14:37:23 GMT
date
Mon, 24 Apr 2023 14:37:23 GMT
server
openresty
content-type
application/json
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
373
x-sid
AMS-937

Redirect headers

date
Mon, 24 Apr 2023 14:37:23 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2a156/1/www.tweaksforgeeks.com/ROS?ct=1&r=pbjs&rnd=0.6783062023934288&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&pbv=7.44.0&ncb=1&vs=FFFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&e_pubcid=68f75162-7985-412d-a8b6-a571a741e3c5
access-control-allow-origin
https://www.tweaksforgeeks.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-937
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.223 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
1f0c6cc70eff52fecc01a8cba267c18105fa40b4cb83f26fdbfbe014ee5e29a8

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.tweaksforgeeks.com
Date
Mon, 24 Apr 2023 14:37:24 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Content-Type
application/json
/
prebid.smilewanted.com/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf1c9010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf209010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf229010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf249010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf279010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf299010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7bcf157eaf2b9010-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		15 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ghb.adtelligent.com/v2/auction/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
bf7599b36be61e9dc25a32b4dea6b16be931bf8896da17db8a8a8c001baed972

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 24 Apr 2023 14:37:23 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.tweaksforgeeks.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1375
collect
www.google-analytics.com/j/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1583600391&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&ul=en-us&de=UTF-8&dt=Tweaks%20For%20Geeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1156275928&gjid=1349465493&cid=626960561.1682347043&tid=UA-42921757-24&_gid=2028449430.1682347043&_r=1&gtm=457e34j0&jsscut=1&z=1443140353
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1583600391&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&ul=en-us&de=UTF-8&dt=Tweaks%20For%20Geeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=www.tweaksforgeeks.com&cs=ContentPlayer&_u=YEDAAUABAAAAACAAI~&jid=804018826&gjid=1695314609&cid=626960561.1682347043&tid=UA-214964304-1&_gid=2028449430.1682347043&_r=1&_slc=1&z=673770597
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-23669758-34&cid=626960561.1682347043&jid=1356683436&gjid=2000031380&_gid=2028449430.1682347043&_u=YGDAgUABAAAAAGAAI~&z=1034796596
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Apr 2023 14:37:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1583600391&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dp=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&ul=en-us&de=UTF-8&dt=Tweaks%20For%20Geeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&ec=MMVideo&ea=vplayer%20video%20player%20embed&el=player_load%3D4223.800048828125%3Bplayer_script_req%3D-1&_u=YGDAAUABAAAAAGAAIC~&jid=1215114309&gjid=922350675&cid=626960561.1682347043&tid=UA-23669758-34&_gid=2028449430.1682347043&_r=1&_slc=1&gtm=45He34j0n81PL4PD49&cg1=MMPlus%20partner&cd7=MMPlus%20partner&cd33=www.tweaksforgeeks.com&cd35=516%3A290&cd38=video&cd54=Sports&cd55=MM%2B%20%7C%20CrateNetwork%20%7C%20Tweaksforgeeks%20%7C%20Podding%20&cd59=10%20sec&cd60=auto%20play&cd91=264&cd92=264&cd93=none&cd94=none&cd23=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&cd25=no&cd26=4.4.83&cd28=Sports&cd34=crate-network&cd39=crate-network&cd40=vplayer&cd41=01g16gxs1vdgqwj47t&cd42=none&cd43=none&cd44=yes&cd45=0&cd46=yes&cd47=0%20-%209&cd48=no&cd50=01g16gya91ts7bq9tq&cd51=yes&cd52=none&cd53=0&cd95=none&cd100=0&cd102=time%20in%20process%3D652%20milliseconds&cd104=&cd106=mmPlus%20GTM%20event%20to%20GA&cd107=Injection&cd108=MMPlus&cd110=4223.800048828125&cd113=none&cd114=none&cd119=none&cd126=none&z=471623530
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1583600391&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&ul=en-us&de=UTF-8&dt=Tweaks%20For%20Geeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&_u=YGDAgUABAAAAACAAI~&jid=1356683436&gjid=2000031380&cid=626960561.1682347043&tid=UA-23669758-34&_gid=2028449430.1682347043&gtm=45He34j0n81PL4PD49&cg1=MMPlus%20partner&cd7=MMPlus%20partner&cd33=www.tweaksforgeeks.com&cd35=516%3A290&cd38=video&cd54=Sports&cd55=MM%2B%20%7C%20CrateNetwork%20%7C%20Tweaksforgeeks%20%7C%20Podding%20&cd59=10%20sec&cd60=auto%20play&cd91=137&cd92=137&z=1483614884
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 23:39:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53894
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel;r=970947763;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=970947763;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F;uht=2;fpan=1;fpa=P0-319797884-1682347043068;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=tweaksforgeeks.com;dst=0;et=1682347043504;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Tweaks%20For%20Geeks%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Etweaksforgeeks%252Ecom%2Fwp-content%2Fuploads%2F2022%2F08%2Fshutterstock_169114605%2Curl.https%3A%2F%2Fwww%252Etweaksforgeeks%252Ecom%2Fgoogle-discovers-a-windows-exploit-that-cause-maj%2Ctitle.Google%20Discover%20A%20Windows%20Exploit%20That%20Can%20Cause%20Major%20Spyware%20Distribution%2Cdescription.Google%E2%80%99s%20in-house%20Threat%20Analysis%20Group%20has%20recently%20uncovered%20an%20exploit%20framew;ses=237fdf2a-04d0-40bf-a89b-3ac1ccb75914
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
config.js
cdn.confiant-integrations.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/ 		108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15743;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1faa302684d070b3492c61b4965a60f5b486b2cc82bc254ef34e532f3c769aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 10:41:01 GMT
server
cloudflare
x-amz-request-id
SE6PAFNXNTGYSRH1
age
636
etag
W/"7c0e2e923791efb8da7c1a1adb13eb5c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7bcf157f09a4bb62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
dkgqzHNHWvQdYqceljqyfW9zZU3BFBDTjxCTST6wBJlVoKqCRbf/IHNbuD0FtFmfKetYYdExous=
udm-r3_Fri_4_21_12_0_36_2023.js
bid.underdog.media/ 		518 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_Fri_4_21_12_0_36_2023.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15743;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:dc00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
397940c3ab19022cf639191ce4453374536eed5ceea53e2567ec2b157f50ff6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 19:02:42 GMT
content-encoding
gzip
via
1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 19:00:40 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
243282
etag
"a3bb8f106b6387d43367ff46234cb3e4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
170480
x-amz-cf-id
--_TbwQNTarJEdHqcp6MBEhEnEdg1OCMzLm--Z8eKsnnGgCaJSoJkw==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		160 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:21:54 GMT
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
FgJl46rlgR5udCTvcuyHp4lUwFu9f3KHT9QxEXSEOjtRDtLLdXefuA==
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.14426123
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.14426123
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=9201185162672373872;cb=0.14426123
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=9201185162672373872;cb=0.14426123
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:23 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 24 Apr 2023 14:37:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9cc32550-a0e0-4d70-9383-62f1fe58ac1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=9201185162672373872;cb=0.14426123
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkM2NDE5REUtREI1OS00NDU2LUIyRjYtMzVEMTQ2MDJFNzdG&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.14426123&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D9FC097FF-5361-46CA-AD47-4426303570C6
  • https://udmserve.net/udm/fetch.pix?pmid=9FC097FF-5361-46CA-AD47-4426303570C6
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=9FC097FF-5361-46CA-AD47-4426303570C6
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:24 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=9FC097FF-5361-46CA-AD47-4426303570C6
date
Mon, 24 Apr 2023 14:37:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.14426123%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.14426123%3Bindx%3D&s=199174&C=1
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.14426123;indx=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.14426123;indx=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:24 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.14426123;indx=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.14426123
  • https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.14426123&verify=true
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A
43 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:24 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A
date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.14426123%3Bsonobi%3D%5BUID%5D
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:24 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-179
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel;r=1737038723;rf=3;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F;uht=2;fpan=1;fpa=P0-319797884-168234...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1737038723;rf=3;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F;uht=2;fpan=1;fpa=P0-319797884-1682347043068;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=tweaksforgeeks.com;dst=0;et=1682347043534;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Tweaks%20For%20Geeks%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Etweaksforgeeks%252Ecom%2Fwp-content%2Fuploads%2F2022%2F08%2Fshutterstock_169114605%2Curl.https%3A%2F%2Fwww%252Etweaksforgeeks%252Ecom%2Fgoogle-discovers-a-windows-exploit-that-cause-maj%2Ctitle.Google%20Discover%20A%20Windows%20Exploit%20That%20Can%20Cause%20Major%20Spyware%20Distribution%2Cdescription.Google%E2%80%99s%20in-house%20Threat%20Analysis%20Group%20has%20recently%20uncovered%20an%20exploit%20framew;ses=237fdf2a-04d0-40bf-a89b-3ac1ccb75914
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=cbe8539e-cce7-5694-b4eb-2110c1f22b89&tv=%7Bc:aIihjk,pingTime:-10,time:963,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682347043554%7C%7C52dc52e314eb16880f67195d23810b5b%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7Ced19a9b404042d4facb086c0e94a39f9%7C%7C686f545b343a12ea38088d988d18f608%7C%7Cd4edb25fbdcf87b4f0e362b04b75734a%7C%7C6474884ea609ad63236cce3079ab62c6%7C%7Cbbe4b1aa180bd2bb5d9c99ef5cdef6af%7C%7C1663701684,im:%7Bimprf:%7Bttecl:2076,ecd:61,tsecr:76%7D%7D%7D
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:ea73:294d:a09b:a42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		160 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:9800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 13:41:36 GMT
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
3348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
EVqzB5PTepqG-8TddGtcYDnbwCpRfqpC8u5UOtnM713juGhcAnlErw==
pixel;r=569534606;labels=edge.1%2Csid.15743;rf=3;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F;uht=2;fpan=...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=569534606;labels=edge.1%2Csid.15743;rf=3;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F;uht=2;fpan=1;fpa=P0-319797884-1682347043068;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=tweaksforgeeks.com;dst=0;et=1682347043557;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Tweaks%20For%20Geeks%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Etweaksforgeeks%252Ecom%2Fwp-content%2Fuploads%2F2022%2F08%2Fshutterstock_169114605%2Curl.https%3A%2F%2Fwww%252Etweaksforgeeks%252Ecom%2Fgoogle-discovers-a-windows-exploit-that-cause-maj%2Ctitle.Google%20Discover%20A%20Windows%20Exploit%20That%20Can%20Cause%20Major%20Spyware%20Distribution%2Cdescription.Google%E2%80%99s%20in-house%20Threat%20Analysis%20Group%20has%20recently%20uncovered%20an%20exploit%20framew;ses=237fdf2a-04d0-40bf-a89b-3ac1ccb75914
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-42921757-24&cid=626960561.1682347043&jid=1156275928&gjid=1349465493&_gid=2028449430.1682347043&_u=YEBAAUAAAAAAACAAI~&z=2027910104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Apr 2023 14:37:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PEGZJDQ1BR&gtm=45je34j0&_p=1583600391&cid=626960561.1682347043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dr=&sid=1682347043&sct=1&seg=0&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dt=Tweaks%20For%20Geeks&en=page_view&_fv=1&_ss=1&ep.event_category=Syringe&ep.event_label=time%20in%20process%3D174%20milliseconds&ep.video_ad_unit=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&ep.video_prepv_time_in_process=time%20in%20process%3D637%20milliseconds&ep.player_ownership=MMPlus&ep.video_has_restriction=no&ep.video_player_version=4.4.83&ep.injectable_unit_domain=www.tweaksforgeeks.com&ep.video_player_property=crate-network&ep.injectable_unit_size=516%3A290&ep.injectable_unit_type=video&ep.player_organization=crate-network&ep.injectable_unit_video_player_id=none&ep.video_player_closeable=yes&ep.video_viewable_port=0%20-%209&ep.video_traffic_domain=Sports&ep.player_name=MM%2B%20%7C%20CrateNetwork%20%7C%20Tweaksforgeeks%20%7C%20Podding%20&ep.injectable_unit_video_ad_timeout=10%20sec&ep.injectable_unit_video_playback_method=auto%20play&epn.unique_event_id_hit=137&ep.video_player_type=Injection&ep.video_winning_bid_prebid_cpm=none&ep.video_winning_bid_prebid_original_cpm=none&ep.video_serving_method=none&ep.video_full_screen_on=no&ep.anonymizeIp=true&ep.campaignSource=Partners&ep.campaignMedium=MMPlus&epn.video_load_time=0&ep.anonimized=true&ep.video_winning_bid_cpm=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-PEGZJDQ1BR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12.json
id5-sync.com/g/v2/ 		216 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
7d6fa7b9e538b9984c12d3b86cbdf107eba23cb84fd6767f38d549b7f52eccc2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
mplayer_comscore_plugin.4.4.83.js
www.oo-syringe.com/prod/players// 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players//mplayer_comscore_plugin.4.4.83.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76b7c7182aa582ac32a99c7726bd6ef007c2b3bc456afd99b152668e59d59790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
78Q_O0VErzcdtaOo.mXw_nR1fJuC9sq3
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 09:59:54 GMT
x-amz-cf-pop
LAX3-C4
etag
"083dcd06b6f4350dd40f412a2713d9b2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
duUiFZVu3wny1YvVW8U8qvS4cHLaTVVwOABMLi17t9UGPXSN_cJ6LA==
content-length
13473
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:50:47 GMT
x-content-type-options
nosniff
age
204396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 05:50:47 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:18:02 GMT
x-content-type-options
nosniff
age
202761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:18:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96ed400ea2a1933406fda55aa79400d0f3a19d58b66c63fac04cc3e0c27c4cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48080
x-xss-protection
0
server
cafe
etag
286621599230582084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Apr 2023 14:37:23 GMT
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
mplayer-bridge.html
vms-players.minutemediaservices.com/ Frame 7E04 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vms-players.minutemediaservices.com/mplayer-bridge.html
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1d2f7d8fd957b12792fc62e567ebcd9e697f63a42e3dd023f02bd370d7c5640

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, max-age=1800
content-encoding
gzip
content-length
437
content-type
text/html
date
Mon, 24 Apr 2023 14:37:23 GMT
etag
"e97239360af3389bafb536d4d0bdb35f"
last-modified
Tue, 20 Dec 2022 11:11:02 GMT
vary
Accept-Encoding
x-amz-version-id
.9RAF9XlHfXzYtZBMnFKExfBF741L2yh
mplayer_shaka_voltax.4.4.83.js
www.oo-syringe.com/prod/players/ 		370 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35347a100232409b89ee158c56720b5ebf3665a47b26bdac97cf99077fbdbb8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
tiBWgOw9p9aVrBffOFE0oF7ZC5vRSvO1
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 09:59:54 GMT
x-amz-cf-pop
LAX50-P1
etag
"9deb651bfb4ab64c62edceb7a856c6ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
wUfCYm6uuY5W9boAby_q54emG_nOGsgZINJn2mNewUqOwOxjRzvqAA==
content-length
118732
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Mon, 24 Apr 2023 14:37:23 GMT
/
bqstreamer.com/tr/ 		0
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHnIPsDpMlF%2BDYfFJuLa%2BlJsqjjc1ac5E8ducRj5durj6CgWWtM6rPxyt1rAfWXAfChSbMGZDx3iNw6RmS%2Fhsc0FIj%2BCMBhtkzk43joqJAul%2BZ4ssRBg2gZQzyDeHGh0003F%2BHGP55DFiySX"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7bcf157ffba3371b-FRA
factors
factor-service.prod.voltaxservices.io/ 		47 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://factor-service.prod.voltaxservices.io/factors?mmPlayerLvl1=de:desktop:www.tweaksforgeeks.com:chrome:windows%2010:%2f175840252270787323%2fmmplus%2fcratenetwork%2ftweaksforgeeks%2fvideo:01g16gxs1vdgqwj47t:4.4.83
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1488 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cc65f4d45bd5726f31a59e2e9bd2810cf90cf5957dc06e123861d925a6f9d9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
content-length
71
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C5D4 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 abc3ecd1d98ae9cd426d47386509de18.cloudfront.net (CloudFront)
date
Sun, 23 Apr 2023 22:12:24 GMT
x-amz-cf-pop
AMS50-C1
age
59100
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pQhCl8tE4IE5-SBl1i5O6yVrZ568qR1AauYCYEhZECJHyM3gMFTZog==
mplayer_header_bidding_plugin.4.4.83.js
www.oo-syringe.com/prod/players/ Frame C5D4 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_header_bidding_plugin.4.4.83.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
baa5b55304d4f20d285e82ad1ddd857881edfc9ca521995dd04265c68becbe2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
KFSnasweZwazJBVIy3MMQsWvoV1E0mKI
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Mon, 24 Apr 2023 09:59:54 GMT
x-amz-cf-pop
LAX3-C4
etag
"9fd4ef90e993c170b2913b22d3ac9f39"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
zPBF1Ux0UMGeZ7shOd0HpZe850crxaf3dLoBJngH8Nmlakik6hof8A==
content-length
11596
notifyme.php
adtrack.adleadevent.com/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.91.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-91-58.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Apr 2023 14:37:23 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.tweaksforgeeks.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a8cb2c8e-88fb-4d42-8200-90736f345515
  • https://s.cpx.to/ca.png?dsp=dbm&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&google_gid=CAESEJiyv9N6oYavtiFcZu_EtR8&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&google_gid=CAESEJiyv9N6oYavtiFcZu_EtR8&google_cver=1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
34.248.182.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-182-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/ca.png?dsp=dbm&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&google_gid=CAESEJiyv9N6oYavtiFcZu_EtR8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da8cb2c8e-88fb-4d42-8200-90736f345515
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9FC097FF-5361-46CA-AD47-4426303570C6&fid=a8cb2c8e-88fb-4d42-8200-90736f345515
95 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9FC097FF-5361-46CA-AD47-4426303570C6&fid=a8cb2c8e-88fb-4d42-8200-90736f345515
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
34.248.182.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-182-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Mon, 24 Apr 2023 14:37:24 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Mon, 24 Apr 2023 14:37:24 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=9FC097FF-5361-46CA-AD47-4426303570C6&fid=a8cb2c8e-88fb-4d42-8200-90736f345515
date
Mon, 24 Apr 2023 14:37:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.tweaksforgeeks.com%252Fgoogle-discovers-a-windows-ex...
  • https://s.cpx.to/an_fire?app_nexus_uid=9201185162672373872&pid=12771&ref=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&hn_v...
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=9201185162672373872&pid=12771&ref=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&hn_ver=40&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&dsp=pub_common&dsp_uid=a4cde59c-ae6f-41e5-8bb1-90b144d70595
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
34.248.182.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-182-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Mon, 24 Apr 2023 14:37:23 UTC

Redirect headers

Date
Mon, 24 Apr 2023 14:37:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a92fcce5-c8f0-47ec-8bb3-6ead2bba9898
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.cpx.to/an_fire?app_nexus_uid=9201185162672373872&pid=12771&ref=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&hn_ver=40&fid=a8cb2c8e-88fb-4d42-8200-90736f345515&dsp=pub_common&dsp_uid=a4cde59c-ae6f-41e5-8bb1-90b144d70595
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
in_search.js
resources.infolinks.com/js/1852.004-3.026/ 		224 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1852.004-3.026/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dca24667fba2b75530c3b1adf2951f97bc767809e619c3e115d57eff98e2d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 12:22:57 GMT
server
cloudflare
age
2844
etag
W/"38074-5f7e0cd96e2a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bcf157ff8bd5b98-FRA
expires
Wed, 24 May 2023 13:49:59 GMT
bubble.js
resources.infolinks.com/js/1852.004-3.026/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1852.004-3.026/bubble.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17497c704b79b84614b5319952fd19919e6649b959ecff2eacb77283f348d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 12:22:57 GMT
server
cloudflare
age
3441
etag
W/"26f1b-5f7e0cd96e691"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bcf157ff8be5b98-FRA
expires
Wed, 24 May 2023 13:40:02 GMT
wrap.js
cdn.confiant-integrations.net/prebid/202304111045/ 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/prebid/202304111045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046dda8e79d3bd84c7b731ae3285bbf3075d34bce6c8a9274cbbf99353692aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Apr 2023 14:47:26 GMT
server
cloudflare
x-amz-request-id
FQAVC4VEB2PBC01Q
age
1114463
etag
W/"4f4760354bb83a7a52f38c4a7a1d2286"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7bcf15802b57bb62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
g30vg2ynZnD0W8uL8cZVExTX3X+A8m1og5TaE37ft9vU0NFOp725G+VQ2lpOl898d7ooDvZ5bdQ=
comScore-JS-6.2.3.180328.min.js
bucket1.mm-syringe.com/lib/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/lib/comScore-JS-6.2.3.180328.min.js
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players//mplayer_comscore_plugin.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.142 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
UP2tnScyf0IkbIh1GVgoQZiM5AlMQNdo
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:23 GMT
last-modified
Sun, 31 Mar 2019 15:57:40 GMT
etag
"18a99636882ae65fbb2e600e276380ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=20376747, private, max-age=1800
accept-ranges
bytes
content-length
43460
rrv7.js
bid.underdog.media/ 		972 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Fri_4_21_12_0_36_2023.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:dc00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5830a95dd04dfdf43d1339cb47df9b12c88069e180ff5cb33f3ed81f71cad524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 13:18:48 GMT
content-encoding
gzip
via
1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 13:00:04 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
4716
etag
"56f4f93585405fc648efdeb1482c6d8f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
472
x-amz-cf-id
Vpxsp9n-IkZWpNowfEWGwY7c8sajsXZaT5DHLLoY7nWOXtwoyPGkRw==
img.fetch
udmserve.net/udm/ 		1 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=15743;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Fri_4_21_12_0_36_2023.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Date
Mon, 24 Apr 2023 14:37:24 GMT
Connection
Keep-Alive
Content-Length
1
Content-Type
application/x-javascript
video.min.js
player.globalsun.io/player/video.js-new/dist/ 		554 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa8700eaa4be8549203564d995f821f6ca7aa0e5dd84e61c805ecc9a3a0cd74f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 15:06:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41596
etag
W/"634d6f6e-8a6e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4taAr0Y9WPmZlw1DTLWNexeJcVBQW49Fjfg3yFhBH%2BohC%2FH0Mpesf6cu1xVetaZWNKupz%2BILCNN6Jic1JxApNXzysP1zpCuNEJrEk9Hew9CFlStNhv2I67KJ38%2BJ57OfBYZO7O6q%2BmMfzFI0Kiao1Wp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7bcf1580cdeb30e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Apr 2023 03:04:07 GMT
videojs.ima.min.js
player.globalsun.io/player/videojs-ima-new/dist/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-ima-new/dist/videojs.ima.min.js?v=3.2.22
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ebd714243264393b54c89d034e20601df9b92b4ead1e0ae4df42d61f47fe26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 13:51:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41596
etag
W/"63860e7c-93d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaoW8SzpUJM4usAwN9PMT21ogQ3GZ2rvW8iMgs%2FMAbdh5vXG80JWxEKMVTtW91YlQkX%2FIBHaTw7MaG3iVrDy4nZSMjrTyGm8pWcVz47d8BVb4WOpTPMzYfUgE%2Bi94o8V7t7IlMtDDyBRML38uWSIRngs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7bcf1580cdf130e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Apr 2023 03:04:07 GMT
videojs.ads.min.js
player.globalsun.io/player/videojs-contrib-ads/dist/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-contrib-ads/dist/videojs.ads.min.js?v=3.2.22
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a474eb4de90110baa24fa4c32e2ab48e7f84ea67d40f3435cfa8191826f946a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 05 Sep 2021 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40676
etag
W/"61348c5d-5a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESZY2OajPEaxhMk9QnfbJni%2B7a5H7JzLJiSsOQJtaT6fEa92HY9GPp7GuOv%2BfO1kKLEa41ImZWEUJp%2F9SyR2iVL%2BrSnESU6sl3Pds1nhatAHhQLfXXkuhXJFPp8jz%2BP2ZX8si4WYPNWFIDWwn4ng9p0A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7bcf1580cdf530e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 25 Apr 2023 03:19:27 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-color.png
player.globalsun.io/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player.globalsun.io/logo-color.png
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a60e96b24ca6549e96b8f77fab54e728a6b878c9fbe2ebe6abb66cef31b7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54158
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22692
last-modified
Mon, 06 Dec 2021 10:59:31 GMT
server
cloudflare
etag
"61aded13-58a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri%2F10uMW%2FLCkkjWVqRi2YcVwarBk%2B2C%2FBMennXDelecIgVXlT7ehmsoF3uxh9UYRc%2BzWdddgP9fLJ5fZ%2FuLIGfNVbaL7NoEiLJZ4mULygGIVIPNE3KsvKjA0Py0PJTuRFyVrLoSxwtjuaYb6%2B8ESCq6e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bcf1580de0230e4-FRA
expires
Mon, 24 Apr 2023 23:34:45 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
getads.htm
rt3066.infolinks.com/action/ 		139 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22articles%22%2C%22scs%22%3A%22tylzJDApkI%22%7D%5D&rid=aacf28c2-4278-49c2-bea9-c252f3076fde&jsv=1852.004-3.026&sr=1600X1200&rts=1682347044074&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=112.0.5615.121&dv=p&ce=t&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=xnlTGjo0hUEu4J-M6jRJo5PAZ7PDEBowpn9Zc4At4jDOMP3cU1fPoafzec1-oihm38TVYxPj4fH-gPvTH_JwIkxga8vHaQZhtYcDcOsMPH0rrszwbPhyJwOhQ0qwXynr_WJre0y-sycY-OiJzY8nlh3ErI_HsDyBpw3XBzWcnBM&rsk=76&rcs=KYL1aBbVOz9sz42nEKcC0A&cuid=aafa83ba-c81f-4f91-a907-81760394e32f&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e73b07fab7119fbfcd0608a24187a878b4126212ce68c1533a239f8bd95d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7bcf158189f95b98-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
intag_incontent.js
resources.infolinks.com/js/1852.004-3.026/ 		199 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1852.004-3.026/intag_incontent.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8089495c7dd4f2030ed449649d4cc8271eda9e0566d11112d55cc22b7170316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 12:22:57 GMT
server
cloudflare
age
9820
etag
W/"31bf3-5f7e0cd96dec0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bcf158189fe5b98-FRA
expires
Wed, 24 May 2023 11:53:44 GMT
in_frame.js
resources.infolinks.com/js/1852.004-3.026/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1852.004-3.026/in_frame.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe24329917e6ce47414d692ef36a82a97671da5aace682a00e74bad15a40f260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Mar 2023 12:22:57 GMT
server
cloudflare
age
8842
etag
W/"924a-5f7e0cd96f249"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bcf158189ff5b98-FRA
expires
Wed, 24 May 2023 12:10:02 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:31:12 GMT
server
cloudflare
age
4922
etag
W/"5344d-5f75343a1bcf7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7bcf1581ca315b98-FRA
expires
Wed, 24 May 2023 13:15:22 GMT
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:24 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:24 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.tweaksforgeeks.com
date
Mon, 24 Apr 2023 14:37:23 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=2&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:24 GMT
server
nginx
x-iplb-request-id
D972DA17:80C8_36264064:01BB_64469423_D856B49:C883
x-iplb-instance
24857
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=1&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:24 GMT
server
nginx
x-iplb-request-id
D972DA17:809A_36264064:01BB_64469423_D85E340:1F80C
x-iplb-instance
20686
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=3&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:24 GMT
server
nginx
x-iplb-request-id
D972DA17:8016_36264064:01BB_64469422_D868616:10955
x-iplb-instance
38439
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:24 GMT
server
nginx
x-iplb-request-id
D972DA17:808E_36264064:01BB_64469422_D889A21:10958
x-iplb-instance
38439
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=20&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:24 GMT
server
nginx
x-iplb-request-id
D972DA17:80CA_36264064:01BB_64469422_D847366:2558
x-iplb-instance
38432
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		13 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=94717&f=19&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=94717&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:24 GMT
server
nginx
x-iplb-request-id
D972DA17:8062_36264064:01BB_64469422_D854BCE:2E3AA
x-iplb-instance
38437
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 6D6A 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
203582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:04:22 GMT
expires
Sun, 21 Apr 2024 06:04:22 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Apr 2023 14:37:24 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.tweaksforgeeks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
inventory
api-player.globalsun.io/api/publishers/log/ 		42 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-player.globalsun.io/api/publishers/log/inventory?category_id=e31942ac0e0a3bf20bf224&item_id=74932017489af0768d10b2&origin=https%3A%2F%2Fwww.tweaksforgeeks.com&href=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&adserver_id=4a00b1ac96bc7941112e43
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.148.121.250 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.121.250.vultrusercontent.com
Software
/ Globalsun
Resource Hash
edb6180c914e7b38450a0a388cc86d9aa54a6cf4e6cdd87d909300983eae7988
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-real-ip
217.114.218.23
x-powered-by
Globalsun
etag
W/"2a-6nB6ZG7auuDmXm7JB25tu2NKVKI"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
public, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, *
content-length
42
1633256573_huy-test.m3u8
cdn.globalsun.io/ 		600 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io/1633256573_huy-test.m3u8
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b67a2c38da877d9cfaf7c65933785f2c1895bbbce3d9e82e54d4f433cf440c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
44487110
x-accel-date
1637859934
x-77-nzt
AcO1rgV+iwD/xtGmAg
x-accel-expires
@1953219934
last-modified
Sun, 03 Oct 2021 10:22:54 GMT
server
CDN77-Turbo
etag
W/"6159847e-258"
x-77-nzt-ray
25b02131f0b662032494466498631718
vary
Accept-Encoding, Origin
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
01dt59154vxfwzhqh9
drm.mmvideosvc.com/v1.0/regulation/ 		63 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://drm.mmvideosvc.com/v1.0/regulation/01dt59154vxfwzhqh9?origin=www.tweaksforgeeks.com
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9c6339137dfccbf6a43e6f0c54c2614118f82effe8893f914481558b13d7538b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
content-length
82
expires
Mon, 24 Apr 2023 15:37:25 GMT
getads.htm
rt3066.infolinks.com/action/ 		145 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IF_RIGHT%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22f%22%2C%22garc%22%3A0%2C%22as%22%3A%22160*600%22%2C%22nom%22%3A1%2C%22sdata%22%3A%22antivirus%20software%22%2C%22scs%22%3A%22gK5Yb9Dy0C%22%7D%5D&rid=aacf28c2-4278-49c2-bea9-c252f3076fde&jsv=1852.004-3.026&sr=1600X1200&rts=1682347044333&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=112.0.5615.121&dv=p&ce=t&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=xnlTGjo0hUEu4J-M6jRJo5PAZ7PDEBowpn9Zc4At4jDOMP3cU1fPoafzec1-oihm38TVYxPj4fH-gPvTH_JwIkxga8vHaQZhtYcDcOsMPH0rrszwbPhyJwOhQ0qwXynr_WJre0y-sycY-OiJzY8nlh3ErI_HsDyBpw3XBzWcnBM&rsk=76&rcs=KYL1aBbVOz9sz42nEKcC0A&cuid=aafa83ba-c81f-4f91-a907-81760394e32f&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5d14c7735e406e8a4d5bf9eb324530a2333c68065241f8d0e051fb310f75b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7bcf15832b265b98-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3066.infolinks.com/action/ 		141 B
203 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A4%2C%22maw%22%3A665%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A1013%2C%5C%22left%5C%22%3A280%2C%5C%22isAboveFold%5C%22%3A100%7D%22%2C%22sdata%22%3A%22internet%22%2C%22scs%22%3A%22FvEJIxgcb2%22%7D%5D&rid=aacf28c2-4278-49c2-bea9-c252f3076fde&jsv=1852.004-3.026&sr=1600X1200&rts=1682347044345&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=112.0.5615.121&dv=p&ce=t&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=xnlTGjo0hUEu4J-M6jRJo5PAZ7PDEBowpn9Zc4At4jDOMP3cU1fPoafzec1-oihm38TVYxPj4fH-gPvTH_JwIkxga8vHaQZhtYcDcOsMPH0rrszwbPhyJwOhQ0qwXynr_WJre0y-sycY-OiJzY8nlh3ErI_HsDyBpw3XBzWcnBM&rsk=76&rcs=KYL1aBbVOz9sz42nEKcC0A&cuid=aafa83ba-c81f-4f91-a907-81760394e32f&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03f4ea21ea8b4c0e5cfc9957b0f51cce4e011ed79830fbc4f7ed2340b145fc5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7bcf15833b345b98-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3066.infolinks.com/action/ 		139 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3066.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE1%22%2C%22bdc%22%3A4%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A4%2C%22maw%22%3A665%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A1228%2C%5C%22left%5C%22%3A280%2C%5C%22isAboveFold%5C%22%3A85.64102564102564%7D%22%2C%22sdata%22%3A%22google%22%2C%22scs%22%3A%22QjlXMqHCwR%22%7D%5D&rid=aacf28c2-4278-49c2-bea9-c252f3076fde&jsv=1852.004-3.026&sr=1600X1200&rts=1682347044346&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=112.0.5615.121&dv=p&ce=t&purl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=xnlTGjo0hUEu4J-M6jRJo5PAZ7PDEBowpn9Zc4At4jDOMP3cU1fPoafzec1-oihm38TVYxPj4fH-gPvTH_JwIkxga8vHaQZhtYcDcOsMPH0rrszwbPhyJwOhQ0qwXynr_WJre0y-sycY-OiJzY8nlh3ErI_HsDyBpw3XBzWcnBM&rsk=76&rcs=KYL1aBbVOz9sz42nEKcC0A&cuid=aafa83ba-c81f-4f91-a907-81760394e32f&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be92ff230d762442be7c3515962bf1dddb24824087394da02c8579740c3dcba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7bcf15833b365b98-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3066.infolinks.com/action/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3066.infolinks.com/action/dcl.htm?rid=aacf28c2-4278-49c2-bea9-c252f3076fde&jsv=1852.004-3.026&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A2%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7bcf15833b395b98-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
193d6994-c295-4aac-b54e-6c1dd65b723c
https://www.tweaksforgeeks.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.tweaksforgeeks.com/193d6994-c295-4aac-b54e-6c1dd65b723c
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d3fff4a210d791bfd98347f39cf241cacfdbb3602b3319c6820c5a4160d8b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
5431
Content-Type
application/javascript
5c52c253-21b7-4d04-9fb1-3672cfaca25d
https://www.tweaksforgeeks.com/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.tweaksforgeeks.com/5c52c253-21b7-4d04-9fb1-3672cfaca25d
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
78253
Content-Type
application/javascript
214b4fff-bfab-473f-9981-8d287094319b
https://www.tweaksforgeeks.com/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.tweaksforgeeks.com/214b4fff-bfab-473f-9981-8d287094319b
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
78253
Content-Type
application/javascript
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 65E7 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
203582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 06:04:22 GMT
expires
Sun, 21 Apr 2024 06:04:22 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tweaksforgeeks.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
1633256573_huy-test0.ts
cdn.globalsun.io/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io/1633256573_huy-test0.ts
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
362e7df66290888156ea2b3f6b557ac730a521a3aac526349d56839818e0308f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:24 GMT
x-cache
HIT
x-77-cache
HIT
x-age
941052
x-accel-date
1681405992
content-length
2230056
x-77-nzt
AcO1rgW+99j//FsOAA
x-accel-expires
@1682442792
last-modified
Sun, 03 Oct 2021 10:22:53 GMT
server
CDN77-Turbo
etag
"220728-5cd702ddc5940"
x-77-nzt-ray
25b02131f0b6620324944664b96e1721
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.tweaksforgeeks.com
accept-ranges
bytes
1546425929-667526e0ff059a2bc42edf04d9349356d55f90c7846fde90aa91ded9ea1d97ae-d
i.vimeocdn.com/video/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1546425929-667526e0ff059a2bc42edf04d9349356d55f90c7846fde90aa91ded9ea1d97ae-d
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3a1c113a2a11583e364fd300caee84e97d0c434ca6d5b0f7a7a12a03d16083a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1961334
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
82533
viewmaster-server
viewmaster-us-central1-pv1d
x-served-by
cache-dfw-kdfw8210101-DFW, cache-fra-eddf8230067-FRA
x-timer
S1682347045.740088,VS0,VE0
etag
2db8bf9dcc7111c95e04011aaa086cb5
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
18356, 2
csi
csi.gstatic.com/ Frame 65E7 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lguxzrhy&c=3357242873208&slotId=1678621436604&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 65E7 		156 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Ftweaksforgeeks.com_3.1&description_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2888839964384058&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpv=1.11.0&sdki=445&ptt=20&adk=3052639567&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tweaksforgeeks.com%2F66c813e7-dec1-4297-a137-256101a86915&sid=9AE3CD0E-B12A-4548-9DC8-013F551E8A3E&nel=0&eid=44729309%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dlt=1682347040896&idt=3752&dt=1682347044706&cookie_enabled=1&scor=3773869185512547&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1633256573_huy-test1.ts
cdn.globalsun.io/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io/1633256573_huy-test1.ts
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5d9bf25e4164225a56d6aabd8ae091660c9502887c6b514979a12bc0aea7367a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:24 GMT
x-cache
HIT
x-77-cache
HIT
x-age
940906
x-accel-date
1681406138
content-length
1273700
x-77-nzt
AcO1rgURvW7/alsOAA
x-accel-expires
@1682442938
last-modified
Sun, 03 Oct 2021 10:22:53 GMT
server
CDN77-Turbo
etag
"136f64-5cd702ddc5940"
x-77-nzt-ray
25b02131f0b66203249446642efd263a
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.tweaksforgeeks.com
accept-ranges
bytes
csi
csi.gstatic.com/ Frame 65E7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lguxzrkm&c=3357242873208&slotId=1678621436604&ghmsh_eids=44729309%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=cbe8539e-cce7-5694-b4eb-2110c1f22b89&tv=%7Bc:aIihIy,time:2527,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2527,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:372,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2167~0%5D,as:%5B2167~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:393,fm:tCm8K3d+1*.931034%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:0,renddet:na,siq:374,sis:529%7D&br=c
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:ea73:294d:a09b:a42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:25 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ads
pubads.g.doubleclick.net/gampad/ Frame 65E7 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Ftweaksforgeeks.com_2.1&description_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2888839964384058&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpv=1.11.0&sdki=445&ptt=20&adk=3052639567&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tweaksforgeeks.com%2F66c813e7-dec1-4297-a137-256101a86915&sid=9AE3CD0E-B12A-4548-9DC8-013F551E8A3E&nel=0&eid=44729309%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dlt=1682347040896&idt=3752&dt=1682347045128&cookie_enabled=1&scor=3773869185512547&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1633256573_huy-test2.ts
cdn.globalsun.io/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io/1633256573_huy-test2.ts
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6b7ea0e32fe1390b35c39f4b1a161dc40f5403a8317c60141b8eb2b440cede43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:25 GMT
x-cache
HIT
x-77-cache
HIT
x-age
940903
x-accel-date
1681406142
content-length
1694068
x-77-nzt
AcO1rgVF/bT/Z1sOAA
x-accel-expires
@1682442942
last-modified
Sun, 03 Oct 2021 10:22:53 GMT
server
CDN77-Turbo
etag
"19d974-5cd702ddc5940"
x-77-nzt-ray
25b02131f0b66203259446643ae5a009
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.tweaksforgeeks.com
accept-ranges
bytes
config
c.amazon-adsystem.com/cdn/prod/ Frame C5D4 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5090&u=https%3A%2F%2Fwww.tweaksforgeeks.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
Server /
Resource Hash
6ab63481834c1edbcccd73c4b8d4f13fc5dedfe17e11d1b5a0bda4368f9f3bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:24 GMT
via
1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3273
x-amz-cf-id
98m2OtQKlyNi_uRTUom6J9k2P-UQ4bn6uqZgRfqDauiRJB6O13TRyw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame C5D4 		23 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5090&u=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&pid=HnvhvlIFGvRzM&cb=0&ws=0x8&v=23.414.2006&t=3000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22dtb_buy_12085_video%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22516x290.25%22%5D%7D%5D&schain=1.0%2C1!minutemedia.com%2C01g11p6kv52b%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22tcfv2-error%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-35-220.ams1.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
H8VTCH7KZX7XRE8E46JE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.tweaksforgeeks.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wYncX5UGcGJaPRLNZWcPVKr-RqaTFIARVizXhwgC2jL7Ne9xsFDEjg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.205.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-205-52.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tweaksforgeeks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 24 Apr 2023 14:37:25 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ats.js
ats.rlcdn.com/ Frame C5D4 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-68.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding
br
via
1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
date
Mon, 24 Apr 2023 02:44:14 GMT
x-amz-cf-pop
AMS54-C1
age
42792
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
e16bd58aa55fcc98af3b10870aad5974
last-modified
Thu, 19 Jan 2023 10:03:36 GMT
server
AmazonS3
etag
W/"0820c3a8da5dbe428619a7328c53b95f"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
_lCc97zN5DHVWWIJMBX2xC412oOygFmApAMav9PwVaeOTgXTmxyutw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame C5D4 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 24 Apr 2023 14:52:25 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame C5D4 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-100.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 03:54:16 GMT
content-encoding
gzip
via
1.1 ef2cb74895744344a0ea2100fbbb760a.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
46903
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
opn4hfbbrmMhuvplrFNgZSpYRmVDIUH79g_oWu8P-YTiE0qunYHOig==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame C5D4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: apple-insider.com
URL: https://apple-insider.com/i/7MyjJ5kWKI/?cid=am&sub_id=am_244025.971700&utm_source=am_244025.971700&utm_campaign=am
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 24 Apr 2023 14:52:25 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame C5D4 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.205.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-205-52.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:25 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tweaksforgeeks.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 6D6A 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=400x300%7C640x480%7C480x270%7C640x360&iu=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&description_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&correlator=1109719709652230&cust_params=mmPlayerLvl1%3Dde%3Adesktop%3Awww.tweaksforgeeks.com%3Achrome%3Awindows%2010%3A%2F175840252270787323%2Fmmplus%2Fcratenetwork%2Ftweaksforgeeks%2Fvideo%3A01g16gxs1vdgqwj47t%3A4.4.83%26mm_referrer%3Dhttps%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F%26videotags%3Ddbltap%2Cflipboardtv%2Cmidnight%20launch%2Cnintendo%2Cnintendo%20switch%2Cpokemon%2Cpokemon%20shield%2Cpokemon%20sword%2Cpokemon%20sword%20and%20shield%26playersize%3Dlarge%26mm_midroll%3D0%26video_ID%3D01dt59154vxfwzhqh9&ad_rule=1&pod=0&vid=01dt59154vxfwzhqh9&cmsid=2630030&vpmute=1&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=935497324&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&sid=F343362B-B43D-4FF5-9E25-6DF5459AABC3&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&loc=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dlt=1682347040896&idt=3592&dt=1682347045470&cookie_enabled=1&scor=1674562047850214&ged=ve4_td4_tt0_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d013679f6616f132c70b602ad6f11ec393b4e5aa365842266463cce82b5937c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1187
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame C5D4 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 24 Apr 2023 14:52:25 GMT
map
bcp.crwdcntrl.net/6/ Frame C5D4 		60 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.240.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-240-52.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8a63276508f635e6044a52b72093d0b20b5c3036c8a21e5b6f9fe6f2b2dd6fbb

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache
x-server
10.45.20.223
access-control-allow-credentials
true
content-length
60
expires
0
/
geo.privacymanager.io/ Frame C5D4 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-95.ams50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 01:27:24 GMT
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront), 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, AMS50-C1
age
47401
x-amzn-requestid
4259d64e-516f-4b74-8381-c8f2814a3692
x-amzn-trace-id
Root=1-6445dafc-54e2140c5817b0d0155150ad;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
D28njF9lDoEF5cg=
content-length
28
x-amz-cf-id
cqo2aTBUZm47tLVPVakycNwX9LRE1VKO_nmO-Ba-lFdN_ZU2HUzdWA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame C5D4 		190 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 24 Apr 2023 15:07:25 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6D6A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=mmPlayerLvl1%3Dde%3Adesktop%3Awww.tweaksforgeeks.com%3Achrome%3Awindows%2010%3A%2F175840252270787323%2Fmmplus%2Fcratenetwork%2Ftweaksforgeeks%2Fvideo%3A01g16gxs1vdgqwj47t%3A4.4.83%26mm_referrer%3Dhttps%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F%26videotags%3Ddbltap%2Cflipboardtv%2Cmidnight%20launch%2Cnintendo%2Cnintendo%20switch%2Cpokemon%2Cpokemon%20shield%2Cpokemon%20sword%2Cpokemon%20sword%20and%20shield%26playersize%3Dlarge%26mm_midroll%3D0%26video_ID%3D01dt59154vxfwzhqh9&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=61000&vrid=1194944&sid=F343362B-B43D-4FF5-9E25-6DF5459AABC3&adk=935497324&cookie_enabled=1&correlator=1109719709652230&ctv=0&dlt=1682347040896&dt=1682347045570&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=3592&is_amp=0&loc=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&omid_p=Google1%2Fh.3.569.0&osd=2&ptt=20&scor=1674562047850214&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&cmsid=2630030&sdki=445&sdkv=h.3.569.0&sdr=1&video_doc_id=01dt59154vxfwzhqh9&vpmute=1&nel=0&cnc=270787323&kfa=0&tfcd=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame C5D4 		197 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.134.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-134-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:25 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:23:24 GMT
server
Apache
etag
"31332-5eaee9adb933b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
59461
expires
Mon, 24 Apr 2023 14:52:25 GMT
csi
csi.gstatic.com/ Frame 6D6A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lguxzrc9&c=3357242873208&slotId=1678621436604&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6D6A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=mmPlayerLvl1%3Dde%3Adesktop%3Awww.tweaksforgeeks.com%3Achrome%3Awindows%2010%3A%2F175840252270787323%2Fmmplus%2Fcratenetwork%2Ftweaksforgeeks%2Fvideo%3A01g16gxs1vdgqwj47t%3A4.4.83%26mm_referrer%3Dhttps%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F%26videotags%3Ddbltap%2Cflipboardtv%2Cmidnight%20launch%2Cnintendo%2Cnintendo%20switch%2Cpokemon%2Cpokemon%20shield%2Cpokemon%20sword%2Cpokemon%20sword%20and%20shield%26playersize%3Dlarge%26mm_midroll%3D0%26video_ID%3D01dt59154vxfwzhqh9&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=61000&vrid=1194944&sid=F343362B-B43D-4FF5-9E25-6DF5459AABC3&adk=935497324&cookie_enabled=1&correlator=1109719709652230&ctv=0&dlt=1682347040896&dt=1682347045870&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3592&is_amp=0&loc=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&omid_p=Google1%2Fh.3.569.0&osd=2&ptt=20&scor=1674562047850214&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&cmsid=2630030&sdki=445&sdkv=h.3.569.0&sdr=1&video_doc_id=01dt59154vxfwzhqh9&vpmute=1&nel=0&cnc=270787323&kfa=0&tfcd=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6D6A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=mmPlayerLvl1%3Dde%3Adesktop%3Awww.tweaksforgeeks.com%3Achrome%3Awindows%2010%3A%2F175840252270787323%2Fmmplus%2Fcratenetwork%2Ftweaksforgeeks%2Fvideo%3A01g16gxs1vdgqwj47t%3A4.4.83%26mm_referrer%3Dhttps%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F%26videotags%3Ddbltap%2Cflipboardtv%2Cmidnight%20launch%2Cnintendo%2Cnintendo%20switch%2Cpokemon%2Cpokemon%20shield%2Cpokemon%20sword%2Cpokemon%20sword%20and%20shield%26playersize%3Dlarge%26mm_midroll%3D0%26video_ID%3D01dt59154vxfwzhqh9&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=3&lip=true&min_ad_duration=0&max_ad_duration=61000&vrid=1194944&sid=F343362B-B43D-4FF5-9E25-6DF5459AABC3&adk=935497324&cookie_enabled=1&correlator=1109719709652230&ctv=0&dlt=1682347040896&dt=1682347046206&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3592&is_amp=0&loc=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&omid_p=Google1%2Fh.3.569.0&osd=2&ptt=20&scor=1674562047850214&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&cmsid=2630030&sdki=445&sdkv=h.3.569.0&sdr=1&video_doc_id=01dt59154vxfwzhqh9&vpmute=1&nel=0&cnc=270787323&kfa=0&tfcd=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
08882d31df95daace0c23f1108f3e11fc53ef17334df446f3e3cb395c597c955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:34 GMT
server
nginx
etag
W/"642e8db6-1638a"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 14:37:26 GMT
01dt59154vxfwzhqh9.m3u8
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		845 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9.m3u8
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ebeb782b7464f9c89489339167a397b07ace82014dc3ade75ec23f7e8352d022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-country-whitelist
x-amz-meta-origin-whitelist
x-amz-version-id
null
content-encoding
gzip
x-amz-meta-end-date
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
DEP28ZFCSDG42B5B
x-amz-cf-pop
IAD89-P1
x-amz-meta-origin-blacklist
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
x-amz-meta-start-date
2019-11-20T20:46
content-length
303
x-amz-id-2
WD46HkRNNbRvp9ybYiuAn4lCl0+j8NhF6nAQh2eCvnTGs3aMOkPioIXG92Lh/cc6VEwLSN9c9vw=
last-modified
Wed, 20 Nov 2019 20:52:00 GMT
server
AmazonS3
etag
"a7e9b3d3aafdda2a41b4704174a36a89"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-mpegURL
access-control-allow-origin
*
x-amz-meta-country-blacklist
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=29916021
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,OPTIONS
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
4r_sEuvzliNm-2wH1ElJHSBAKcHqhDnxTt22wkIdT5FoPhJwazSb6g==
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
08882d31df95daace0c23f1108f3e11fc53ef17334df446f3e3cb395c597c955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:34 GMT
server
nginx
etag
W/"642e8db6-1638a"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 14:37:26 GMT
1633256573_huy-test3.ts
cdn.globalsun.io/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io/1633256573_huy-test3.ts
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd1c5c2c42f4f511d4b9708c8a2f28e3bcb1d4cce1946508b84cee33f3b77ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:26 GMT
x-cache
HIT
x-77-cache
HIT
x-age
940756
x-accel-date
1681406290
content-length
1345892
x-77-nzt
AcO1rgWtnZ3/1FoOAA
x-accel-expires
@1682443090
last-modified
Sun, 03 Oct 2021 10:22:53 GMT
server
CDN77-Turbo
etag
"148964-5cd702ddc5940"
x-77-nzt-ray
25b02131f0b6620326944664569a1025
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.tweaksforgeeks.com
accept-ranges
bytes
01dt59154vxfwzhqh9_270p.m3u8
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		3 KB
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_270p.m3u8
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7d0db10d898c8ab5adbbce9d279e896a83efdcc38fe4482434acc949dcab50cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
F8EBRSFKJ1VHMXHY
x-amz-cf-pop
ATL59-P3
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
317
x-amz-id-2
R75jBEKoFVLhV4CdN1FE5QIXHlBhHwiV0/IAgRc3vKGHkO23ldNvNpOhjIbJ5uVx9XI6uRtXqfA=
last-modified
Wed, 20 Nov 2019 20:51:55 GMT
server
AmazonS3
etag
W/"8548df6f7ce1e925268c4434a1fed159"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=29819860
access-control-allow-credentials
true
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
ZAf9Z1JXxsAgvZB7e8iqfjMfae--CH2C6I1sQ2KRkXyIDC0AwzeXow==
01dt59154vxfwzhqh9_1080p.m3u8
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		3 KB
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_1080p.m3u8
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dd76fb556eaa806129df6c0d6f6de7d490eecd991d4fcf8490f89cfb846ee0d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
10TMMBEV8VYKH5VW
x-amz-cf-pop
ATL59-P3
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
316
x-amz-id-2
F2y4ieYIVrzl/UAK/fMV+qtluO90X0y2QHx0uCz3kqAZfQJT7Y6QQflM0CUpILBo6OvjYBu2Glk=
last-modified
Wed, 20 Nov 2019 20:51:55 GMT
server
AmazonS3
etag
W/"be699a962050143568cd103f0a0f97f2"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30332957
access-control-allow-credentials
true
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
JqdSna7cUAakgQ8ttkjcjKMLvZyrdq0JKsRavTytFQqxGSYlEGBCHA==
01dt59154vxfwzhqh9_720p.m3u8
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		3 KB
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_720p.m3u8
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8f2910144506bd297dd6a9d1b370a162c453de0396f45b5503850826d1a40bed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
AEFCMJ81NBZRKYC9
x-amz-cf-pop
MIA3-P3
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
317
x-amz-id-2
IFuwvQyW4XCKWRQxE/YGpZtOTAXNCnVYYRVYbDKWY0x0rJDeVNS0icEvk0+wKh225ENcpzhwiHM=
last-modified
Wed, 20 Nov 2019 20:51:55 GMT
server
AmazonS3
etag
W/"70045dd8d40e5410592637e5211b3e8c"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30500844
access-control-allow-credentials
true
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
qyJZAMdlV-6NZ0FfkSSmb-37HISO_6U8WuXH_ve1l2SmPyE9rljTlg==
01dt59154vxfwzhqh9_406p.m3u8
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		3 KB
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_406p.m3u8
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fb72064dffa002b8e0adcb9b112dc9656ca47656f06413482a7b8bef8dddb7da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
NPX1WBD127ZP4Y31
x-amz-cf-pop
IAD55-P1
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
316
x-amz-id-2
U05vZC/IW+s2gI+TqxVmLUNk2aflPxq4msnA1e9WN6IfUsfdZITVVsZH+VVeWnsuEy4G+VXG4WA=
last-modified
Wed, 20 Nov 2019 20:51:55 GMT
server
AmazonS3
etag
W/"baa835f92b2348efb87b49c11af192aa"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30374758
access-control-allow-credentials
true
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
xNakswp10vKlvkOLVgar0gawXg43mkDaXaW21amItv1NY8XHdExV0w==
01dt59154vxfwzhqh9_180p.m3u8
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_180p.m3u8
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
23081cbab562fe3c36f10ac685125814aa6686d8d0a3595fa8ba34dbc0c4d659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
X7MF2BQJHCV50HH1
x-amz-cf-pop
ORD53-C2
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
312
x-amz-id-2
aBGvSbhrEvFkkZvqqwK5KZiWp+H0OMqVpbX6na6RkIfMiM/QFcHDsVXAYF55ibw9WF0tbzZCa9w=
last-modified
Wed, 20 Nov 2019 20:51:55 GMT
server
AmazonS3
etag
W/"82ca5c6649516d109acd1de3e16d805c"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30366419
access-control-allow-credentials
true
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
tLHOeR-I8n4CXjoaf_0R4zyCjze8ABd2HPXm2zpgxnkEog8seYoGgA==
01dt59154vxfwzhqh9_180p_00001.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_180p_00001.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
367612f2ee7d009ae2cd05064a9d0d31e5d2b1b9b7f7e23921702e67ef16bc22

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
range
bytes=0-2047

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
2K6SBXWWGWJ907V7
x-amz-cf-pop
IAD55-P1
Content-Range
bytes 0-2047/145324
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
Content-Length
2048
x-amz-id-2
e5uuJpo5UQQD8X2j0BO2tilfjdXBqCFBMaWTfzA0Lq8kfvb/kxUNLovEzGVdb4Z2T6++zQq9mtI=
last-modified
Wed, 20 Nov 2019 20:50:08 GMT
server
AmazonS3
etag
"0e70a57f38b1aaa4fd35dee1b22354f2"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30312079
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
GquTgttMTtYo1r3J7HruAVSAmID9-7KzjsMatcSFslsSdNhzzd2k_g==
01dt59154vxfwzhqh9_1080p_00001.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_1080p_00001.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bd59cc93a8dd24d21fffb61f81ad4cc861e210bae783e730b237e240a3fc2bcb

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
range
bytes=0-2047

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
TGGQNNNCPNR6CGHM
x-amz-cf-pop
ATL59-P3
Content-Range
bytes 0-2047/1492908
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
Content-Length
2048
x-amz-id-2
Pv4ztNWBWLeEM/8lSd/8Y02frGSxsz6II6NHCahdAOx4dy/Npg4RNiw39pqqdEuyu6GHysFVODM=
last-modified
Wed, 20 Nov 2019 20:50:09 GMT
server
AmazonS3
etag
"488b1b0b87d6b28b09633178111b78a8"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30490836
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
rtKp-NpHzJnYXqglT9MqiAMXuhxxNr1HMcSX2cvLPI6JmyYG-DqBhw==
01dt59154vxfwzhqh9_720p_00001.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_720p_00001.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5e876120f96cf07b0b60073d6545ac6c3919069d2e423184e92f08041f8e3632

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
range
bytes=0-2047

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
M6NW91EHX91JTPHS
x-amz-cf-pop
ORD56-P2
Content-Range
bytes 0-2047/883788
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
Content-Length
2048
x-amz-id-2
SvDjq5sd2RFPbdj7qLDJTe9xwWTO12wwKKk1/44vVQ4ol3DkYeIuyuinW3iNtGsNNhMDw5OZY6A=
last-modified
Wed, 20 Nov 2019 20:50:08 GMT
server
AmazonS3
etag
"40eec35323dd13a8e86b3fa2634337a7"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30641254
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
DljmBp_DsPZa5Is83Yk6F_gXCSun0g0QD0ZZdTpJRO-K40bLZwB6ew==
01dt59154vxfwzhqh9_406p_00001.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_406p_00001.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
adeaa76d6ec8c3f4c26c45a0524690b627505bded91f4aa690a7785713794441

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
range
bytes=0-2047

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
V080CQVW50FHE38Z
x-amz-cf-pop
MIA3-P3
Content-Range
bytes 0-2047/403072
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
Content-Length
2048
x-amz-id-2
EbNApAiOWe61IT3KmtgZlxN0zHynBawOzCrpqH0ijnkFrV0eABiorECcvENSkFV4/xYCHlzvaiM=
last-modified
Wed, 20 Nov 2019 20:50:08 GMT
server
AmazonS3
etag
"4f6618017d61ce50b0bb4424487dddda"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30470845
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
pZU3mMpcDwoEdwzaMeXL0-6fO7OFhuaXukQVmEROQf1wIfjD734Ilw==
01dt59154vxfwzhqh9_270p_00001.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_270p_00001.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f391355051bd667558ef6651c7596e28e4931ce6a034bf123a7f210b63a3c80c

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
range
bytes=0-2047

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
9EAXJRPEEFENT5FA
x-amz-cf-pop
IAD55-P1
Content-Range
bytes 0-2047/203228
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
Content-Length
2048
x-amz-id-2
79wCtulhmqJ7x/DX+J0dwCZ1ulGtgcgNGBsBXplxwAofXbJNvQYE5K5yQE3fq0BZ7CvM2Umqbaw=
last-modified
Wed, 20 Nov 2019 20:50:08 GMT
server
AmazonS3
etag
"8e53788c856ba7725b64b82d749323bd"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=31284312
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
b5hGRJYpA-X6ceD3ChNh3GyvahuYW3cNRqAImVKRIWjuNivWYZFqbQ==
01dt59154vxfwzhqh9_1080p_00001.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_1080p_00001.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
11b6e1f44f4b4f8623112f29aa83d100e49912dc8cb9671ab9b204ddf8283dfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:26 GMT
x-amz-request-id
TGGQNNNCPNR6CGHM
x-amz-cf-pop
ATL59-P3
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
1492908
x-amz-id-2
Pv4ztNWBWLeEM/8lSd/8Y02frGSxsz6II6NHCahdAOx4dy/Npg4RNiw39pqqdEuyu6GHysFVODM=
last-modified
Wed, 20 Nov 2019 20:50:09 GMT
server
AmazonS3
etag
"488b1b0b87d6b28b09633178111b78a8"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30490889
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
rtKp-NpHzJnYXqglT9MqiAMXuhxxNr1HMcSX2cvLPI6JmyYG-DqBhw==
01dt59154vxfwzhqh9_1080p_00002.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_1080p_00002.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b16d858ee5e10b20d274fb685d8bdf48ac05e8c7d77af0928153d70d2c24f270

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:27 GMT
x-amz-request-id
G3FWP5DVGHW7M4ZS
x-amz-cf-pop
ORD56-P4
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
1507008
x-amz-id-2
GY+2SSqRD9PrMipQDyvNvGJrmy5Yxauu+5vrlT7PXbEafqVoHOspKxSdNbZMZ1Tb1ze+qB8WHV4=
last-modified
Wed, 20 Nov 2019 20:50:10 GMT
server
AmazonS3
etag
"6d7844ef3fe995bc1cce883fdd766aa4"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30032168
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
y5eE4VL_rGp2J0A_7OBuXNCGHx023snmbae4JCrUkXO--oZquoQldQ==
/
bqstreamer.com/tr/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJkLkWdnURMzUO6YvtcJZUqeKUiNJJqMS3IF8PzYl7hj06Y%2FVNDbwDdELjyVTS3Arfr9qvjwkvza0sXWZH6G5aDvJx7sute7opO5wRHvwdQrCKpTGHwHw098c%2FBv9v3OaEjbYLOAzZjvwMxR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7bcf15947baf371b-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1583600391&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dp=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&ul=en-us&de=UTF-8&dt=Tweaks%20For%20Geeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&ec=MMVideo&ea=vplayer%20video%20first%20play&el=video%20current%20position%3D0sec%3Bvideo%20duration%20time%3D255.9sec%3Bvideo%20load%20time%3D512milliseconds%3Brestriction%3Dyes%3Bencryption%3Dno&ev=0&_u=aGDAAUABAAAAAGAAIC~&jid=&gjid=&cid=626960561.1682347043&tid=UA-23669758-34&_gid=2028449430.1682347043&gtm=45He34j0n81PL4PD49&cg1=MMPlus%20partner&cd7=MMPlus%20partner&cd33=www.tweaksforgeeks.com&cd35=516%3A290&cd38=video&cd54=Sports&cd55=MM%2B%20%7C%20CrateNetwork%20%7C%20Tweaksforgeeks%20%7C%20Podding%20&cd59=10%20sec&cd60=auto%20play&cd91=523&cd92=523&cd93=MinuteMedia&cd94=brian.s&cd23=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&cd25=yes&cd26=4.4.83&cd28=Sports&cd34=crate-network&cd39=crate-network&cd40=vplayer&cd41=01g16gxs1vdgqwj47t&cd42=01dt59154vxfwzhqh9&cd43=Pokemon%20Sword%20and%20Shield%20MIDNIGHT%20LAUNCH%20at%20Nintendo%20NY%20Store%20%7C%20DBLTAP%20On%20the%20Scene&cd44=yes&cd45=255&cd46=yes&cd47=100&cd48=no&cd50=01g16gya91ts7bq9tq&cd51=yes&cd52=dbltap%2Cflipboardtv%2Cmidnight%20launch%2Cnintendo%2Cnintendo%20switch%2Cpokemon%2Cpokemon%20shield%2Cpokemon%20sword%2Cpokemon%20sword%20and%20shield&cd53=0&cd95=none&cd100=0&cd102=time%20in%20process%3D4403%20milliseconds&cd104=&cd106=mmPlus%20GTM%20event%20to%20GA&cd107=Injection&cd108=MMPlus&cd110=4223.800048828125&cd113=none&cd114=none&cd119=none&cd126=none&z=1083163446
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 23:39:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53898
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
px_new.php
stats.systems/spx/ 		42 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.systems/spx/px_new.php?cname=am&sub_id=am_244025.971700&rprm=%7B%7D&rprId=HC-XXsju&pid=4&tdata=%5B%22https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F%22%2C%22%22%2C%22%22%5D&securities=%7B%22s1%22%3Afalse%2C%22s2%22%3Afalse%2C%22s3%22%3Afalse%7D&cr=4402
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.36
Resource Hash
d16537f8743d8f95565136d9389f9b1d4410ac94eabc52fd1deca14ec02303aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.36
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Xc%2FeftgAz5bBropamj0MLvCDhOpu%2F0pJUIfJTgJelvkNQrlaPirIaTjbMJV9QEa4JVUCH%2Bg7LDqrrm%2FtlV%2FNXTQjxzT70l9B4y9avOoiAwQyOaGlrLkL1nUlirlLlegXC8%2FXDt6iyeSNzi4"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
p3p
CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"
cache-control
must-revalidate
cf-ray
7bcf15949dffbb5f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 11 Nov 1998 11:11:11 GMT
p
sb.scorecardresearch.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1682347044315&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=255999&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01dt59154vxfwzhqh9&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1682347047114&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2799&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=Sports&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&c8=Tweaks%20For%20Geeks&c9=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-29.ams1.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
cLmXQbFf2HfKUKFdfZSJtkrINw_tCu3yKb_qYZBPnBxGwMt0BWDFdw==
/
ssc-cms.33across.com/ps/ Frame 9E3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=btze1Sza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP007 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
server
33XP007
x-33x-status
2000208
/
csync.smilewanted.com/ Frame E706 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf1594e9639010-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1058 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36351
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
expires
Tue, 25 Apr 2023 00:43:18 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 6E27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d5jv24zaar7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
server
33XP003
x-33x-status
2000208
sync.html
s.adtelligent.com/ Frame A1AE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5161:0:225:90ff:fefb:20e3 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.tweaksforgeeks.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Apr 2023 14:37:26 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ssc-cms.33across.com/ps/ Frame F664 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bpjP6uza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
server
33XP004
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame 1B7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame B506 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=byadUMza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
server
33XP005
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame CA8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682347043702
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 8EA1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
117031845187301914bdaed6894ebd7f07b50f7fefe9a7c84e865c6c79888bb0

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
expires
Mon, 24 Apr 2023 14:37:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
/
ssc-cms.33across.com/ps/ Frame 7E20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=andN_Kzaer7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
server
33XP006
x-33x-status
2000208
sspmatch-iframe
ads.betweendigital.com/ Frame 15D6 		603 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
8702a7ad2ab9e00193e1239412ca1e4a84d3de43b87ddf5cf0beaa85e57cca0d

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
603
content-type
text/html
cookie
cm.adform.net/ Frame CF99 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 24 Apr 2023 14:37:27 GMT
server
nginx
/
ssc-cms.33across.com/ps/ Frame 8E54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bHj7xyza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
server
33XP020
x-33x-status
2000208
/
spl.zeotap.com/ Frame 713E 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a7043786b1ce300700c6f0ca5ce932943ff8d7d5035a734bcb6173dea6f9efe

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.tweaksforgeeks.com
cf-cache-status
DYNAMIC
cf-ray
7bcf1594fd7c3627-FRA
content-encoding
br
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Origin
via
1.1 google
usync.html
u.4dex.io/ Frame A425 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Mon, 24 Apr 2023 14:37:27 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
d
ic.tynt.com/r/ Frame 8601 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Mon, 24 Apr 2023 14:37:27 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame D088
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=9201185162672373872
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=9201185162672373872
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:27 GMT
Etag
4f753283e2ab2931
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
9918b7c6-9638-4202-b0d9-d65de154bcf8
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 24 Apr 2023 14:37:27 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=9201185162672373872
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
ssc-cms.33across.com/ps/ Frame 2494 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aiQovMzaer7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
server
33XP001
x-33x-status
2000208
csync
sync.adtelligent.com/ Frame 3FF0 		43 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743295&extuid=${UID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.tweaksforgeeks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:27 GMT
Etag
4f753283e2ab2931
Server
Adtelligent
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9201185162672373872
86 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9201185162672373872
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
18.159.74.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-74-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7d01177c-4d9d-429c-bf7a-f33a9a846226
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=9201185162672373872
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_660be387-1d12-426a-ac86-988765f1764b&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_660be387-1d12-426a-ac86-988765f1764b&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
18.185.164.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-164-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_660be387-1d12-426a-ac86-988765f1764b&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 24 Apr 2023 14:37:27 GMT
server
nginx/1.18.0 (Ubuntu)
content-disposition
inline
content-length
45
content-type
image/gif
prebid
b1h.zemanta.com/usersync/ 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h.zemanta.com/usersync/prebid
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.223 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
Content-Length
26
Content-Type
image/gif
cookie
cm.adform.net/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
server
nginx
content-length
43
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:26 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A&gdpr=0
86 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A&gdpr=0
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
18.159.74.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-74-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A&gdpr=0
date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 15D6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D24c23ae2-9a13-4803-9b26-34a4cf49283...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=65516446-9427-4d00-905e-b764c1cb921d&expires=30&ssp=between&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=80&user_id=65516446-9427-4d00-905e-b764c1cb921d&expires=30&ssp=between&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
18.185.164.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-164-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
MT3 830 785530e master cdg-pixel-x26 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://x.bidswitch.net/sync?dsp_id=80&user_id=65516446-9427-4d00-905e-b764c1cb921d&expires=30&ssp=between&bsw_param=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 24 Apr 2023 14:37:26 GMT
match
ads.betweendigital.com/ Frame 15D6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1DdUJ6bWk1RTJ1Rl8yaVhoeGhfOHVJMnR4YnlzUlRqRVREQnNtWkUtfkE%3D&gdpr=0
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1DdUJ6bWk1RTJ1Rl8yaVhoeGhfOHVJMnR4YnlzUlRqRVREQnNtWkUtfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1DdUJ6bWk1RTJ1Rl8yaVhoeGhfOHVJMnR4YnlzUlRqRVREQnNtWkUtfkE%3D&gdpr=0
date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
btw
sync.dmp.otm-r.com/match/ Frame 15D6 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=5d9fd3e2-face-5272-b638-55ffd27ec1dc
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.85.202.116.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 14:37:27 GMT
server
nginx/1.17.10
match
ads.betweendigital.com/ Frame 15D6
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L84oQOsTO7x.AikABlGHs7K7Lg
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L84oQOsTO7x.AikABlGHs7K7Lg
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
server
nginx
x-backend-id
f22-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L84oQOsTO7x.AikABlGHs7K7Lg
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 713E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=eded6025-4c7a-414d-97e6-007139cd314a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=eded6025-4c7a-414d-97e6-007139cd314a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf159769883627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=eded6025-4c7a-414d-97e6-007139cd314a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 713E 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 713E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 713E 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1682347047.380719,VS0,VE8
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn-etou8220042-HHN
u
dmp.v.fwmrm.net/ad/ Frame 713E 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 713E 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ecb6a41-effe-410b-79c7-7d3eb4ebddc9%26reqId%3Db6f0deb7-4b19-4dfe-7b39-68f891597ce5%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 24 Apr 2023 14:37:26 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=8e8b119e-1c84-4c33-b5ae-c2f71bfd114c&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8e8b119e-1c84-4c33-b5ae-c2f71bfd114c&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15985add3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=8e8b119e-1c84-4c33-b5ae-c2f71bfd114c&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=21161270249839823283296305279210715832&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=21161270249839823283296305279210715832&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15986ae53627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v047-01e327de8.edge-irl1.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
qW0KNRXoSB0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=21161270249839823283296305279210715832&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 713E 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023042416-92128-0.454005001682347047-14e0ba4a8f9a5b46b5cc63c81d0b2f3c&zdid=533&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023042416-92128-0.454005001682347047-14e0ba4a8f9a5b46b5cc63c81d0b2f3c&zdid=533&env=mWeb
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf159769893627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023042416-92128-0.454005001682347047-14e0ba4a8f9a5b46b5cc63c81d0b2f3c&zdid=533&env=mWeb
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7225625547400673428&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7225625547400673428&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf159769843627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7225625547400673428&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 713E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=loDGlzgMKDLnTj/ksvwqPO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4d...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=loDGlzgMKDLnTj/ksvwqPO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15984acd3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:26 GMT
via
1.1 google
last-modified
Mon, 24 Apr 2023 14:37:27 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=loDGlzgMKDLnTj/ksvwqPO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 713E 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15961f2e3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
cache-control
no-cache
x-server
10.45.17.24
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-gknGV3dE2oqlLwulMGMZput5GvU3.cBoDQ--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-gknGV3dE2oqlLwulMGMZput5GvU3.cBoDQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf1598dba23627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-gknGV3dE2oqlLwulMGMZput5GvU3.cBoDQ--~A&zpartnerid=570&env=mWeb
date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=i1wNE6XmLfcj584laWhOc%2BF4fMv5AIkD%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=i1wNE6XmLfcj584laWhOc%2BF4fMv5AIkD%2BS41iYitP1U%3D
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15984acb3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=i1wNE6XmLfcj584laWhOc%2BF4fMv5AIkD%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 713E 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 713E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.222.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-222-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1682347047
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 713E 		95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/png
date
Mon, 24 Apr 2023 14:37:27 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZEaUJwAFLn7MEABa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZEaUJwAFLn7MEABa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&_test=ZEaUJwAFLn7MEABa
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf1599bcf33627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-hhn-etou8220068-HHN
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682347048.934699,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZEaUJwAFLn7MEABa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&_test=ZEaUJwAFLn7MEABa
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=65516446-9427-4d00-905e-b764c1cb921d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=65516446-9427-4d00-905e-b764c1cb921d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15992c1d3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
MT3 830 785530e master cdg-pixel-x16 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=65516446-9427-4d00-905e-b764c1cb921d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 24 Apr 2023 14:37:26 GMT
usermatch.gif
beacon.krxd.net/ Frame 713E
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f89159...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
18.200.222.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-222-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Mon, 24 Apr 2023 14:37:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1682347048
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
date
Mon, 24 Apr 2023 14:37:28 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 713E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&dcc=t
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EQBQMQ7DKEBN5PE36MSH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K79PMQ625SEBD6PWG6SM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 713E 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ec...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&puid=893a...
95 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&puid=893ab8e0-e2ad-11ed-821a-9b29867dbf7b
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf1598ebcd3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&puid=893ab8e0-e2ad-11ed-821a-9b29867dbf7b
date
Mon, 24 Apr 2023 14:37:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 713E 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 713E
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=24c23ae2-9a13-4803-9b26-34a4cf492831&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-eff...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=24c23ae2-9a13-4803-9b26-34a4cf492831&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15960f0f3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=24c23ae2-9a13-4803-9b26-34a4cf492831&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 713E 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf1598dba13627-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 713E 		557 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6bd0a90cf436f45ee35749d99c95a9593154137e4e78c15d93bade4e6f7de62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf1595ded33627-FRA
access-control-allow-headers
*
bidder_18.html
cache.betweendigital.com/code/ Frame A804 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=5d9fd3e2-face-5272-b638-55ffd27ec1dc&CACHEBUSTER=48703
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
310
x-cdn-request-id
56fc4f11f90227c8a612f0d9682f2b6d
PugMaster
image6.pubmatic.com/AdServer/ Frame 1058 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17237786&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:26 GMT
content-length
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame E706 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
198811
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bcf1595ea909010-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 8EA1 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7c625d803254ea82
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:26 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame 8EA1
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D7c625d803254ea82%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7c625d803254ea82&uid=8e3e47a7-bea5-4a2f-9f3f-0ca2e397178c
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7c625d803254ea82&uid=8e3e47a7-bea5-4a2f-9f3f-0ca2e397178c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Mon, 24 Apr 2023 14:37:27 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7c625d803254ea82&uid=8e3e47a7-bea5-4a2f-9f3f-0ca2e397178c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
prebid
rtb.openx.net/sync/ Frame 8EA1 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7c625d803254ea82%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8stj14egejbei9qc2d6pk3s12h5pm94c
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 8EA1 		676 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 22 Apr 2028 14:37:27 GMT
um
u-ams03.e-planning.net/ Frame 8EA1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7c625d803254ea82%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7c625d803254ea82&uid=9201185162672373872
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7c625d803254ea82&uid=9201185162672373872
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Mon, 24 Apr 2023 14:37:27 GMT
content-type
image/gif

Redirect headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5c4b828c-ad10-4b76-8b14-cee476c7e9b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7c625d803254ea82&uid=9201185162672373872
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 8EA1
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7c625d803254ea82%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7c625d803254ea82&uid=ua-3e575d16-9214-3d17-b957-2d26a85f30b8
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7c625d803254ea82&uid=ua-3e575d16-9214-3d17-b957-2d26a85f30b8
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Mon, 24 Apr 2023 14:37:27 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7c625d803254ea82&uid=ua-3e575d16-9214-3d17-b957-2d26a85f30b8
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-store
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame 9BC1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Apr 2023 14:37:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 24 Apr 2023 14:37:27 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame B258 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
2879552ece1522901c919a36ddc8c3738d021c8f48ec5aba0ece24eb5c289071

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1788
Content-Type
text/html
Date
Mon, 24 Apr 2023 14:37:27 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 4275 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
etag
W/"61ddbb71-5f5"
expires
Thu, 02 Mar 2028 17:17:56 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
c5a36c470b42bebfed1e477b1531e3dd
x-cf-tsc
1677950277
x-cf1
29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 792D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A3F9 		760 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627e89918f4d078736ac8c90b6b784c22e6621ecf537bbc49faa361e66595b18

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bcf15960f093627-FRA
content-encoding
br
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Origin
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A88 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36351
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 24 Apr 2023 14:37:27 GMT
expires
Tue, 25 Apr 2023 00:43:18 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4DAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel.rubiconproject.com/exchange/ Frame A1AE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csync
sync.adtelligent.com/ Frame A1AE 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Adtelligent
Etag
689b294d1b592aca
Content-Length
43
Content-Type
image/gif
01dt59154vxfwzhqh9_1080p_00003.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_1080p_00003.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7d4f0206a033696f33c4fcde3e9a325c78a48d9162713801e9e1af8a0c745c0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:27 GMT
x-amz-request-id
96FRPQPTN8Z4RZE5
x-amz-cf-pop
ATL52-C1
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
1326152
x-amz-id-2
e0LEfBablB7XVQj0hpnz6syjizKT/b4iCSd+Uif8M1Bu0smB+HsoNRVJ6PWPOpoFFS+z/ul3C30=
last-modified
Wed, 20 Nov 2019 20:50:12 GMT
server
AmazonS3
etag
"8d26868d44f7934631a76272ccafd692"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=29775996
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
7ZSmPEtSbFAv-1ZjfQbqrUrq0ssUFL9TGIQJkMkkOxYYUcicERfK_A==
cmp
spl.zeotap.com/ Frame 713E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7bcf15961f243627-FRA
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Origin
via
1.1 google
mw
mwzeom.zeotap.com/ Frame A3F9
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ec...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf15989b4f3627-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
date
Mon, 24 Apr 2023 14:37:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame A3F9 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf159769823627-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame A3F9 		557 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032324be2708e5d0da5583426b9196f6c836852e55612b5cd1db5d4594acb232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bcf159789ac3627-FRA
access-control-allow-headers
*
drop_cookie_sw.php
csync.smilewanted.com/ Frame E53C 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf15978cd49010-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 5D6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 24 Apr 2023 14:37:27 GMT
X-Sovrn-Pod
ad_ap2ams1
casale
match.adsrvr.org/track/cmf/ Frame B258 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B258
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZEaUI230OeyRDMc8xZV0eQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHo5WtB7W5q3HyiUsMgtftY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHo5WtB7W5q3HyiUsMgtftY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHo5WtB7W5q3HyiUsMgtftY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B258
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TQX5KCHZG5PYGKDS4XGW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AXXFYZ2ACZ4H7W43MZAG
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B258
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_XO_eJ7BWgs-00P44Mizw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_XO_eJ7BWgs-00P44Mizw&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEC_XO_eJ7BWgs-00P44Mizw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame B258
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7a669c3e-b7c0-de39-1a239959
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7a669c3e-b7c0-de39-1a239959
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7a669c3e-b7c0-de39-1a239959
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame B258
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9201185162672373872
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9201185162672373872
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
247504c9-3616-4caa-8425-64db9db857e6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9201185162672373872
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B258
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059250712242642139&expiration=1683556647
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059250712242642139&expiration=1683556647
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059250712242642139&expiration=1683556647
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame B258
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85628a05-19f2-47c3-94f6-d6b83364fc3f
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85628a05-19f2-47c3-94f6-d6b83364fc3f
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=85628a05-19f2-47c3-94f6-d6b83364fc3f
date
Mon, 24 Apr 2023 14:37:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
um
u-ams03.e-planning.net/ Frame B258 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=7c625d803254ea82&uid=ZEaUI230OeyRDMc8xZV0eQAA%265225
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7c625d803254ea82%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Mon, 24 Apr 2023 14:37:27 GMT
content-type
image/gif
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2BE5
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Mon, 24 Apr 2023 14:37:27 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:27 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
cmp
spl.zeotap.com/ Frame A3F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=851c29e5-6e01-420d-6631-fb4e81572f22&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7bcf15980a603627-FRA
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Origin
via
1.1 google
sync
eb2.3lift.com/ Frame ED45 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 24 Apr 2023 14:37:27 GMT
csync
sync.adtelligent.com/ Frame A884 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFAcFVIoMyH1yOhK
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:27 GMT
Etag
4f753283e2ab2931
Server
Adtelligent
match
ads.betweendigital.com/ Frame A804
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=81ebe22c-221d-4b6b-a625-891830b09c7f&ssp=between
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=24c23ae2-9a13-4803-9b26-34a4cf492831
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=24c23ae2-9a13-4803-9b26-34a4cf492831
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=24c23ae2-9a13-4803-9b26-34a4cf492831
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
RX-50a132a9-e901-4d92-8637-787b4a159dfe-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 665E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1682347047793
  • https://ad.turn.com/r/cs?pid=45&rndcb=142827238
  • https://sync.1rx.io/usersync/turn/4120244204822914046?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-50a132a9-e901-4d92-8637-787...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003
0
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf159a98e89010-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Mon, 24 Apr 2023 14:37:28 GMT
etag
RX50a132a9e9014d928637787b4a159dfe003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-50a132a9-e901-4d92-8637-787b4a159dfe-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
5d9fd3e2-face-5272-b638-55ffd27ec1dc
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D46D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/5d9fd3e2-face-5272-b638-55ffd27ec1dc
0
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/5d9fd3e2-face-5272-b638-55ffd27ec1dc
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf15988e2c9010-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/5d9fd3e2-face-5272-b638-55ffd27ec1dc
usync.js
eus.rubiconproject.com/ Frame 9BC1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
635d88f6f923c5ebdd61ae64698d6ce0f54a750f2de2b5b5726aa05b4997c406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Apr 2023 04:06:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48546
Connection
keep-alive
Content-Length
10019
Expires
Tue, 25 Apr 2023 04:06:33 GMT
smwt256.gif
us.ck-ie.com/ Frame C8B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 24 Apr 2023 14:37:28 GMT
Server
nginx
khaos.jpg
token.rubiconproject.com/ Frame 9BC1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
b089a1d8e57959b810e57250c1d4e26d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 7B33
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/b089a1d8e57959b810e57250c1d4e26d?gdpr_consent=&gdpr=0
0
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b089a1d8e57959b810e57250c1d4e26d?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf159b19b89010-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 24 Apr 2023 14:37:28 GMT
Expires
Mon, 24 Apr 2023 14:37:28 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/b089a1d8e57959b810e57250c1d4e26d?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1682347048081071-379
v1
match.sharethrough.com/universal/ Frame 24C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.43.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-43-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 24 Apr 2023 14:37:27 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9BC1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
smw888.gif
us.ck-ie.com/ Frame C573 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 24 Apr 2023 14:37:28 GMT
Server
nginx
Q0J8lBoYFd9e9KqVx0r6
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame A2A0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q0J8lBoYFd9e9KqVx0r6?pi=smilewanted&tc=1
0
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q0J8lBoYFd9e9KqVx0r6?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf159ac9459010-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 24 Apr 2023 14:37:28 GMT Mon, 24 Apr 2023 14:37:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q0J8lBoYFd9e9KqVx0r6?pi=smilewanted&tc=1
pragma
no-cache
896a3aca-e2ad-11ed-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame A804
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARioqJqiBqIBEIlqOsrirRHthuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=896a3aca-e2ad-11ed-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=896a3aca-e2ad-11ed-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=8R4ti1REQOFVEM6jRQvy5A&
  • https://an.yandex.ru/mapuid/adsniperis/896a3aca-e2ad-11ed-86e0-002590c0647c
  • https://an.yandex.ru/mapuid/adsniperis/896a3aca-e2ad-11ed-86e0-002590c0647c?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/896a3aca-e2ad-11ed-86e0-002590c0647c?redir-setuniq=1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 24 Apr 2023 14:37:28 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 14:37:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 24 Apr 2023 14:37:28 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/896a3aca-e2ad-11ed-86e0-002590c0647c?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 24 Apr 2023 14:37:28 GMT
pixel
cm.g.doubleclick.net/ Frame 9BC1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 9BC1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9BC1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=upbqao3tROmYbn9dyRPexw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=upbqao3tROmYbn9dyRPexw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=upbqao3tROmYbn9dyRPexw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
658XM4ZRH3EPXYQY74ZC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=upbqao3tROmYbn9dyRPexw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9BC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfwoiNEnQKusZCVfw_VuyQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfwoiNEnQKusZCVfw_VuyQ&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELfwoiNEnQKusZCVfw_VuyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rp
match.prod.bidr.io/cookie-sync/ Frame 9BC1 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.164.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-164-179.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
9.gif
id5-sync.com/i/175/ Frame 9BC1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/175/9.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 24 Apr 2023 14:37:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
getuid
sync.smartadserver.com/ Frame 9BC1
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:27 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
token
token.rubiconproject.com/ Frame 9BC1
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D
  • https://token.rubiconproject.com/token?pid=35912&puid=65516446-9427-4d00-905e-b764c1cb921d
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=35912&puid=65516446-9427-4d00-905e-b764c1cb921d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Mon, 24 Apr 2023 14:37:28 GMT
Server
MT3 830 785530e master cdg-pixel-x26 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://token.rubiconproject.com/token?pid=35912&puid=65516446-9427-4d00-905e-b764c1cb921d
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 24 Apr 2023 14:37:27 GMT
setuid
ib.adnxs.com/prebid/ Frame 9DC7
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb73c4788c0518018d12675dcebf04da
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb73c4788c0518018d12675dcebf04da
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
965a5a5d-6ac5-43b2-b02d-5c112cc91949
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:28 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bcf159a488d9010-FRA
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:28 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=cb73c4788c0518018d12675dcebf04da
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PEGZJDQ1BR&gtm=45je34j0&_p=1583600391&cid=626960561.1682347043&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dr=&sid=1682347043&sct=1&seg=0&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dt=Tweaks%20For%20Geeks&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-PEGZJDQ1BR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tweaksforgeeks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1885
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=5d9fd3e2-face-5272-b638-55ffd27ec1dc&CACHEBUSTER=48703
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Apr 2023 14:37:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 24 Apr 2023 14:37:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 1885 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
635d88f6f923c5ebdd61ae64698d6ce0f54a750f2de2b5b5726aa05b4997c406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 24 Apr 2023 14:37:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Apr 2023 04:06:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48545
Connection
keep-alive
Content-Length
10019
Expires
Tue, 25 Apr 2023 04:06:33 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1885 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
48703
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame A804
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/48703
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/48703
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/48703
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-4.0.4/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:29 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/48703
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=cbe8539e-cce7-5694-b4eb-2110c1f22b89&tv=%7Bc:aIiiJe,time:6413,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6413,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:372,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B6053~0%5D,as:%5B6053~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:485,fm:tCm8K3d+1*.931034%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:0,renddet:na,siq:374,sis:529%7D&br=c
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:ea73:294d:a09b:a42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:29 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
01dt59154vxfwzhqh9_1080p_00004.ts
vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/ 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01dt59154vxfwzhqh9/m3u8/01dt59154vxfwzhqh9_1080p_00004.ts
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eee0572f147a72ad2f10ac9c5382778905865c798174647c23591f9d3f94b46a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 24 Apr 2023 14:37:29 GMT
x-amz-request-id
DDQ0GDD40J11ZT7F
x-amz-cf-pop
EWR53-P1
x-amz-replication-status
COMPLETED
akamai-mon-iucid-del
854168
content-length
1340440
x-amz-id-2
fwR0GTB/SYsxwvF7DrL+PAf1mVFN/oceqIYmVeaTuE8rndgTgZhXXcZojNYknWnxu4EAb4f67/4=
last-modified
Wed, 20 Nov 2019 20:50:14 GMT
server
AmazonS3
etag
"353e752c2ce490a78ac4d84cc70fc9da"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control
max-age=30239404
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
IG8x5xwKhXdfuGWwOPwoQHqYHUmWu3In_W21nFE81qKynXDMivNhYw==
bidswitch.gif
sync.admanmedia.com/ Frame A804
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=5d9fd3e2-face-5272-b638-55ffd27ec1dc&expires=60
  • https://sync.admanmedia.com/bidswitch.gif?puid=24c23ae2-9a13-4803-9b26-34a4cf492831&redir=[RED]
42 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/bidswitch.gif?puid=24c23ae2-9a13-4803-9b26-34a4cf492831&redir=[RED]
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
HTTP/1.1
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Apr 2023 14:37:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0

Redirect headers

location
//sync.admanmedia.com/bidswitch.gif?puid=24c23ae2-9a13-4803-9b26-34a4cf492831&redir=[RED]
date
Mon, 24 Apr 2023 14:37:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 4D92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=5d9fd3e2-face-5272-b638-55ffd27ec1dc&CACHEBUSTER=48703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tweaksforgeeks.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 65E7 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Ftweaksforgeeks.com_3.1&description_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2773285796817754&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpv=1.11.0&sdki=445&ptt=20&adk=3052639567&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tweaksforgeeks.com%2F66c813e7-dec1-4297-a137-256101a86915&sid=9AE3CD0E-B12A-4548-9DC8-013F551E8A3E&nel=0&eid=44729309%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dlt=1682347040896&idt=3752&dt=1682347050261&cookie_enabled=1&scor=952001711707248&ged=ve4_td9_tt5_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts5_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bqstreamer.com/tr/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g16gxs1vdgqwj47t.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tweaksforgeeks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxpL6lwAxDRvH7Jp6n%2Fu%2Fiu%2FetCHl7Opgp1EKvB%2FzlJGR6wOdECbu3WAIuH%2BzvhAk6tuJCu5ljj0T3Da%2FWn%2FFDdQE9kvpzMv1TyIk8WAtzudeNKG%2BUC2CiN%2BZ9IkmBHxO9HF%2BQsbUtCL%2FiIc"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7bcf15a89c83371b-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1583600391&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dp=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&ul=en-us&de=UTF-8&dt=Tweaks%20For%20Geeks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&ec=MMVideo&ea=vplayer%20video%203%20seconds%20complete&el=video%20current%20position%3D3sec&ev=0&_u=aGDAAUABAAAAAGAAIC~&jid=&gjid=&cid=626960561.1682347043&tid=UA-23669758-34&_gid=2028449430.1682347043&gtm=45He34j0n81PL4PD49&cg1=MMPlus%20partner&cd7=MMPlus%20partner&cd33=www.tweaksforgeeks.com&cd35=516%3A290&cd38=video&cd54=Sports&cd55=MM%2B%20%7C%20CrateNetwork%20%7C%20Tweaksforgeeks%20%7C%20Podding%20&cd59=10%20sec&cd60=auto%20play&cd91=679&cd92=679&cd93=MinuteMedia&cd94=brian.s&cd23=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2FTweaksforgeeks%2FVideo&cd25=yes&cd26=4.4.83&cd28=Sports&cd34=crate-network&cd39=crate-network&cd40=vplayer&cd41=01g16gxs1vdgqwj47t&cd42=01dt59154vxfwzhqh9&cd43=Pokemon%20Sword%20and%20Shield%20MIDNIGHT%20LAUNCH%20at%20Nintendo%20NY%20Store%20%7C%20DBLTAP%20On%20the%20Scene&cd44=yes&cd45=255&cd46=yes&cd47=100&cd48=no&cd50=01g16gya91ts7bq9tq&cd51=yes&cd52=dbltap%2Cflipboardtv%2Cmidnight%20launch%2Cnintendo%2Cnintendo%20switch%2Cpokemon%2Cpokemon%20shield%2Cpokemon%20sword%2Cpokemon%20sword%20and%20shield&cd53=0&cd95=none&cd100=0&cd102=time%20in%20process%3D7633%20milliseconds&cd104=&cd106=mmPlus%20GTM%20event%20to%20GA&cd107=Injection&cd108=MMPlus&cd110=4223.800048828125&cd113=none&cd114=none&cd119=none&cd126=none&z=1507017265
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Apr 2023 23:39:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 65E7 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Ftweaksforgeeks.com_2.1&description_url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2773285796817754&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpv=1.11.0&sdki=445&ptt=20&adk=3052639567&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tweaksforgeeks.com%2F66c813e7-dec1-4297-a137-256101a86915&sid=9AE3CD0E-B12A-4548-9DC8-013F551E8A3E&nel=0&eid=44729309%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F&dlt=1682347040896&idt=3752&dt=1682347050476&cookie_enabled=1&scor=952001711707248&ged=ve4_td9_tt5_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2A88 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6765361&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
cf16ec6f6a8c8068627d8d67a001cf5cb952f8b00838a23445d07bcc923eab42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 14:37:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame C726
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:65516446-9427-4d00-905e-b764c1cb921d&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:65516446-9427-4d00-905e-b764c1cb921d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:30 GMT
Expires
Mon, 24 Apr 2023 14:37:29 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master cdg-pixel-x35 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:65516446-9427-4d00-905e-b764c1cb921d&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 9190
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508655812509207793
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508655812509207793
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508655812509207793
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 36C4 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 49A9
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326093780833
42 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326093780833
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 24 Apr 2023 14:37:30 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326093780833
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
image2.pubmatic.com/AdServer/ Frame 20EE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t-_Ks7jvzLas4pzm4uLTsODtmLes7cux5ePFn-83
42 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t-_Ks7jvzLas4pzm4uLTsODtmLes7cux5ePFn-83
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 24 Apr 2023 14:37:30 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t-_Ks7jvzLas4pzm4uLTsODtmLes7cux5ePFn-83
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 39E8 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9FC097FF-5361-46CA-AD47-4426303570C6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z0X30WDYAW6JQ7J6XSE8
Pug
simage2.pubmatic.com/AdServer/ Frame A9D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9201185162672373872&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9201185162672373872&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
b34df36b-37da-4c70-b0a4-ea7cdbcd59ea
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 24 Apr 2023 14:37:30 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9201185162672373872&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F81C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7225625547400673428&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7225625547400673428&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 24 Apr 2023 14:37:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7225625547400673428&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 63B2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 24 Apr 2023 14:37:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VIN3NTqiXqNEj2Obly118Nly2hc&gdpr=0&gdpr_consent=
rtset
bh.contextweb.com/bh/ Frame 43C0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDdGtrN0lqU2dBQUNGMmNTNElvZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACtkk7IjSgAACF2cS4Iog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8642267768220290310&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACtkk7IjSgAACF2cS4Iog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8642267768220290310%26gdpr%3D0%26gdpr_consen...
0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame DB17 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220068-HHN
x-timer
S1682347051.671835,VS0,VE178
cm
ipac.ctnsnet.com/int/ Frame 17F2 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 24 Apr 2023 14:37:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame D14D 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:30 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-be9bb33f82b3@version_1.550v2
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 87B3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7bcf15ad3c8a9134-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7bcf15ab08eb9134-FRA
content-type
text/html
date
Mon, 24 Apr 2023 14:37:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
268
Pug
simage2.pubmatic.com/AdServer/ Frame 51D1
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 24 Apr 2023 14:37:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
bridge
cm.adgrx.com/ Frame AEED 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 24 Apr 2023 14:37:30 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
Pug
simage2.pubmatic.com/AdServer/ Frame E5DB
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=iG_i7QKtM&gdpr=0&gdpr_consent=
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=iG_i7QKtM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=iG_i7QKtM&gdpr=0&gdpr_consent=
vary
Origin
via
1.1 google
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 9A98 		0
0
csync
sync.adtelligent.com/ Frame BC73 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=9FC097FF-5361-46CA-AD47-4426303570C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 24 Apr 2023 14:37:30 GMT
Etag
4f753283e2ab2931
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n8CX_1NhRsqtR0QmMDVwxg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=36348
accept-ranges
bytes
content-length
5554
expires
Tue, 25 Apr 2023 00:43:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 2A88 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9FC097FF-5361-46CA-AD47-4426303570C6&gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.20.4 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.70
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 2A88
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9FC097FF-5361-46CA-AD47-4426303570C6
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9FC097FF-5361-46CA-AD47-4426303570C6
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:29 GMT
via
1.1 google
last-modified
Mon, 24 Apr 2023 14:37:30 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9FC097FF-5361-46CA-AD47-4426303570C6
date
Mon, 24 Apr 2023 14:37:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ddp
a.audrte.com/ Frame 2A88
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9FC097FF-5361-46CA-AD47-4426303570C6
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmxmYlpnM1dlMXBSUEs1ZFlEa1pGSDhXZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3wzWK7oSD0hLame3OLhU&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3wzWK7oSD0hLame3OLhU&google_cver=1
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELE3wzWK7oSD0hLame3OLhU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2A88 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 23 Apr 2023 14:37:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8059250712242642139
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8059250712242642139
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8059250712242642139
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2A88 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9FC097FF-5361-46CA-AD47-4426303570C6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m21qsVRE2uUxDYEUdCTseUS7qvLVZzs-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m21qsVRE2uUxDYEUdCTseUS7qvLVZzs-~A&gdpr=0
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m21qsVRE2uUxDYEUdCTseUS7qvLVZzs-~A&gdpr=0
date
Mon, 24 Apr 2023 14:37:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
9FC097FF-5361-46CA-AD47-4426303570C6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2A88 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9FC097FF-5361-46CA-AD47-4426303570C6?gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:114e:557c:38c4:1287 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 14:37:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727411533869&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=&gdpr_pd=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 14:37:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24c23ae2-9a13-4803-9b26-34a4cf492831&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2A88 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2A88 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9FC097FF-5361-46CA-AD47-4426303570C6&gdpr=0&gdpr_consent=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4120244204822914046&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4120244204822914046&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4120244204822914046&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9201185162672373872
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9201185162672373872
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 24 Apr 2023 14:37:30 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
efffcf6b-cbca-4a74-a452-41a466510fec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=9201185162672373872
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A88
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bc08744-5f41-4db1-93e6-62c69189dbd4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bc08744-5f41-4db1-93e6-62c69189dbd4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.tweaksforgeeks.com
URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 24 Apr 2023 14:37:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bc08744-5f41-4db1-93e6-62c69189dbd4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 24 Apr 2023 14:37:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
1633256573_huy-test4.ts
cdn.globalsun.io/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io/1633256573_huy-test4.ts
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.22
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tweaksforgeeks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 24 Apr 2023 14:37:30 GMT
x-cache
HIT
x-77-cache
HIT
x-age
940710
x-accel-date
1681406340
content-length
2288712
x-77-nzt
AcO1rgUN99f/ploOAA
x-accel-expires
@1682443140
last-modified
Sun, 03 Oct 2021 10:22:54 GMT
server
CDN77-Turbo
etag
"22ec48-5cd702deb9b80"
x-77-nzt-ray
25b02131f0b662032a944664dc0ce535
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.tweaksforgeeks.com
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACtkk7IjSgAACF2cS4Iog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8642267768220290310%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
a.audrte.com
URL
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery object| async object| tps object| tpsObjects object| tpsInstance object| global_utm_tags object| macros object| rpsa string| isdev function| __IntegralASDiagnosticCall object| __IntegralASConfig function| mainScriptAppender object| __IASScope boolean| isDomless object| __IASOmidVerificationClient function| gtag object| dataLayer function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| ab_test_iiq number| random_cent_iiq undefined| s undefined| x number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText number| nugg_iiq string| pubstack_ab function| whatToLoad object| sublime string| sh object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 object| $$mm-analytics function| fireReps number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS function| refreshVisibility26328 function| Adcall_26328 function| refreshVisibility26711 function| Adcall_26711 function| MobileDetect object| md function| refreshVisibility26300 function| Adcall_26300 function| refreshVisibility26323 function| Adcall_26323 function| refreshVisibility26706 function| Adcall_26706 function| verbose function| _typeof function| _defineProperty object| $$mm-pubsubbroker object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 object| pubstack_publica number| bidder_geo boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| intervalCounterNumberGPP2 number| sas_renderMode object| __IntegralASExec function| mapperjs object| __core-js_shared__ object| google_tag_manager object| google_tag_data function| quantserve function| __qc object| ezt object| _qoptions string| GoogleAnalyticsObject function| ga object| libJsLeadPlace number| $iceId function| uk_videoPlayer boolean| ucp_init object| webpackChunkmplayer object| regeneratorRuntime function| monti object| voltax object| monetizationEventsReporter boolean| tmcredentials object| Criteo function| Waypoint object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp object| udm_ads_queue boolean| udm_confiant_init object| confiant boolean| udm_edge_init object| googletag object| apntag object| _ADAGIO function| onYouTubeIframeAPIReady object| NiceScroll function| retinajs function| lozad object| zoxWidgets function| a0_0x42e3 function| a0_0x5bdb object| muxjs object| wzMM object| udm_r3Chunk object| udm_r3 function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| bubble object| skins object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent undefined| bid undefined| vastUrl object| targetingParams string| Smart_SR_data object| ONFOCUS object| slowBidders object| adsArea26300 object| observers26300 function| refreshQueueManager26300 function| loopChecker26300 object| adsArea26322 object| observers26322 function| refreshQueueManager26322 function| loopChecker26322 object| adsArea26323 object| observers26323 function| refreshQueueManager26323 function| loopChecker26323 object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 object| adsArea26706 object| observers26706 function| refreshQueueManager26706 function| loopChecker26706 object| adsArea26711 object| observers26711 function| refreshQueueManager26711 function| loopChecker26711 undefined| Adcall_video object| udmDefinedBlockedCreativeIds object| ns_ object| vttjs function| WebVTT function| videojs object| closure_lm_153142 function| videojsIma function| videojsContribAds function| ILVideo object| closure_lm_933446 function| processGoogleToken object| googleToken object| googleIMState object| closure_lm_856465 object| el object| lastBidder26300 object| lastBidder26322 object| lastBidder26323 object| lastBidder26328 object| lastBidder26706 object| lastBidder26711 object| ukAdTitle object| ukAdDescription object| ukAdLink object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

109 Cookies

Domain/Path Name / Value
www.tweaksforgeeks.com/featured/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution Name: logglytrackingsession
Value: e7334464-0d0c-43d1-ad81-d74827b98cda
www.tweaksforgeeks.com/featured Name: PHPSESSID
Value: scnjjjt6cfbekhkci5tjle9614
www.tweaksforgeeks.com/ Name: HAPPIDS1
Value: s6|ZEaUJ|ZEaUI
www.tweaksforgeeks.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tweaksforgeeks.com/ Name: sharedid
Value: 68f75162-7985-412d-a8b6-a571a741e3c5
.infolinks.com/ Name: cuid
Value: aafa83ba-c81f-4f91-a907-81760394e32f
.zeotap.com/ Name: zc
Value: 4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
.udmserve.net/ Name: dt
Value: 73CFCC2E-D6B3-3BEC-85DF-EBC9B3E37420
.tweaksforgeeks.com/ Name: _gid
Value: GA1.2.2028449430.1682347043
.tweaksforgeeks.com/ Name: _gat_gtag_UA_42921757_24
Value: 1
.tweaksforgeeks.com/ Name: _gat_uk_contentplayer
Value: 1
.tweaksforgeeks.com/ Name: _dc_gtm_UA-23669758-34
Value: 1
.tweaksforgeeks.com/ Name: _gat_UA-23669758-34
Value: 1
pbjs.e-planning.net/ Name: CT
Value: 1
.quantserve.com/ Name: mc
Value: 64469423-9bcc9-5a6f2-654d8
.doubleclick.net/ Name: IDE
Value: AHWqTUkDViRTXZEX-mHadxUoYhWkEZVti00DrqoloyIhR4zN1wkpoKPQVBLj8qBIepQ
.e-planning.net/ Name: E
Value: AFAcFVIoMyH1yOhK
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 5d9fd3e2-face-5272-b638-55ffd27ec1dc
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.cpx.to/ Name: cpSess
Value: 27493232628f2e15
.tweaksforgeeks.com/ Name: __qca
Value: P0-319797884-1682347043068
.adnxs.com/ Name: uuid2
Value: 9201185162672373872
.yahoo.com/ Name: A3
Value: d=AQABBCOURmQCEBSy2i82fs92LPbj8dZaODQFEgEBAQHlR2RQZAAAAAAA_eMAAA&S=AQAAAgZ7LhyLxDOdTuOMeL2OUOk
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.casalemedia.com/ Name: CMID
Value: ZEaUI230OeyRDMc8xZV0eQAA
.casalemedia.com/ Name: CMPS
Value: 5225
.casalemedia.com/ Name: CMPRO
Value: 5225
.pubmatic.com/ Name: SyncRTB3
Value: 1683504000%3A220
www.tweaksforgeeks.com/ Name: udmsrc
Value: %7B%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9FC097FF-5361-46CA-AD47-4426303570C6
.cpx.to/ Name: dsp_app_nexus
Value: 9201185162672373872#1682347043967
.udmserve.net/ Name: apnid
Value: 9201185162672373872
.cpx.to/ Name: dsp_dbm
Value: CAESEJiyv9N6oYavtiFcZu_EtR8#1682347044012
.cpx.to/ Name: dsp_pubmatic
Value: 9FC097FF-5361-46CA-AD47-4426303570C6#1682347044058
.go.sonobi.com/ Name: HAPLB8S
Value: s87159|ZEaUJ
.pubmatic.com/ Name: pi
Value: 156505:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.udmserve.net/ Name: udmts
Value: 1682347044.0
.udmserve.net/ Name: yahoo
Value: y-CuBzmi5E2uF_2iXhxh_8uI2txbysRTjETDBsmZE-~A
.udmserve.net/ Name: indx
Value: ZEaUI230OeyRDMc8xZV0eQAAFGkAAAIB
.udmserve.net/ Name: pmid
Value: 9FC097FF-5361-46CA-AD47-4426303570C6
.tweaksforgeeks.com/ Name: lotame_domain_check
Value: tweaksforgeeks.com
www.tweaksforgeeks.com/ Name: _lr_geo_location
Value: DE
.tweaksforgeeks.com/ Name: _ga
Value: GA1.2.626960561.1682347043
.tweaksforgeeks.com/ Name: _ga_PEGZJDQ1BR
Value: GS1.1.1682347043.1.0.1682347047.0.0.0
.bidswitch.net/ Name: c
Value: 1682347047
.bidswitch.net/ Name: tuuid_lu
Value: 1682347047
.bidswitch.net/ Name: tuuid
Value: 24c23ae2-9a13-4803-9b26-34a4cf492831
.ads.pubmatic.com/ Name: KCCH
Value: YES
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI5MjAxMTg1MTYyNjcyMzczODcyIiwiZXhwaXJlcyI6IjIwMjMtMDUtMDhUMTQ6Mzc6MjcuMzQ2MzM4NTNaIn19LCJiZGF5IjoiMjAyMy0wNC0yNFQxNDozNzoyNy4zNDYzMzM1MDhaIn0=
.zeotap.com/ Name: zsc
Value: %60%BFI%C4Q%D3%C8%10%FEq%A6%3B%E7%F5%C3G%B3%D8%24%3Cy%D2Jpd%A3%CEd%CF%88%C8%DEcq%B1%25%E1%B5C%8B%91%C6%91%E9%C1v%F8%DDZ%E80%F2%7C%E1Q%E5k%FC%BB%B8%12a%A9%89a%C4%EF%10%19%DB%12%28%CA%B5%C0%7BJB%FF%DB%7B%CE%98B%C0~gR%9D%CC%08%93pV%E89%3A%8B%A7%81%0F%10%92%B8%86l%0B%2F%82%E22%C93g%0D%C3%0E%27%C4%85%FC%A9%01%AA%9D%8E%9D%FB%EE%C2%CF%9FE%AE%1E%0F%D35%8A%D7%29%088h3dsC%02%2BN%5D%91%83%F4%CF%A2%28n%8F%87%E1%05%8E%DF%AA%F5%B4%1A%02%8A%D0%82Tyl
.adfarm1.adition.com/ Name: UserID1
Value: 7225625547400673428
.tapad.com/ Name: TapAd_TS
Value: 1682347047367
.tapad.com/ Name: TapAd_DID
Value: eded6025-4c7a-414d-97e6-007139cd314a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adtelligent.com/ Name: vmuid
Value: 4f753283e2ab2931
.adtelligent.com/ Name: a733849
Value: 9201185162672373872
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_660be387-1d12-426a-ac86-988765f1764b
.weborama.fr/ Name: AFFICHE_W
Value: PHKsgb5-L4w859
.tidaltv.com/ Name: tidal_ttid
Value: 8e8b119e-1c84-4c33-b5ae-c2f71bfd114c
.mathtag.com/ Name: uuid
Value: 65516446-9427-4d00-905e-b764c1cb921d
.demdex.net/ Name: demdex
Value: 21161270249839823283296305279210715832
.agkn.com/ Name: ab
Value: 0001%3AI0yVPR2ImLI7CM7LCoHMXIJwHfbWR0pt
.adform.net/ Name: C
Value: 1
.admanmedia.com/ Name: admtr
Value: 8e3e47a7-bea5-4a2f-9f3f-0ca2e397178c
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjEzsjK0MAIAr2CY5AkAAAA="
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3e575d16-9214-3d17-b957-2d26a85f30b8
.dpm.demdex.net/ Name: dpm
Value: 21161270249839823283296305279210715832
.adhigh.net/ Name: gi_u
Value: L84oQOsTO7x.AikABlGHs7K7Lg
.adform.net/ Name: uid
Value: 8059250712242642139
.adtelligent.com/ Name: a307971
Value: AFAcFVIoMyH1yOhK
.richaudience.com/ Name: avcid-zeo-uid
Value: 4ecb6a41-effe-410b-79c7-7d3eb4ebddc9
.analytics.yahoo.com/ Name: IDSYNC
Value: "19b4~2b9q:195v~2b9q:199l~2b9q:19ah~2b9q"
.krxd.net/ Name: _kuid_
Value: Pg8hVvMA
.adhigh.net/ Name: btw_sync
Value: LKID
.brand-display.com/ Name: _knxq_
Value: 7a669c3e-b7c0-de39-1a239959.1682347047.0.1682347047.1682347047
ads.avct.cloud/ Name: uuid
Value: 81ebe22c-221d-4b6b-a625-891830b09c7f
.fwmrm.net/ Name: _uid
Value: "o1f58_7225625547388029295"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEaUJwAFLn7MEABa
.turn.com/ Name: uid
Value: 4120244204822914046
match.sharethrough.com/ Name: AWSALBCORS
Value: ISmJoKiDRWWtKGbKrvVpNEwl4mNk1kkujKO7C6fV0Hx8x4An2vMH0TU9HCtPmb71j0mg123IqqrDuBO7k/lJmEbB7RBentYPDEVdDoANeL+Ak+hF1v6t6N0dHR/4
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-50a132a9-e901-4d92-8637-787b4a159dfe-003%22%2C%22nxtrdr%22%3Afalse%7D
.betweendigital.com/ Name: ut
Value: ZEaUJwAOewi0hXSs54JeGB_Bg9R6ArELOI2pYw==
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-50a132a9-e901-4d92-8637-787b4a159dfe-003%22%7D
.creativecdn.com/ Name: u
Value: Q0J8lBoYFd9e9KqVx0r6
.creativecdn.com/ Name: ts
Value: 1682347048
.bumlam.com/ Name: suuid3
Value: IiQ4OTZhM2FjYS1lMmFkLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.ads.stickyadstv.com/ Name: UID
Value: b089a1d8e57959b810e57250c1d4e26d
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2E?^dRqI2!]tbP6j2F-.aE@%O4WYq=0LA?lh7!-lvp<lcxueNcxJ>Ii+fKi4fT1B1J$]V/zN)mQLTpn/X+GY1Qw25/Wml2
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJjYjczYzQ3ODhjMDUxODAxOGQxMjY3NWRjZWJmMDRkYSIsImV4cGlyZXMiOiIyMDIzLTA3LTIzVDE0OjM3OjI4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA0LTI0VDE0OjM3OjI4WiJ9
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smilewanted.com/ Name: sw_user_params_infos
Value: lE7Xra9T%2B46Go6RvF%2ByAv3tPAqctnLOH1rq0CkWmlubjad87NHyI2WjykYv2tpcE09e6BtTly0ks3QtsyCJAsQI3g2o64%2BM53peXksZJbsWaTdueg%2BEhwNXtXWNQDjnNh2XAEM8DAApJ1ekl%2BwEVncvezd1ZwJPAPrWjzkByqqcVUrDnKJ2I%2F5M0MspKrBBP1pni1zP0crS%2BV27xLdILY9J7OmfXZUkh9L7ST6vK1IS%2Bel0DKcvrf%2F%2FXaH64B%2FJFNDPvXBnj6g1dH5lEmGGrVoRgMtKtAp8x8opTtfeak2JRxNkmzSxmGzFVUpwR2PAgb%2BQtPWwCtk4RxulOXvnHHA%3D%3D
.smartadserver.com/ Name: pid
Value: 8642267768220290310
.aidata.io/ Name: __upin
Value: 8R4ti1REQOFVEM6jRQvy5A
.aidata.io/ Name: __upints
Value: 1682347048
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AxmiZehGiU1MrtiXRm8oIEE
.yandex.ru/ Name: yuidss
Value: 1046655951682347048
.yandex.ru/ Name: yandexuid
Value: 1046655951682347048
.tns-counter.ru/ Name: guid
Value: 5EAF7A0064469429X1682347049
www.tweaksforgeeks.com/ Name: _dd_s
Value: logs=1&id=d5283dc3-7ec2-4dd4-b920-32b54599d9a3&created=1682347043780&expire=1682347943780

11 Console Messages

Source Level URL
Text
network error URL: https://www.tweaksforgeeks.com/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.0.3
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.tweaksforgeeks.com/9457193977244c13
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.tweaksforgeeks.com/google-discovers-a-windows-exploit-that-cause-major-spyware-distribution/
Message:
Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F' from origin 'https://www.tweaksforgeeks.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.tweaksforgeeks.com%2Fgoogle-discovers-a-windows-exploit-that-cause-major-spyware-distribution%2F
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ecb6a41-effe-410b-79c7-7d3eb4ebddc9&reqId=b6f0deb7-4b19-4dfe-7b39-68f891597ce5&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9FC097FF-5361-46CA-AD47-4426303570C6&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.themoneytizer.com
ads.us.e-planning.net
adservice.google.com
adtrack.adleadevent.com
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
api-player.globalsun.io
apple-insider.com
ats.rlcdn.com
b1h.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
bn01.er.bemail.it
bqstreamer.com
bucket1.mm-syringe.com
c.amazon-adsystem.com
c.tmyzer.com
c1.adform.net
cache.betweendigital.com
cdn.confiant-integrations.net
cdn.globalsun.io
cdn.mmctsvc.com
cdn.unblockia.com
ced.sascdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
content.voltaxservices.io
content.wazimo.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.vidoomy.com
d280h7aj1u7b0w.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
drm.mmvideosvc.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embed.sendtonews.com
embedcdn.sendtonews.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
factor-service.prod.voltaxservices.io
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
ghb.adtelligent.com
gum.criteo.com
hb-api.omnitagjs.com
i.e-planning.net
i.vimeocdn.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
kvt.sddan.com
lb.eu-1-id5-sync.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
player.globalsun.io
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
proc.ad.cpe.dotomi.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.adhigh.net
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3066.infolinks.com
rtb.openx.net
rules.quantcount.com
s.adtelligent.com
s.amazon-adsystem.com
s.cpx.to
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stats.systems
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.adtelligent.com
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.leadplace.fr
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
u-ams03.e-planning.net
u.4dex.io
udmserve.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
use.fontawesome.com
usermatch.krxd.net
vms-players.minutemediaservices.com
vms-videos.minutemediaservices.com
ww1097.smartadserver.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
www.oo-syringe.com
www.tns-counter.ru
www.tweaksforgeeks.com
x.bidswitch.net
x01.aidata.io
a.audrte.com
bh.contextweb.com
cm-supply-web.gammaplatform.com
dis.criteo.com
kvt.sddan.com
104.111.217.14
104.80.242.37
108.156.60.4
108.156.61.80
116.202.85.93
13.227.219.68
13.248.245.213
142.250.184.226
145.239.192.166
146.75.118.109
151.1.205.165
151.101.130.49
151.236.118.146
162.19.138.119
162.19.138.83
162.55.233.28
172.66.42.247
172.67.10.198
18.159.43.130
18.159.74.172
18.185.164.153
18.200.222.100
18.65.35.220
18.65.38.185
18.65.39.29
184.30.134.95
184.86.251.82
184.86.251.89
184.86.251.93
185.15.245.83
185.184.8.90
185.239.172.77
185.255.84.150
185.29.134.248
185.64.189.110
185.64.190.79
185.64.190.80
185.80.39.216
185.86.138.153
185.89.210.20
185.89.211.132
188.42.196.115
193.0.160.131
193.108.153.7
193.3.178.2
193.3.178.3
193.3.178.4
194.190.76.44
195.5.165.20
198.47.127.19
198.47.127.20
2.18.233.201
2.21.20.141
2.21.20.142
2.21.20.153
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:6d0:4001::226
205.234.175.175
207.148.121.250
212.82.100.182
213.155.156.182
213.19.147.44
216.52.2.6
23.35.236.201
23.37.42.132
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a
2600:1f18:1aca:4281:ea73:294d:a09b:a42
2600:9000:2104:9200:12:abfb:9280:93a1
2600:9000:223f:9400:8:48e:53c0:93a1
2600:9000:238d:1c00:2:aa19:6400:21
2600:9000:238d:9800:6:44e3:f8c0:93a1
2600:9000:238d:dc00:5:c4ab:c3c0:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:267
2606:4700:20::681a:450
2606:4700:20::ac43:4bf1
2606:4700:3033::6815:55
2606:4700:3035::6815:141c
2606:4700:3037::ac43:9a76
2606:4700:4400::6812:220a
2606:4700::6812:18ad
2606:4700::6812:372
2606:4700:e2::ac40:840f
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2002
2a00:1450:4001:803::2008
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9d
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:3500:16::215:1488
2a02:26f0:3500:16::215:1491
2a02:6b8::90
2a02:6ea0:c700::11
2a02:fa8:8806:20::2010
2a02:fa8:8806:20::2100
2a04:4e42:600::300
2a05:d018:24:b001:201e:5368:865a:b144
2a05:d018:d29:3605:114e:557c:38c4:1287
2a06:98c1:3120::3
2a0c:5c81:5142::2
2a0c:5c81:5161:0:225:90ff:fefb:20e3
3.218.51.207
3.66.31.88
3.71.149.231
3.86.135.117
31.172.81.172
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.111.151.213
34.149.20.76
34.149.40.38
34.160.236.64
34.224.205.52
34.242.149.101
34.242.83.137
34.247.20.4
34.248.182.206
34.254.143.3
34.91.62.186
34.95.81.168
35.157.172.150
35.186.193.173
35.214.153.92
35.227.252.103
35.71.131.137
37.157.3.30
37.157.4.28
44.205.146.26
51.89.9.252
52.212.164.179
52.212.178.201
52.222.136.109
52.222.139.100
52.222.139.95
52.31.91.58
52.46.151.131
52.51.235.201
54.154.221.221
54.246.240.52
54.38.64.100
54.76.238.177
54.93.207.65
64.227.64.62
64.74.236.223
67.202.105.21
67.202.105.33
67.220.226.233
68.71.249.118
69.166.1.12
69.173.144.138
69.173.144.165
72.251.241.196
8.2.108.175
8.2.110.24
85.114.159.93
89.108.119.28
89.149.192.65
98.98.134.241
98.98.134.242
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032324be2708e5d0da5583426b9196f6c836852e55612b5cd1db5d4594acb232
03f4ea21ea8b4c0e5cfc9957b0f51cce4e011ed79830fbc4f7ed2340b145fc5b
046dda8e79d3bd84c7b731ae3285bbf3075d34bce6c8a9274cbbf99353692aae
05c244b797466bcd2cb8054cedaa4f323e7a0512e9576ab07a55087119843e5a
0694f7732a53db84cbb235169c42ac4f66a5879c9f53e1792fac14585e191911
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
08813b72ffb0804bfe0a33432d5cfe66cdb59df011095f82bbe8a68e4818ba3c
08882d31df95daace0c23f1108f3e11fc53ef17334df446f3e3cb395c597c955
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba37ef6877cc8577f51faaa4c6242379292d8d78d024655f163f9394e1850a1
0dca24667fba2b75530c3b1adf2951f97bc767809e619c3e115d57eff98e2d66
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
117031845187301914bdaed6894ebd7f07b50f7fefe9a7c84e865c6c79888bb0
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
11b6e1f44f4b4f8623112f29aa83d100e49912dc8cb9671ab9b204ddf8283dfd
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
18335a332b9f991be03352d6c8809e7968aa4e712cc8720d80e4a5866b19addf
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a7043786b1ce300700c6f0ca5ce932943ff8d7d5035a734bcb6173dea6f9efe
1c9a3e8e57189e64b39a7d160f553f1631c8e8303fe05b6a6fe04fa9dc6cbbb2
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e5d14c7735e406e8a4d5bf9eb324530a2333c68065241f8d0e051fb310f75b4
1f0c6cc70eff52fecc01a8cba267c18105fa40b4cb83f26fdbfbe014ee5e29a8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1faa302684d070b3492c61b4965a60f5b486b2cc82bc254ef34e532f3c769aba
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686
22e73b07fab7119fbfcd0608a24187a878b4126212ce68c1533a239f8bd95d5c
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
23081cbab562fe3c36f10ac685125814aa6686d8d0a3595fa8ba34dbc0c4d659
23329f33da29a62c21c0937f64a2cc89f2305ff0e806fdc5b478b81ae3d520b6
2387543cfe0367a59e6fe510d2dfb3e3b56e0ff707ed0573ed9936cefbcfc58b
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
246cf94734e152b83321e5a2f22620ec028fc448cbea8fd3440ae9efb5b31523
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
2879552ece1522901c919a36ddc8c3738d021c8f48ec5aba0ece24eb5c289071
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2a79951e2228fb7c6818c78d76789d49f391bcd2b2fdd05371b940c5137e7180
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2acb583ec34423b1d57ff4665909c308b476f27bad71f98d8637ec5eca7cede0
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
3346c18260c163df1ff2eeac65947cfb57341024316cad20d625ea7123b9a4d0
35347a100232409b89ee158c56720b5ebf3665a47b26bdac97cf99077fbdbb8b
362e7df66290888156ea2b3f6b557ac730a521a3aac526349d56839818e0308f
367612f2ee7d009ae2cd05064a9d0d31e5d2b1b9b7f7e23921702e67ef16bc22
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3817329b2b0306df1b2adbc5b0def56d41ca48ee151a09fc0fa6a919ff42035b
384a7021f036cd8b959e50037a231ea4153c5ce4e6f2a3207c975c804426f7d9
397940c3ab19022cf639191ce4453374536eed5ceea53e2567ec2b157f50ff6a
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c2bb1edc83db7e01b582f07603b904542b02338f03433c0fd7e907d7fef1369
3d3fff4a210d791bfd98347f39cf241cacfdbb3602b3319c6820c5a4160d8b5c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
42f3f0a2e7d4434c073bb2444bbaccee86e3aea75e7d754456d21f92b9b47085
42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cdd152524fd900a690a22b2e7a8c58d57d3c82fdd3f403963e8e9de34398c6
4520fc9924da602911cdd73ce313beabbe5f5c1263d1ecf676ef92601c85b095
46698860e9e3853c1634845f8b1a5fa48d94761121da8036156b43cc652da554
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab012e0ef9d216cbafbc9d057b815095b1b70a3f86a99682a10e44b826f5508
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c78df6e79794bf4143246ebb358b2653ce7c5e2194825b36e5b586f569ed2f6
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ed5d40201b01cca38be11805b93af74dacd4db6a68f25c6e55d2cf8bed178
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
51d6efffb1d5371d7f703183fb2adb8e93f9344d3d891b84fafdc2421d491fa7
545a2386271fe2d8b1d93d0aa28dac7fe362429e603a37a72cb5f5e555c68b02
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
5830a95dd04dfdf43d1339cb47df9b12c88069e180ff5cb33f3ed81f71cad524
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a200b67450da7b221ae617a078d3114819e73384cf781b22ca84cc8d53cc5d5
5a566ab5846afe62b7d0c948670b307ff1a956bdbee61696790d71784c8c36d2
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d9bf25e4164225a56d6aabd8ae091660c9502887c6b514979a12bc0aea7367a
5e876120f96cf07b0b60073d6545ac6c3919069d2e423184e92f08041f8e3632
6230eddba95db2adc1df9294dbc1b9e759f5bd64eba48197ca6426f57f056d20
627e89918f4d078736ac8c90b6b784c22e6621ecf537bbc49faa361e66595b18
62a60e96b24ca6549e96b8f77fab54e728a6b878c9fbe2ebe6abb66cef31b7f7
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6
635d88f6f923c5ebdd61ae64698d6ce0f54a750f2de2b5b5726aa05b4997c406
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6ab63481834c1edbcccd73c4b8d4f13fc5dedfe17e11d1b5a0bda4368f9f3bef
6b7ea0e32fe1390b35c39f4b1a161dc40f5403a8317c60141b8eb2b440cede43
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3282900f478b5abd8d6e76d85a16e6d6ec60adba9b7648ff8e6c881505d9ab
6fb19f75a2bc28b0a609180e008bb5e2c72c7f856421059aa12059b18faaa199
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73b8991489724bb9aca6204e0b51d7978764d32c2599b90b50241dd47a72bc24
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
76b7c7182aa582ac32a99c7726bd6ef007c2b3bc456afd99b152668e59d59790
77d8df4a50fc8f37c29d1b0197578268518114c8e4c565b78d22aebef85de7d8
78125999f6ec056a97290b4554b68328a18b9771f49a45d9abce91033ea01a22
7ad7a1a3ae73263486e44b0cc8144cd91120f2fbb29b6f9cffe35fcdfc9aae89
7d0db10d898c8ab5adbbce9d279e896a83efdcc38fe4482434acc949dcab50cb
7d4f0206a033696f33c4fcde3e9a325c78a48d9162713801e9e1af8a0c745c0c
7d6fa7b9e538b9984c12d3b86cbdf107eba23cb84fd6767f38d549b7f52eccc2
7f3329d1022f342ba08782c6b20ab997222c3aa5cef0cd134fddb1f3a6d23a31
7fc54a3ce1b17851cd92926279227eb43ccebced7cab0eb6f5283e147dda2987
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86310c1456f11a16d6195ff91928a28a2909f5fb51d60054d94763fea08ba714
8702a7ad2ab9e00193e1239412ca1e4a84d3de43b87ddf5cf0beaa85e57cca0d
87d6f740bada7720e8f5dd063e95878118767a1bb1bf4f4214156f579c935e73
8a63276508f635e6044a52b72093d0b20b5c3036c8a21e5b6f9fe6f2b2dd6fbb
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497
8e958f60fbf777edbd2d9b72c92c2ecd04dfbd4083f7cdbf80ca007c6e02335f
8f2910144506bd297dd6a9d1b370a162c453de0396f45b5503850826d1a40bed
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92e58015bc353fedcfccb9245d36627d3b46df8d962548f4d0a38c754e8a8374
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501
9632d55718ed8ebb657eccacfb40e6f21c0ef0365cb0aa525f3e47f263bf3aac
96ed400ea2a1933406fda55aa79400d0f3a19d58b66c63fac04cc3e0c27c4cba
9836fba16aad742038ff055cb2d75ddbf3f6dcb2731ee2c2a2751eb6874282c9
9870276d7d01261b88b8ce2db089b44f62531baa3f6dde16b1f24a6e1d3a4b0a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9c6339137dfccbf6a43e6f0c54c2614118f82effe8893f914481558b13d7538b
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d3b92ec9ff39693d9c8d91d6c44489933f58a0bc6ac54bd46ebb48636a5eb61
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
9de65bcc14bd795a97a7a653f094538c13687591e4428e60632040656f113319
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3a3121531396a812017dc037025b5492e2d52b386121e1b486d965e7da1dc80
a474eb4de90110baa24fa4c32e2ab48e7f84ea67d40f3435cfa8191826f946a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b
a5ab833c6ef1337284173356a6076b4177eeeab26940045c59adac01cd837add
a8b7167e915b47195a9dc63e7a607de05de3cbc8eb8d5fc096ee0908f91880a5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adeaa76d6ec8c3f4c26c45a0524690b627505bded91f4aa690a7785713794441
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16d858ee5e10b20d274fb685d8bdf48ac05e8c7d77af0928153d70d2c24f270
b171c05f32d68a987cb3511ebba4a3f276cdd6c801ce15c495da2b0ebee01cc1
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b67a2c38da877d9cfaf7c65933785f2c1895bbbce3d9e82e54d4f433cf440c1d
b7bcc637896f680fc74dafaa350cf28a3480d121fad51e73c35ce26b5bb51738
baa5b55304d4f20d285e82ad1ddd857881edfc9ca521995dd04265c68becbe2d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd1c5c2c42f4f511d4b9708c8a2f28e3bcb1d4cce1946508b84cee33f3b77ae9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd59cc93a8dd24d21fffb61f81ad4cc861e210bae783e730b237e240a3fc2bcb
be92ff230d762442be7c3515962bf1dddb24824087394da02c8579740c3dcba3
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586
bf7599b36be61e9dc25a32b4dea6b16be931bf8896da17db8a8a8c001baed972
c17497c704b79b84614b5319952fd19919e6649b959ecff2eacb77283f348d5c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a1c113a2a11583e364fd300caee84e97d0c434ca6d5b0f7a7a12a03d16083a
c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb
c6202a476302a153e4986e05caa8c557f0c58d5e4fa094d6540257e245e2e09c
c6295067424cbf7d9014ddb70673137dc117d0962369da58a08ad5bcba7389be
c8089495c7dd4f2030ed449649d4cc8271eda9e0566d11112d55cc22b7170316
c9ee8c452dec747812f8b5f3ad19f0fbcd3d0c703f8e21e9e7b5b512b3e60137
cc65f4d45bd5726f31a59e2e9bd2810cf90cf5957dc06e123861d925a6f9d9d2
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae
cf16ec6f6a8c8068627d8d67a001cf5cb952f8b00838a23445d07bcc923eab42
cf2066cbddd11120323965d776a04384f7fc450854218082ce14873e9b06e7c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d013679f6616f132c70b602ad6f11ec393b4e5aa365842266463cce82b5937c7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16537f8743d8f95565136d9389f9b1d4410ac94eabc52fd1deca14ec02303aa
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d263fda337af552f00a2ee95fdfd8fc5553e1062864bfa3ab987396741fd5adc
d325d65591345f8ef525f544a6ead7ec9901e0e37d96163b71cb0ada8b6e77cc
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d773392071a251b7020634b18a3397a3a9fc4cb006fa93354398a09c101521d5
d78ee65d6be02a5a9c1f62ecd60f280215063624d80dac06328ddfc985a4b61c
d7ea16a5fc7ebc5912a3370b744763ee7be073e9e3a3ea8f0fe156f9ece05610
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d90ee3910a61ff09aaa64620654b6af91316369da042c0a2792d8ae75a0d2090
d9b728eb13794287875457d5c53a7492142ff0955745251d80d08068e19a3dad
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd76fb556eaa806129df6c0d6f6de7d490eecd991d4fcf8490f89cfb846ee0d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e17ac635944062a253c5b67a857ac6de89bd234cafafb5e35a1b889a9c0da45c
e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a
e1d2f7d8fd957b12792fc62e567ebcd9e697f63a42e3dd023f02bd370d7c5640
e24d122efce80d5414a65b024a89ef8a428d9c2905fcacd0716c4aefe3f69dfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9ebd714243264393b54c89d034e20601df9b92b4ead1e0ae4df42d61f47fe26
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7f9ce98c5df2da208c9af177668e565b01785e911e2ad251b7234c10133e5a
ebeb782b7464f9c89489339167a397b07ace82014dc3ade75ec23f7e8352d022
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edb6180c914e7b38450a0a388cc86d9aa54a6cf4e6cdd87d909300983eae7988
eee0572f147a72ad2f10ac9c5382778905865c798174647c23591f9d3f94b46a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f391355051bd667558ef6651c7596e28e4931ce6a034bf123a7f210b63a3c80c
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f51797e1efff8293561a55557059bdfa3d0780c1b27e177244fe1a2df69dc10f
f523c89be3d3baf26927700d3ad8df0d42715563cb69e138217aa4808aaa002e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e01e6449e6d862c3b92ef8ef9415a4b3bd56c0cc705fe69a804b23f8dcf335
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bd0a90cf436f45ee35749d99c95a9593154137e4e78c15d93bade4e6f7de62
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fa8700eaa4be8549203564d995f821f6ca7aa0e5dd84e61c805ecc9a3a0cd74f
fb72064dffa002b8e0adcb9b112dc9656ca47656f06413482a7b8bef8dddb7da
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe24329917e6ce47414d692ef36a82a97671da5aace682a00e74bad15a40f260
ffa5fa51a0723ec0ef2a5805a9e2698f5e81d0d6bdda93022febd4311942938e