urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.com Open in urlscan Pro
2606:4700:3031::6815:90b  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Submission: On August 17 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 132 IPs in 18 countries across 120 domains to perform 549 HTTP transactions. The main IP is 2606:4700:3031::6815:90b, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com.
TLS certificate: Issued by GTS CA 1P5 on June 22nd 2023. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 2606:4700:303... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 18.239.94.125 16509 (AMAZON-02)
1 8 2606:4700:10:... 13335 (CLOUDFLAR...)
6 192.0.77.2 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 52.29.228.116 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 108.156.255.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
11 145.40.97.66 54825 (PACKET)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
10 103.132.192.30 138552 (RTBHOUSE-...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
10 185.64.189.112 62713 (AS-PUBMATIC)
2 81.17.55.112 60781 (LEASEWEB-...)
16 13.32.119.77 16509 (AMAZON-02)
46 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 23.35.236.201 16625 (AKAMAI-AS)
2 67.202.105.23 32748 (STEADFAST)
2 6 185.64.190.78 62713 (AS-PUBMATIC)
1 2 178.250.1.9 44788 (ASN-CRITE...)
2 4 67.220.226.238 16509 (AMAZON-02)
4 4 2620:116:800d... 16509 (AMAZON-02)
9 185.64.190.80 62713 (AS-PUBMATIC)
10 13 37.252.171.52 29990 (ASN-APPNEX)
10 198.47.127.205 62713 (AS-PUBMATIC)
4 6 54.147.190.158 14618 (AMAZON-AES)
4 5 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.214.136.168 15169 (GOOGLE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
6 6 52.213.141.191 16509 (AMAZON-02)
10 19 142.250.185.162 15169 (GOOGLE)
2 4 185.86.139.94 201081 (SMARTADSE...)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 64.95.96.108 32475 (SINGLEHOP...)
1 1 82.145.213.8 39832 (NO-OPERA)
3 3 213.155.156.185 1299 (TWELVE99 ...)
1 2 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.186.154.107 15169 (GOOGLE)
1 1 141.94.161.190 16276 (OVH)
2 2 141.94.171.212 16276 (OVH)
1 2 108.128.108.17 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
14 34.149.40.38 396982 (GOOGLE-CL...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.157.243.229 14618 (AMAZON-AES)
5 7 37.157.6.243 198622 (ADFORM)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
7 3.33.220.150 16509 (AMAZON-02)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
1 5 3.75.62.37 16509 (AMAZON-02)
4 8 18.158.137.139 16509 (AMAZON-02)
2 2 52.212.220.173 16509 (AMAZON-02)
4 5 46.228.164.11 56396 (AMOBEE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 98.98.134.241 21859 (ZEN-ECN)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 2a02:2638:d::2 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 216.52.2.91 32475 (SINGLEHOP...)
4 162.19.138.120 16276 (OVH)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
1 85.114.159.67 24961 (MYLOC-AS ...)
1 85.114.159.66 24961 (MYLOC-AS ...)
4 4 23.201.255.110 16625 (AKAMAI-AS)
8 88.221.169.246 16625 (AKAMAI-AS)
2 35.244.159.8 15169 (GOOGLE)
1 217.79.188.11 24961 (MYLOC-AS ...)
1 185.64.190.89 62713 (AS-PUBMATIC)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 178.250.7.9 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 69.173.144.139 26667 (RUBICONPR...)
13 2a02:2638:d::13 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
8 217.79.188.4 24961 (MYLOC-AS ...)
3 69.173.144.138 26667 (RUBICONPR...)
6 6 46.228.174.117 56396 (AMOBEE)
1 3 193.3.178.4 399668 (E-PLANNING-)
1 98.98.134.242 21859 (ZEN-ECN)
1 8.2.110.24 46636 (NATCOWEB)
1 35.186.253.211 15169 (GOOGLE)
1 193.3.178.1 399668 (E-PLANNING-)
6 193.3.178.3 399668 (E-PLANNING-)
2 2 34.196.43.220 14618 (AMAZON-AES)
1 69.166.1.67 27630 (AS-XFERNET)
1 1 44.205.87.2 14618 (AMAZON-AES)
3 16 104.18.25.185 13335 (CLOUDFLAR...)
1 205.234.175.175 30081 (CACHENETW...)
3 51.38.120.206 16276 (OVH)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.110.114 16509 (AMAZON-02)
1 52.50.92.6 16509 (AMAZON-02)
3 23 13.248.245.213 16509 (AMAZON-02)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 2a05:d018:24:... 16509 (AMAZON-02)
2 2 99.81.14.86 16509 (AMAZON-02)
2 3 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 185.15.245.80 24961 (MYLOC-AS ...)
1 1 54.72.84.52 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.196.20.206 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 34.252.154.12 16509 (AMAZON-02)
1 157.90.211.246 24940 (HETZNER-AS)
4 4 151.101.2.49 54113 (FASTLY)
1 1 52.3.206.88 14618 (AMAZON-AES)
1 72.246.169.24 16625 (AKAMAI-AS)
1 1 52.209.59.223 16509 (AMAZON-02)
1 217.79.188.12 24961 (MYLOC-AS ...)
2 52.46.151.131 16509 (AMAZON-02)
1 13 52.210.15.1 16509 (AMAZON-02)
2 3 70.42.32.95 13789 (INTERNAP-...)
2 2 52.204.160.102 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 70.42.32.255 22075 (AS-OUTBRAIN)
3 3 52.212.215.149 16509 (AMAZON-02)
2 185.86.138.153 201081 (SMARTADSE...)
1 1 202.241.208.55 4694 (IDCF IDC ...)
1 80.77.87.162 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.210.239.72 15169 (GOOGLE)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2600:9000:25e... 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 3 95.101.54.106 20940 (AKAMAI-ASN1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 23.88.86.2 24940 (HETZNER-AS)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 141.94.171.216 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 141.95.98.65 16276 (OVH)
1 35.157.224.148 16509 (AMAZON-02)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 3.234.116.116 14618 (AMAZON-AES)
1 185.29.132.245 30419 (MEDIAMATH...)
2 2 3.120.112.58 16509 (AMAZON-02)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 52.201.180.243 14618 (AMAZON-AES)
2 2 3.122.199.127 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 1 154.59.122.79 174 (COGENT-174)
1 185.80.39.216 27381 (CASALE-MEDIA)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
549 132
47    2606:4700:3031::6815:90b (United States)

ASN13335 (CLOUDFLARENET, US)
securityaffairs.com
10    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.239.94.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-125.ams1.r.cloudfront.net
platform-api.sharethis.com
8    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
media.vlitag.com
6    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:224a:7600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    52.29.228.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-228-116.eu-central-1.compute.amazonaws.com
l.sharethis.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
www.googletagservices.com
7    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    108.156.255.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-65.dus51.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
11    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
18    2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
10    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
10    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
10    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    81.17.55.112 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg-apac.smartadserver.com
16    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
46    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:1450:4001:23::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5edndk.googlevideo.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
8    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
13    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
10    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    54.147.190.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-190-158.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.214.136.168 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 168.136.214.35.bc.googleusercontent.com
csync.loopme.me
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    52.213.141.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-141-191.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
19    142.250.185.162 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
4    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
gcm.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.154.107 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.94.161.190 (France)

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh
green.erne.co
2    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
2    108.128.108.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-108-17.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
14    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.157.243.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-243-229.compute-1.amazonaws.com
a.audrte.com
7    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
7    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    2a05:d018:d29:3601:68c4:160f:554f:e0aa (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    18.158.137.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-137-139.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.212.220.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-220-173.eu-west-1.compute.amazonaws.com
ads.avct.cloud
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
triplelift-match.dotomi.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
12    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
2    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    85.114.159.67 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dspcluster.adfarm1.adition.com
dspcluster.adfarm1.adition.com
1    85.114.159.66 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.active-agent.com
dsp.active-agent.com
4    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
1    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
13    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
8    217.79.188.4 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dbt.adition.com
dbt.adition.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
6    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
2    34.196.43.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-43-220.compute-1.amazonaws.com
ssp.disqus.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    44.205.87.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-87-2.compute-1.amazonaws.com
cookies.nextmillmedia.com
16    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
14    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    13.32.110.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-114.vie50.r.cloudfront.net
tags.crwdcntrl.net
1    52.50.92.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-92-6.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
23    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f00:6418:3db0:a56e:6f03 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
1    2a05:d018:24:b001:ea7e:ead4:fe95:47ef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    99.81.14.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-14-86.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
loada.exelator.com
1    151.1.205.165 (Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    185.15.245.80 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    54.72.84.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.196.20.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-20-206.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    34.252.154.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.3.206.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-206-88.compute-1.amazonaws.com
usermatch.krxd.net
1    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.209.59.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-59-223.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    217.79.188.12 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
is.dopascalls.1und1.de
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
13    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    52.204.160.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-160-102.compute-1.amazonaws.com
sync.ipredictive.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    52.212.215.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-215-149.eu-west-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
2    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2600:9000:25e8:2200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
3    95.101.54.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-106.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
c3.a-mo.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    35.157.224.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-224-148.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    3.234.116.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-116-116.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    3.120.112.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-112-58.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    52.201.180.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-180-243.compute-1.amazonaws.com
rtb.adentifi.com
2    3.122.199.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-199-127.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum.casalemedia.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
Apex Domain
Subdomains		 Transfer
47 securityaffairs.com
securityaffairs.com
387 KB
46 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 29787
19 KB
46 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
ads.pubmatic.com — Cisco Umbrella Rank: 651
image6.pubmatic.com — Cisco Umbrella Rank: 989
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage2.pubmatic.com — Cisco Umbrella Rank: 982
st.pubmatic.com — Cisco Umbrella Rank: 1278
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
84 KB
32 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
226 KB
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104
csm.eu.criteo.net — Cisco Umbrella Rank: 8684
256 KB
26 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1731
mp.4dex.io — Cisco Umbrella Rank: 2922
u.4dex.io — Cisco Umbrella Rank: 4915
39 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
74 KB
23 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
11 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
244 KB
19 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
eus.rubiconproject.com — Cisco Umbrella Rank: 737
token.rubiconproject.com — Cisco Umbrella Rank: 748
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2567
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
47 KB
18 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 18253
sync.quantumdex.io — Cisco Umbrella Rank: 3429
3 KB
17 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1560
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
12 KB
15 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856
dspcluster.adfarm1.adition.com — Cisco Umbrella Rank: 64702
imagesrv.adition.com — Cisco Umbrella Rank: 16702
dbt.adition.com — Cisco Umbrella Rank: 204690
975 KB
14 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1791
usersync.gumgum.com — Cisco Umbrella Rank: 2073
5 KB
14 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3551
mwzeom.zeotap.com — Cisco Umbrella Rank: 3473
5 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
9 KB
13 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17052
creativecdn.com — Cisco Umbrella Rank: 674
us.creativecdn.com — Cisco Umbrella Rank: 3421
3 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1121
c3.a-mo.net — Cisco Umbrella Rank: 13440
2 KB
12 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 30417
assets.vlitag.com — Cisco Umbrella Rank: 45410
media.vlitag.com — Cisco Umbrella Rank: 62396
482 KB
11 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2684
s.e-planning.net — Cisco Umbrella Rank: 6738
u-ams03.e-planning.net — Cisco Umbrella Rank: 37506
i.e-planning.net — Cisco Umbrella Rank: 5827
sync.e-planning.net — Cisco Umbrella Rank: 5313
5 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1650
4 KB
10 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 745
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 2338
ads.eu.criteo.com — Cisco Umbrella Rank: 8578
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15501
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10115
69 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
2 KB
8 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 11571
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
10 KB
8 wp.com
i0.wp.com — Cisco Umbrella Rank: 3926
stats.wp.com — Cisco Umbrella Rank: 2930
pixel.wp.com — Cisco Umbrella Rank: 2793
109 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
2 KB
7 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3746
c1.adform.net — Cisco Umbrella Rank: 720
4 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
3 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
3 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
28 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
r.turn.com — Cisco Umbrella Rank: 4432
2 KB
5 gstatic.com
fonts.gstatic.com
123 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
imasdk.googleapis.com — Cisco Umbrella Rank: 600
123 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3076
3 KB
4 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24211
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26823
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
19 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18442
pixel.onaudience.com — Cisco Umbrella Rank: 3601
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964 Failed
1 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
2 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4950
buttons-config.sharethis.com — Cisco Umbrella Rank: 5616
l.sharethis.com — Cisco Umbrella Rank: 5169
93 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 802
ice.360yield.com — Cisco Umbrella Rank: 2600
848 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 928
987 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
usermatch.krxd.net — Cisco Umbrella Rank: 1796
940 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9513
loada.exelator.com — Cisco Umbrella Rank: 29169
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 984
3 openx.net
u.openx.net — Cisco Umbrella Rank: 935
rtb.openx.net — Cisco Umbrella Rank: 990
us-u.openx.net — Cisco Umbrella Rank: 605
669 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
pixel.sitescout.com — Cisco Umbrella Rank: 4020
561 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
1 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5227
829 B
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
12 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2706
www.google.com — Cisco Umbrella Rank: 3
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
211 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1136
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1249
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1858
1 KB
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2564
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 938
483 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
587 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
959 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240
2 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 722
sync.taboola.com — Cisco Umbrella Rank: 1173
381 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1602
452 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3539
cs.admanmedia.com — Cisco Umbrella Rank: 1168
20 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
113 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
554 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
triplelift-match.dotomi.com — Cisco Umbrella Rank: 4723
207 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5098
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
gcm.ctnsnet.com — Cisco Umbrella Rank: 48308
921 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
1 KB
2 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1272
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 788
r5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 294712
970 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 27883
244 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1490
637 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1495
35 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
443 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2626
368 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 673
35 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
406 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4957
466 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8584
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
308 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 279
690 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5572
239 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
648 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
692 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1219
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1555
359 B
1 1und1.de
is.dopascalls.1und1.de — Cisco Umbrella Rank: 260571
29 KB
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 26293
215 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 776
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2142
380 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1496
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
532 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20121
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 141087
659 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2165
67 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12212
411 B
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4053
188 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
399 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
464 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
5 KB
1 active-agent.com
dsp.active-agent.com — Cisco Umbrella Rank: 59049
256 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020
555 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 29168
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3672
641 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7279
280 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
554 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
283 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
793 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
225 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1928
434 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
54 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
610 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5345
408 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2291
1 KB
549 120
Domain Requested by
47 securityaffairs.com securityaffairs.com
46 px.vliplatform.com cdn.jsdelivr.net
23 eb2.3lift.com 3 redirects ads.us.e-planning.net
securityaffairs.com
eb2.3lift.com
sync.quantumdex.io
19 cm.g.doubleclick.net 10 redirects 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
spl.zeotap.com
rtb.gumgum.com
eb2.3lift.com
ssbsync.smartadserver.com
16 aax.amazon-adsystem.com c.amazon-adsystem.com
14 u.4dex.io ads.pubmatic.com
ads.us.e-planning.net
eb2.3lift.com
ssbsync.smartadserver.com
13 usersync.gumgum.com 1 redirects rtb.gumgum.com
ads.pubmatic.com
13 imageproxy.eu.criteo.net ads.eu.criteo.com
12 mwzeom.zeotap.com spl.zeotap.com
12 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
11 prebid.a-mo.net assets.vlitag.com
10 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
10 simage2.pubmatic.com ads.pubmatic.com
10 ib.adnxs.com 7 redirects spl.zeotap.com
eb2.3lift.com
10 hbopenbid.pubmatic.com assets.vlitag.com
10 mp.4dex.io assets.vlitag.com
10 prebid-asia.creativecdn.com assets.vlitag.com
10 useast.quantumdex.io assets.vlitag.com
10 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
www.googletagservices.com
10 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
www.googletagservices.com
9 image2.pubmatic.com ads.pubmatic.com
8 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ads.pubmatic.com
ssum-sec.casalemedia.com
8 dbt.adition.com imagesrv.adition.com
8 eus.rubiconproject.com securityaffairs.com
eus.rubiconproject.com
ads.us.e-planning.net
rtb.gumgum.com
8 x.bidswitch.net 4 redirects ads.pubmatic.com
spl.zeotap.com
rtb.gumgum.com
eb2.3lift.com
8 ads.pubmatic.com securityaffairs.com
ads.pubmatic.com
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
ads.us.e-planning.net
rtb.gumgum.com
assets.vlitag.com
sync.quantumdex.io
7 match.adsrvr.org ads.pubmatic.com
spl.zeotap.com
ssum.casalemedia.com
rtb.gumgum.com
eb2.3lift.com
7 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
6 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
6 sync.srv.stackadapt.com 4 redirects eb2.3lift.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
spl.zeotap.com
6 i0.wp.com securityaffairs.com
6 services.vlitag.com securityaffairs.com
services.vlitag.com
5 sync.1rx.io 5 redirects
5 ups.analytics.yahoo.com 1 redirects ads.pubmatic.com
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum.casalemedia.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 dsp.adfarm1.adition.com 4 redirects cdn.jsdelivr.net
5 assets.vlitag.com services.vlitag.com
securityaffairs.com
5 fonts.gstatic.com fonts.googleapis.com
4 ssum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
rtb.gumgum.com
sync.quantumdex.io
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 token.rubiconproject.com eus.rubiconproject.com
4 secure-assets.rubiconproject.com 4 redirects
4 gum.criteo.com 1 redirects static.criteo.net
assets.vlitag.com
4 id5-sync.com cdn.id5-sync.com
assets.vlitag.com
sync.quantumdex.io
4 ad.turn.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
4 sync-tm.everesttech.net ads.pubmatic.com
rtb.gumgum.com
4 cms.quantserve.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
spl.zeotap.com
4 fonts.googleapis.com securityaffairs.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 sync.outbrain.com 2 redirects rtb.gumgum.com
3 secure.adnxs.com 3 redirects
3 onetag-sys.com ads.us.e-planning.net
securityaffairs.com
sync.quantumdex.io
3 csm.eu.criteo.net ads.eu.criteo.com
3 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 d5p.de17a.com 3 redirects
3 cdn.jsdelivr.net assets.vlitag.com
securepubads.g.doubleclick.net
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
3 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
2 pm.w55c.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 id.a-mx.com 1 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 s.ad.smaato.net ssbsync.smartadserver.com
sync.quantumdex.io
2 creativecdn.com 2 redirects
2 ssbsync.smartadserver.com rtb.gumgum.com
securityaffairs.com
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 s.amazon-adsystem.com ssum.casalemedia.com
eb2.3lift.com
2 beacon.krxd.net spl.zeotap.com
2 dpm.demdex.net 2 redirects
2 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 ssp.disqus.com 2 redirects
2 ads.us.e-planning.net 1 redirects securityaffairs.com
2 pixel-eu.rubiconproject.com eus.rubiconproject.com
2 www.googletagservices.com 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
2 ap.lijit.com sync.quantumdex.io
2 pixel-sync.sitescout.com ads.pubmatic.com
eb2.3lift.com
2 ads.avct.cloud 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 idsync.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 a.tribalfusion.com 1 redirects 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 bh.contextweb.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 ssc-cms.33across.com securityaffairs.com
2 prg-apac.smartadserver.com assets.vlitag.com
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 www.google.com tpc.googlesyndication.com
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 platform-api.sharethis.com securityaffairs.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 sync.taboola.com 1 redirects
1 rtb.adentifi.com eb2.3lift.com
1 us.creativecdn.com 1 redirects
1 sync.mathtag.com eb2.3lift.com
1 triplelift-match.dotomi.com eb2.3lift.com
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 lb.eu-1-id5-sync.com assets.vlitag.com
1 c3.a-mo.net 1 redirects
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 ice.360yield.com 1 redirects
1 c.bing.com eb2.3lift.com
1 u.ipw.metadsp.co.uk 1 redirects
1 px.ads.linkedin.com eb2.3lift.com
1 cs.admanmedia.com rtb.gumgum.com
1 tg.socdm.com 1 redirects
1 sync.e-planning.net rtb.gumgum.com
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 us-u.openx.net rtb.gumgum.com
1 is.dopascalls.1und1.de
1 pixel.rubiconproject.com spl.zeotap.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 sync.tidaltv.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 rtb.gumgum.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 i.e-planning.net ads.us.e-planning.net
1 cookies.nextmillmedia.com 1 redirects
1 sync.go.sonobi.com ads.us.e-planning.net
1 s.e-planning.net ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 sync.admanmedia.com ads.us.e-planning.net
1 pixel.sitescout.com ads.us.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
1 st.pubmatic.com 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
1 imagesrv.adition.com securityaffairs.com
1 u.openx.net
1 dsp.active-agent.com cdn.jsdelivr.net
1 dspcluster.adfarm1.adition.com cdn.jsdelivr.net
1 gcm.ctnsnet.com 1 redirects
1 r.turn.com 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
1 ads.eu.criteo.com 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
1 mug.criteo.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 csync.loopme.me 1 redirects
1 cadmus.script.ac script.4dex.io
1 r5---sn-4g5edndk.googlevideo.com
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 imasdk.googleapis.com services.vlitag.com
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 secure.gravatar.com securityaffairs.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.com
549 195
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5		 2023-06-22 -
2023-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
vlitag.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.active-agent.com
AlphaSSL CA - SHA256 - G2		 2022-11-14 -
2023-12-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
is.dopascalls.1und1.de
R3		 2023-07-22 -
2023-10-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M01		 2023-07-23 -
2024-08-20		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh

This page contains 91 frames:

Primary Page: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Frame ID: 5AAE0D8A59027ECCAA759A5BD1250A14
Requests: 239 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html
Frame ID: 0E4D36E5DE8ADE12EC9CA0CECEACEB29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1692264415&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692271614305&bpp=387&bdt=121&idt=678&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1867037137086&frm=20&pv=2&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C31076469%2C44759876%2C31077148%2C31077066%2C44799580%2C21065725&oid=2&pvsid=659351553091557&tmod=275439526&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=706
Frame ID: 413407C2DC1D6DE57124D6A4F328015A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA85570ED1F80DB878480C836DE2197C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4488CF712DF1423BCFFF4A8D7A5E4FF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 6B45EE3C25DC6D63B036EAFC6D45CA05
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 28611A8DF940F7805B9E00F211C8A47B
Requests: 20 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: B75769A49AC581B63C8612E6A211DBF3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 26F4E3205A9F8C493CC413E20A985A6D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0434B92D8052A7DBC7454B057C91B3D4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 53CC7A0121050DF7C30B788A21FB1D1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27
Frame ID: 2C6B9771956CBBF85BE768CE5CD7A112
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6063412394628672121&gdpr=0&gdpr_consent=
Frame ID: B4FD8755F02D514D2393EA7F421FF527
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Frame ID: 78D8501645050BDFF3183E3DDF1DB74C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268251246673197204&gdpr=0&gdpr_consent=
Frame ID: 20B95321C34138F23E06DE33C8F04784
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 257CC1913D5D61CCD8A858B947C6C21B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 24BBFABF9EFD3BF7C13E011F01399B87
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729301179276
Frame ID: B7BB3824D183E4237B7D69AA4C1E2D3A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFkmE7JvAgAACjiTBrE1w&gdpr=0&gdpr_consent=
Frame ID: 5E8E0DE565E88FC2470DC5891676B2E7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CA2BB15E5F8A07B3083006C02102DA64
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUf7de4ef9918f410289efb8ad2b56ae4e&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: E55DE457B4C9E90DCA3DA10E33CC2D3E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=918224225410427648
Frame ID: 84BFCA5B22FFFBF41A3DA79E06BCC9BA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 785E598E78CB5DC1712C2B3446E49F22
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4A39A527423F664F45AEACEE703B5258
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=133p564au1dg
Frame ID: 4CB0275232F161363C67B1990B75780E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050URahWbjTWgMXQgYa&gdpr=0&gdpr_consent=
Frame ID: 85329CE8E26C06AF4700481F382ABD04
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4E211B8F6D3C69CD599103092A596416
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: 134E71CC50F8F28B2314F2DD2FB6E4C0
Requests: 1 HTTP requests in this frame

Frame: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AADECC1A72BA5D5806F7BE15702273C8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=securityaffairs.com
Frame ID: D2512A81FC083D4A364D0D145EF307E4
Requests: 2 HTTP requests in this frame

Frame: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0DD01E81392F6CF49169CC018DCB4D51
Requests: 1 HTTP requests in this frame

Frame: https://services.vlitag.com/passback/?t=1692256733&d=24493&z=107667&divID=vi_24493107667_2&w=300&h=250&geo=CH&hn=securityaffairs.com
Frame ID: FAF54A0A39CCC8493E60930C75294FCC
Requests: 2 HTTP requests in this frame

Frame: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6EC6A44371661FAC281DC5538364225
Requests: 1 HTTP requests in this frame

Frame: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44EF9A83B7CF5AAB565F7CEC6AD5B35D
Requests: 1 HTTP requests in this frame

Frame: https://services.vlitag.com/passback/?t=1692256733&d=24493&z=107673&divID=vi_24493107673_1&w=970&h=250&geo=CH&hn=securityaffairs.com
Frame ID: A1FEDFACD2F117E540895A34D4CF3B22
Requests: 2 HTTP requests in this frame

Frame: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B406434C05371E51F361ED6A0016FA7B
Requests: 10 HTTP requests in this frame

Frame: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A85FF8B2377CF06A0CCAADF110E586E5
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Frame ID: 2E9F473B03B871FCE6A73EF380537F39
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39604A4CA1E58AE1D835DEBF4AF0ACC7
Requests: 9 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?userid=7268251246673197204&ssp=9&gdpr=0
Frame ID: 5B61EF69B26F64795B564AF500A5B9DB
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: D754CF121E785A00ECC91E6BA8D2C368
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 767E6899FC0C753F254E9077EC23C4A5
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6F777E13700962B62A177733282C0D4D
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157940&siteId=824873&adId=3599896&imprId=7B2F31B9-2A1D-416E-92AC-F97803EE7E3C&cksum=ECD07DC1E46B623B&adType=10&adServerId=243&kefact=0.391645&kaxefact=0.391645&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1692271616&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.391645&dcId=3&tldId=0&passback=0&svr=BIDAMS0011&adsver=_2513587008&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=AATeZDs_BQDgJHfercBFTl6R33wzoDSrQJc1NWXxgJANqGWY&ekaxefact=AATeZEI_BQAfM955Zd0iJAtM_WSkX5KQ77HglDShjw0cdI5N&ekpbmtpfact=AATeZEs_BQDzfVClVOr0y03Q6JVyWfTqG_IxGcNxu892kLV2&enpp=AATeZFM_BQAaggv_F-I1lSYPnN1NJdWoqMN7BvIQFSnLHzJ3&pfi=1&domId=8222502327166973060&dc=AMS&pubBuyId=20680&crID=18322084&lpu=mobile.1und1.de&ucrid=14797319907573267814&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3202&wDspId=1101&wbId=2&wrId=2610456&wAdvID=113000&wDspCampId=5357381&isRTB=1&rtbId=897304EB-B29B-4DCF-9A1A-F4D5622ADF0E&ver=12&dateHr=2023081711&oid=7B2F31B9-2A1D-416E-92AC-F97803EE7E3C&cntryId=58&domain=securityaffairs.com&sec=1&pAuSt=2&wops=0&sURL=securityaffairs.com&BrID=5
Frame ID: 9D388F221542BC82D5AF30412467FE41
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 17BB17A57629D13D660F27880DCC866D
Requests: 10 HTTP requests in this frame

Frame: https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
Frame ID: 6041B5F6B39AFDB2B39BF6FEC264DDC0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: C9F4F8213EFFB70CA4A7944DFDD86712
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44672ae83b198b19%26uid%3D
Frame ID: 047E9DB4C3180DB38572E5D46B5AA6DB
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Frame ID: A9A31AAE496B39A78990FBE59F51FFD0
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D10D6641270133E966FC9DC0BC900668
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 4E6DF9BD827C715255CD3D55990A0BA5
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: D846FE5CCE1136BEBE2E6959D01EF594
Requests: 32 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Frame ID: B5A87700F77D9E258BCD8B010EF56CDC
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 89576DFD661AE1A1F27515FE2BD219FD
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AEkjataYkDweaOa-
Frame ID: 0C559D88E364FF4A4A442079CEEE469C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Frame ID: 0199E85089182B6F0C2ACE888B438135
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NWJjNTAxZi0zOTA5LTQ2YTAtOTYyZC1kZTRkZDg4Mjk2OGU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 018D14C89F57E2C8C027BF40712EFAE5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9A46FB398DD14120756D3D9FF449046C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 60273BF517B014155E1B4437868659E4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZN4EAsCo5s4AADjKUNoAAAAA
Frame ID: AA9E253ACA0687345C66CCA9F6E62A94
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_95bc501f-3909-46a0-962d-de4dd882968e&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 31E9E83E2918FC2970C37AE56E0C09D5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 963D4E2FAF1B7E97CA3190CFC0F2449B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=8HGYLKbtsAhkpH1Z7pTO&pi=gumgum&tc=1
Frame ID: CB9E4DCE32F7834BCF4FA7D215E259F2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 958D810FEF4183EE21881A2F0FFF4DDD
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 592C7B5CCBA4B4EEA514B99D9D809365
Requests: 12 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 9D07B35762C4C8DB9F217E68E5E37535
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BBF68BA18ADD5FEF9FCED60B2805000E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Frame ID: 4A3800B7CECD8CEE33491FE95653C5BC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Frame ID: F391FF6F13D502D28AB4E47712DA06F3
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 0ED80B75E25070EC158797F6FC262EE3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB4E4A0877F048BF8C098D95F10E469B&gdpr=0&gdpr_consent=
Frame ID: 3A8317E2E7F1DF04ACA8D60CF68A55E8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7495079869
Frame ID: 32FE7AE79CD17E8778D4BB7D8C261B49
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: 7D1B9B6EDECF8447906BA2E88C89FBDF
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: 104A88B75E7DAC7221C820280949CEB5
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 3CEEAE2434C14D366D39EFF77DC54369
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: 414D20D429CE0AC5602145F17E969C3A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: C10518D557FFA282D1AE6C1DD40F2DAC
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: E03DA93249F9BB96A950522B721324F7
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: D5A6F82CC5E97630ABA670FE7CC32E9F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8F8606B3B89BA7F5FE3C32F6024E9458
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 864DAB52F60A495C5FE691A5FB01B2C0
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 97EA7DB1715B2ED0D71E7DBAF27B4057
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: B265D8766F6A071AA526B24D32C363A5
Requests: 11 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 8B601DA2733F9E3121E3FA9777DE4FA9
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: 3E53276521E6C3E7CD6167C2054C44AE
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: F206CF8795D16DC8AB08769352330E05
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=44672ae83b198b19&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: F1C9E2770447944B6BB9EAB6C3D1E1F0
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=44672ae83b198b19&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: AA2B17045BFD4ED633F6544F522F1424
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: BD0615227E05FD08877081FD19F02326
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: B099BDFEF8AFF3487C059F50E8AFD6AD
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Frame ID: 60C336D32AA4E585B73C3A6B9474DBE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Experts warn attackers started exploiting Citrix ShareFile RCE flawSecurity Affairs

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

549
Requests

83 %
HTTPS

28 %
IPv6

120
Domains

195
Subdomains

132
IPs

18
Countries

3839 kB
Transfer

8310 kB
Size

149
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143
  • https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-5hne6nsy&ms=au%2Crdu&mv=u&mvi=1&pl=22&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&mt=1692269493&fvip=3&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgQtyWeKXuD-O_1Yl_MjAfPOxeZ2Hyntw0jlnmT8ZUvMwCIFWSqQ6kIoAV9TAf5Jr6qdlsdRArrbfz8BAMzyLwbQIP HTTP 302
  • https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:2b::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1692271270&mv=m&mvi=5&pl=46&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgY466EYQYRo2s-p3QgzONOydg9xZIl2ERt93lAWvlMJ4CIBbFIjJ52RAiNcweOuDYWTxzIsjlmYLSW-aI-yaXElgO
Request Chain 161
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 162
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27
Request Chain 163
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6063412394628672121&gdpr=0&gdpr_consent=
Request Chain 164
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Request Chain 165
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268251246673197204&gdpr=0&gdpr_consent=
Request Chain 167
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 168
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729301179276
Request Chain 169
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGa21FN0p2QWdBQUNqaVRCckUxdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFkmE7JvAgAACjiTBrE1w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7110041939216051842&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFkmE7JvAgAACjiTBrE1w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7110041939216051842%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7110041939216051842&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFkmE7JvAgAACjiTBrE1w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFkmE7JvAgAACjiTBrE1w&gdpr=0&gdpr_consent=
Request Chain 171
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUf7de4ef9918f410289efb8ad2b56ae4e&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 172
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=918224225410427648
Request Chain 175
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=133p564au1dg
Request Chain 176
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=690b41c74af2da30/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DH1I2i050URahWbjTWgMXQgYa%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DH1I2i050URahWbjTWgMXQgYa%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050URahWbjTWgMXQgYa&gdpr=0&gdpr_consent=
Request Chain 177
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xC42yuNtTSelPPa8DrKu3w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 181
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=144034567 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Request Chain 182
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTc1YWY2Z0FnMTRRUEN2NXZMakF2MXVXdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4134219601264960897&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyRTM2Q0EtRTM2RC00RDI3LUE1M0MtRjZCQzBFQjJBRURG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHy_vTAjcWD9ruuI9GKqcuA&google_cver=1
Request Chain 187
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4134219601264960897
Request Chain 190
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5657fa25-7c6d-4049-ac6a-b0aa70a5e1d4&ssp=pubmatic
Request Chain 191
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7446152413719114233&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 193
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bb1b958-32f7-48ee-ab51-a56f4699514f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 216
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6063412394628672121
Request Chain 224
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=securityaffairs.com&sn=ChromeSyncframe&so=0&topUrl=securityaffairs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=a5W2HXxxdHY0QlFEblNHMzZtR3J4empmelIwWkp2S2xkTEFQZzduYVB3Z09EMHZqNDJMQmJTUmd3WWRhVXFhYW5rR3YvQk81YWxlRUZVUVR2d1J2WGJBQTRqdWVsSmpFaUxyeWZPMUJUczBydkFJb2QrVGprK3p2dVc1STJOV1hKOTFlVzdsUzBsV2JaSVZIdUZHUmtmTXFjMk1UL1lwRFdQeWUrc0JmeDB6c04ybG04S3NzODRFRGdDTzNMUFo0QTAzNnB1OVF5YU00ODlCcSs3dnMvRzBIMUZWejZic3J5RHNkMlNaUjlXTklIVVZjQU1YT1B3eG9Td3hveXdDenA5Tllqc3VEZHVDTlBwZnozdm1EU1VNWllOUT09fA&cppv=2
Request Chain 252
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGJzidLECQGRGQU-InB3QuM&google_cver=1&google_push=AXcoOmR2RLGaNLfk6NYZcjoJKgYEFylhDRiLlfOV7TZ5IpB23Rk8E7cS5gBVGp2D7UXBdqtnRwhIIxoKhK5214zUKPLeZEWWZXrp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQ0NjE1MjQxMzcxOTExNDIzMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGJzidLECQGRGQU-InB3QuM&google_cver=1
Request Chain 254
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGlgCmQf8EfNz5tc2mpptzE&google_cver=1&google_push=AXcoOmSbR1JhdQ110rToawsXbeDyZnPXN1rFK1udcNYFa9GcqBBEZKy-lzwNeJ-EVXfVPZuHjmO-LJHlrytfvogw0K60jJRpN2ZD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSbR1JhdQ110rToawsXbeDyZnPXN1rFK1udcNYFa9GcqBBEZKy-lzwNeJ-EVXfVPZuHjmO-LJHlrytfvogw0K60jJRpN2ZD&google_hm=sNta9L6pQueomeTXHZlvPSM
Request Chain 255
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMUwJJ4zEwGyVjSy1sy6EMA&google_cver=1&google_push=AXcoOmSRFZj-HAvcI6TPXUypb9MfZlzLsfyi5eTrm4OnBpmrcCLUPiCmj2m5rQyPa-u0RsUS6LPc8KyyxTFsxq7YPMJ1HawRKuj7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODI1MTI0NjY3MzE5NzIwNA%3D%3D&google_push=AXcoOmSRFZj-HAvcI6TPXUypb9MfZlzLsfyi5eTrm4OnBpmrcCLUPiCmj2m5rQyPa-u0RsUS6LPc8KyyxTFsxq7YPMJ1HawRKuj7
Request Chain 256
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJV7bNmg2H5AKXQU_rXXBBQ&google_cver=1&google_push=AXcoOmTSLI6UOK7kS4YHqIWoqd-MDfLSL0FcQpbpi2UGUT8HsrjWXVKAYhQ12WqE7oywRztb85IWgYDy-8zPNKids8J7mv2Hiqtj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTSLI6UOK7kS4YHqIWoqd-MDfLSL0FcQpbpi2UGUT8HsrjWXVKAYhQ12WqE7oywRztb85IWgYDy-8zPNKids8J7mv2Hiqtj&google_hm=eS1iSzZqQ05wRTJwRkVBcTJqeWdVNXQ3TGU3TW1fcjFZY35B
Request Chain 257
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFE33Zf9zEI2ImOaVP_pgaE&google_cver=1&google_push=AXcoOmSDaXZS8lL8CSmNmnEJGEBB1ZbTYY_YeFMxKcF5wHn5F9Vejmax_dBXnYmlCSzvU7-DXCqidP7tkvX3u99aunqObbhfA0I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSDaXZS8lL8CSmNmnEJGEBB1ZbTYY_YeFMxKcF5wHn5F9Vejmax_dBXnYmlCSzvU7-DXCqidP7tkvX3u99aunqObbhfA0I
Request Chain 264
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Request Chain 265
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Request Chain 310
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1692271617352 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5393566980 HTTP 302
  • https://sync.1rx.io/usersync/turn/7446152413719114233?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a72102a7-e9a5-412e-a052-538e891a4a90-003?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-a72102a7-e9a5-412e-a052-538e891a4a90-003 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-a72102a7-e9a5-412e-a052-538e891a4a90-003
Request Chain 311
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 320
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D44672ae83b198b19%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=44672ae83b198b19&uid=6063412394628672121
Request Chain 321
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D44672ae83b198b19%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=44672ae83b198b19&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Request Chain 323
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D44672ae83b198b19 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=44672ae83b198b19
Request Chain 324
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 326
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Request Chain 339
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0d5c5d39-7694-4bd1-a13e-0ba7919c7cf4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 346
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2655eff2-de2b-46f3-5553-544084b184c9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2655eff2-de2b-46f3-5553-544084b184c9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=76784550908184016741314098254196150176&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 348
  • https://bn01.er.bemail.it/zeotap.php?_bid=2655eff2-de2b-46f3-5553-544084b184c9&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-53941-0.576265001692271617-b1e7511ae29564d2286911ebe9a50bbf&zdid=533&env=mWeb
Request Chain 349
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7268251246673197204&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 350
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2655eff2-de2b-46f3-5553-544084b184c9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2655eff2-de2b-46f3-5553-544084b184c9
Request Chain 351
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=xzeZcFbrEPmkEqidcRCCuO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 353
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2655eff2-de2b-46f3-5553-544084b184c9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 354
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-KaPy9eJE2ooA3_iySHlaEhzqxHCwr7B4og--~A&zpartnerid=570&env=mWeb
Request Chain 355
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n9CKjHnzXDBQy0upfjRoAPcJ8vFFiem6%2BS41iYitP1U%3D
Request Chain 359
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361&_test=ZN4EAQAAAH4legAb HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4EAQAAAH4legAb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 360
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 361
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361&dcc=t
Request Chain 363
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELKIlmkQc8wD4-E6e38KSmY&google_cver=1
Request Chain 371
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4EAVsNjsjP28jsj-vBvwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcz5r9lM5qoc4xSkgP-oGU&google_cver=1
Request Chain 373
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4134219601264960897&expiration=1693481217
Request Chain 374
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wb484hKWX3F2dPvXnUWD7FFfBSM
Request Chain 375
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5v3rx-D9v5L9-O2asvCiwLKqv5v98LzA460Xgxvf
Request Chain 389
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6063412394628672121
Request Chain 390
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_95bc501f-3909-46a0-962d-de4dd882968e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=BTemUgM38gceMqAPUTrvVVFg8g4eOvFVAGc6I7hP
Request Chain 391
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28lp4lYtEyH45IAM7R3KVsAROGVYkXxq4FABIAbUqbHyx5io2K6qXxlqXoIkXlHDA0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28lp4lYtEyH45IAM7R3KVsAROGVYkXxq4FABIAbUqbHyx5io2K6qXxlqXoIkXlHDA0%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_95bc501f-3909-46a0-962d-de4dd882968e&obuid=ENC(lp4lYtEyH45IAM7R3KVsAROGVYkXxq4FABIAbUqbHyx5io2K6qXxlqXoIkXlHDA0) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 393
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Request Chain 394
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-7SrtXPVE2pcGR4O5R1daz.7XmOAMyzusPuqs~A
Request Chain 395
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=806672dc-28e9-430f-88d2-6a14f9417bd4
Request Chain 396
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 398
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_95bc501f-3909-46a0-962d-de4dd882968e&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 399
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=e83e0acc-ffc9-491e-8cdd-e79cc36408af
Request Chain 400
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=YchItTyONgvv&ev=1&pid=558355
Request Chain 407
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4EAsCo5s4AADjKUNoAAAAA
Request Chain 410
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=8HGYLKbtsAhkpH1Z7pTO&pi=gumgum&tc=1
Request Chain 411
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 417
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 420
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUxMTcwNzAyNDYwNzc1OTE3NDYzMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP1MH4MESQsaYEgwxVUYhvY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 422
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUxMTcwNzAyNDYwNzc1OTE3NDYzMA%3D%3D
Request Chain 424
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4511707024607759174630&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb
Request Chain 425
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4511707024607759174630?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-5.NywlFE2oRvWxsujPw4PDHXd.RRkvB0_dY1yemG3g--~A&dongle=0883
Request Chain 427
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=f3b671d8-d5a3-4f1d-b5b2-a5e833248a9d&dongle=013b
Request Chain 428
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6063412394628672121&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 432
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4134219601264960897&gdpr=0&gdpr_consent=
Request Chain 433
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268251246673197204&gdpr=0&gdpr_consent=
Request Chain 434
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzExMDA0MTkzOTIxNjA1MTg0Mg==&gdpr=0&gdpr_consent=
Request Chain 439
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=1c998db1ae8abf1c53290502242194e
Request Chain 451
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
Request Chain 452
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=5850bc379b5690f9c06ceb5a4dd8
Request Chain 453
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=e83e0acc-ffc9-491e-8cdd-e79cc36408af
Request Chain 456
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Request Chain 458
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB4E4A0877F048BF8C098D95F10E469B&gdpr=0&gdpr_consent=
Request Chain 459
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7495079869
Request Chain 462
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 463
  • https://pixel.onaudience.com/?partner=214&mapped=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4f09fba599f6c1caf4f1f0c2e9b3469e&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 464
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6063412394628672121
Request Chain 468
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html&tl=https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html&nf=0&rt=true&v=7.48.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP 302
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D HTTP 302
  • https://id.a-mx.com/set?uid=0d18acac-4c0a-4b9f-9830-df35dbe9c05c&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
Request Chain 479
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=806672dc-28e9-430f-88d2-6a14f9417bd4&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 480
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7446152413719114233&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 481
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Request Chain 482
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
Request Chain 491
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Request Chain 493
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=3642485598235832665 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9e475534-89fd-52e5-a818-4788ccc6438b
Request Chain 494
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6063412394628672121
Request Chain 498
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 502
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=orw5lqS8bcO5uT_L9rFwkfbrbcq5sW6Rp-zx4Yle
Request Chain 504
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkmE7JvAgAACjiTBrE1w&dongle=bzwx&gdpr=0
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4EAQAAAH4legAb&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 507
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=e6d08350-425b-4c44-b662-e18384abc79c&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 508
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=CB4E4A0877F048BF8C098D95F10E469B&dongle=yf3
Request Chain 509
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=8HGYLKbtsAhkpH1Z7pTO&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 511
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=0VVXEIRF1QwB9x5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 512
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6063412394628672121
Request Chain 513
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4EAQAAAH4legAb
Request Chain 516
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZN4EAVsNjsjP28jsj-vBvwAA%261142&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e622d5f2-9ccb-44e5-a4ae-bdcbc2db2912-tuctbd78983
Request Chain 517
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=814986434619
Request Chain 518
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6063412394628672121
Request Chain 519
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

549 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request citrix-sharefile-cve-2023-24489-flaws-attacks.html
securityaffairs.com/148981/hacking/ 		97 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2527a54dbc05270bbdb47cbbf6e42dbfe67dc399cb3e49e17c57cdbe33d8f61

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
7f819093fd6a92c5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 11:26:54 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/148981>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=148981>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyGSBMvQMwIoTe8HZ%2FwHoqbTYvd1U5Ryt%2F2p54dCfkB5sXCOux7gtTvnlrJOIpBO2LPYW2GOxdqI6qPAemS4zU0ZHk2p0106d5cyZgPOIz00Y7bmfFa6MI0wiyh8n7Kwe896FCaRFVSwutgHVS4XVsTW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://securityaffairs.com/xmlrpc.php
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b10bb429c2fbd98657b33a5cea1c15f1883dca0183c0718b27513e74c2ce3ed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50713
x-xss-protection
0
server
cafe
etag
4233540217923438591
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:26:54 GMT
style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132575
cf-polished
origSize=112251
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-1b67b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRcJiB1aqVeYoIKuTY19d1X1sYqmjnIZbwcmwn5PoSgNSgVjtQOoATYUWdBzNRCVRS%2BHLCwyUkj%2BKPHbsXx2Mk4biM9fRKzAsxLerNXaaoGMxs4EDPmMxFRxBzhFc4HkHoZ8AlGK32KtfJyFkAlUlUAX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1392c5-FRA
expires
Tue, 22 Aug 2023 22:37:19 GMT
view.css
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 		602 B
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130396
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:54 GMT
server
cloudflare
etag
W/"64d2c3c2-25a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asA3QLXzZ%2B%2BV1Da9WOZ6ythQYbaI7cKINtcNbEy4e7FxEWvv2ekbMVy%2FtyY6WG0C9FOuwciMTGbNCVUb2V1tEjqSS8HrbtJYiCdhFDDzt5%2BpOPVgpCLoTQ6sbgXls%2F7HRAhRnRxMFblHQP8ZYNrkglTB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1592c5-FRA
expires
Tue, 22 Aug 2023 23:13:38 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
182236
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ahgrQybvvwIvElkaHJkE3vlqm9Vh05NPZklxdw1tjg8EdyH9j4d4QiTYWuUYPygedWO0fLcCJl7mvPp%2BYm42iZyZP%2BS3E81uf4dylvnV6LtrAqzclgf0L0kWyiaYwRoopdHLpSlrGKMBJn7JZV4CWlF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1992c5-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 08:49:38 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132575
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4s%2BnFeNJ8fwlszZcxRVSbOck4PpCnjRhPkegcEp5AF5WBvBQ%2BiJ%2B1uzqgYW9u93vJ6VmdC2JnVLVdL7djUceB%2FluIwDJFbZlNEqQ1%2Badk2v6rLWb15ePafZKuzcRlGm4oVJaRafVlz2RnYRTW2Klm%2BxX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1b92c5-FRA
expires
Tue, 22 Aug 2023 22:37:19 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132311
cf-polished
origSize=2859
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:50 GMT
server
cloudflare
etag
W/"64d2c3be-b2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7Dfjb2YQmgIoVWv4m2sDFtqEUlSugnrJLg%2B3gTseQwOh1j4f5F5T8WrTv58cfu6F%2Bg7O7GNAVDNorXD2b42mFUdKo5%2FJ5gv1F3ETMmdMg6NJYs%2BNDzHzwkLoDxsB4LyVFpATpTib%2BUesbb21mLjCZIz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1c92c5-FRA
expires
Tue, 22 Aug 2023 22:41:43 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45830
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 22:27:15 GMT
server
cloudflare
etag
W/"64a5ee43-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uc7vI7j95ipCI4LvBUHSNmtTfoc5c7GbmBqHvQUYnjKoNA9xk%2B10AIaN0lRdd2sAN3jm6nrHsztfoHPrcs3Gl7UIiyZVIqzQuvZQQUmsOIXxK9SxsWonjI95cmT5aoQuxlufOPSZ%2FG%2Fdb%2FFmRzeNChbk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1e92c5-FRA
expires
Wed, 23 Aug 2023 22:43:04 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46009
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 22:27:15 GMT
server
cloudflare
etag
W/"64a5ee43-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RqtdX2WTYxpCwwekXEKhNt85fK0Gu88C%2Fq0yOIM8ETcLd0YEFXRBSrw7VOUdwmdOslvrXMbPHAqlWBvZILMYVNbNL1yahyA7sMQTZ8sC65XcESPEfg0WwRmL%2Bul9xslJ79f1Xg5nfiaYebugYCP4lwX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be1f92c5-FRA
expires
Wed, 23 Aug 2023 22:40:05 GMT
mu-style.css
securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/ 		0
362 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1690839156
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
222638
cf-polished
origSize=26
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 21:32:36 GMT
server
cloudflare
etag
"64c82874-1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGmEVTqd8nMPJnHNwPGDGkcNx5XqFGeMLiQSolEMT%2F5lefBp3eVfdF%2BR%2FTUv97YQ15AZ7hP3YQHH0jteVLRQ4C3dNMbqfA%2F%2F5eqhjah0Mx%2FMEvZ%2FXI%2FfD8FUE4Jz82PKD9Hevh2PHSD%2FhBRQVNmR1KYj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7f819094be2092c5-FRA
expires
Mon, 21 Aug 2023 21:36:16 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 		2 KB
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215793
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 17 Jul 2023 23:19:46 GMT
server
cloudflare
etag
W/"64b5cc92-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIuruYcAQixrV3GVfYSKi3NeNHNXL9zbL2X2UWHVXdZGN2r6xhgwZDNIGGXB2mjbn6Ir3%2FQS8t6CovdJdl%2F4MIzhl28ZOAxMlS6P%2FQdFTW%2Bo1fu18JLg32f0sHCkU%2BZQWJue5O9DfTqRU1QdXcGJdJdS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be2192c5-FRA
expires
Mon, 21 Aug 2023 23:30:21 GMT
custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182239
cf-polished
origSize=19858
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
cloudflare
etag
W/"56716d33-4d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvNO3MIWSVGfKK5zdl7g3YEV78UguG7q7%2FBhtjcnNEkc7wMwLgNhTvgSJvRYAI8bAlDNhca1h8oct%2FDoZLNUtWZ7MWEeW%2FJbCmZokxoLBf5YBz3fULfbCRHK4jiQtSLt%2BwLwKuZ21aLILzrWLfTCfr4u"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094be2292c5-FRA
expires
Tue, 22 Aug 2023 08:49:35 GMT
tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		461 B
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182239
cf-polished
origSize=539
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
cloudflare
etag
W/"56710b7c-21b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx%2FB4ZuljqbiQSDCW856vaN1pxA71Rudx2ATf5z3kldI4dqjXjPYOOli7Nfzh8RSCV2JTsXhZoK69S3tG1xh0vE6G%2BqbINhY1VS1KORKNJEmm8bsqeiUcouwroB1eEcZtPOD8NAmSbyJ2X3o4s3u56mT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2492c5-FRA
expires
Tue, 22 Aug 2023 08:49:35 GMT
flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182239
cf-polished
origSize=6225
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
cloudflare
etag
W/"56716d3d-1851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VBGz%2BWrPX1x8hE2dD8U%2Fdbf9S2sKi69HqRrwL%2BZId4q0cyAelr10ySvRExB%2BgRTExvdijEaVU1089AO21QAxioUk9IRmyM6P%2Bu588cWGG8u7DAkslqtd2pJsKHMjfQW0Xqv8fP63chNlfE66hT7rlGK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2592c5-FRA
expires
Tue, 22 Aug 2023 08:49:35 GMT
animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		1 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264519
cf-polished
origSize=1716
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
cloudflare
etag
W/"56710b7a-6b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTOlGN2kfljVB%2BwlSy7uB94UmThSfzBUwyQ1qvUiudYNaH47yoT73c7zD8UerWAYPWhdK0XtzaBiqXtL5pwy%2FbBQlCpC5q8MmcmbrEIFbFGPB%2F4%2FNNnaZpBBdBImXAhvao6TKAjozrMVcY99g3ly0LJI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2692c5-FRA
expires
Mon, 21 Aug 2023 09:58:15 GMT
font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
537409
etag
W/"56710b7a-4574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7tAfglXgHe6IQxmZTlm1EdbhWDoY2E6%2BUPeCd4zUQoErlqb7F2iriKg8XlDSdpMjsN4PkMOMwmJWBUliIb5L5p3gRMD7RMtNNh9ho2%2FJEOIg9ISHhBgOMk%2FO2zab8FN0JndSS2W95UYCYerIlBVdLNy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2792c5-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 06:10:05 GMT
swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182239
cf-polished
origSize=4493
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
cloudflare
etag
W/"56710b8a-118d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GuDP83Cg%2FnU%2FqPBdFpfAokYS5p4RKneIwj%2BRGXkjdl9jLzOctrXzcN6HbJMpKCEMyWCnOZLury8JpKq3ZYPKBONfc%2BElS7MmhdkgDXmykZ7JMOek2rdD8KYkah6wr8FNDFus1lksGUiIURUvbTWoPDK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2892c5-FRA
expires
Tue, 22 Aug 2023 08:49:35 GMT
jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		264 B
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182239
cf-polished
origSize=334
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
cloudflare
etag
W/"56710b7a-14e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV0v49XpqpOPYaCSr84Q%2FXOWEngEZRJ4MUpfYp4%2FtiKxdsxt2cE%2BhR17CA2NVY4jD3c46gGFJ96LKnbrVRsulC21VMRJYvT6cTlfiebHteTd7mLc5IbjpKsEyKL%2FjW3O3TA8eKFwohIs2WpQ7Zx%2BnjWO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2a92c5-FRA
expires
Tue, 22 Aug 2023 08:49:35 GMT
screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182239
cf-polished
origSize=112708
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
cloudflare
etag
W/"56710b7c-1b844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2RlPjzTb7J6UPD9ZuYEMtPmpqy9Fgpa%2B5NZATVwb%2F7Q57XWFU%2BjvCC0uM0NolTxswTvcWWr9RxNYLg6a1RstD6F%2FbATtLSx%2FulUeauID5vjleh%2FpcJVARaPl1%2B5Cv350rDPwTaq8%2BY%2Bhcio04jGZMDs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2b92c5-FRA
expires
Tue, 22 Aug 2023 08:49:35 GMT
custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba7c2311986ffb857dac36c0269f59bd9eb78fbf7435f2a2ebe5ba3af6fb9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BxetjdermQzrEn3pvce1PHbH2wJ%2BHTQOwfyKM03cO1D56G%2FmJDqP2HIhpBGsjXnCHZQU1C7HHCN3bkckhSM7tg8vUwPTwMrfTLhaJ47Cjxz%2F2C%2F6GBRqnMJWeal7P2nJZP%2BurlSU%2FNmKcgdWOGXJe0I"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset: UTF-8;charset=UTF-8
cf-ray
7f819094ce2c92c5-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:26:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:26:54 GMT
css
fonts.googleapis.com/ 		3 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 09:55:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:26:54 GMT
css
fonts.googleapis.com/ 		4 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:26:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:26:54 GMT
css
fonts.googleapis.com/ 		4 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:26:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 11:26:54 GMT
grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 		43 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132575
cf-polished
origSize=50674
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
cloudflare
etag
W/"56710b7b-c5f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srgbh7J5mf%2BpE%2FnD%2FVf3Ti1BwA5oFiYOLJdR%2F4ljqvFCcylaR2MKAAMxfKISXOFT0%2BMs6sU7Depv0IHI9SFGk2xKMg6HoNxIf6MQvWxn2j3t4vQNkc5HXFYAyUyS1tw8Bux4aV%2BM4NYW7BgjS2UJzjuq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2d92c5-FRA
expires
Tue, 22 Aug 2023 22:37:19 GMT
sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=12.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99734dcfce77b3d9c7555659b0e92798bee3e15a5f244da8c97287bad050d7cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132311
cf-polished
origSize=19508
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:54 GMT
server
cloudflare
etag
W/"64d2c3c2-4c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDfHvzq5G6Z29Bk4XUuDSv4bGF2BG63YvrUklPr0JfKlZpOpaa%2FcCJ2D18LplxjLf2e8YJWpwkh%2BYq7G9mde1LHzNbvTv1OZdX6F9BoJLi2hJ5yv5iQMwVWI1TGcIGObhy6B9LyGDMbqgwRzz%2BMM3xkE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce2f92c5-FRA
expires
Tue, 22 Aug 2023 22:41:43 GMT
social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=12.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
935309674176a5794193c0841af92c9d2f196d4cce2c6875f4303d6c5866abf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132311
cf-polished
origSize=13047
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:53 GMT
server
cloudflare
etag
W/"64d2c3c1-32f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ge%2FUxf%2FWeMyU1flgwH7hRa4BWTXdZaXemu%2F9g%2B1S7Ff4bMYzqjlfvPSIJKBKZwA%2FEhjboTn3QZg0Q%2B2YSFMUCUrxmo4jmSrdZO%2F9KTLT7UFOjwuMzxZHJhH2LnXM4W0dVFsJhqlEC6S5iSA8lXhy7QPp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7f819094ce3092c5-FRA
expires
Tue, 22 Aug 2023 22:41:43 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/ 		138 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132575
cf-polished
origSize=285016
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-45958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOij45rey558H%2BYr%2FRKR%2FBBPxy6P0IN6PZGqTwE62nm4yu%2BhTnp5GNgN0hkEZ2zuYe7psyfTTQ2ycuDbnr19OYfCgBtNGzRrqUVI0u4Gyzhm0b7irL40WW%2FX2Z%2Fg%2F2JQEyuzIw%2FXblP1WpX58Q9myPPp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819094ce3292c5-FRA
expires
Tue, 22 Aug 2023 22:37:19 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132575
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1D7dUqMlLkFRDFQFW4h69fOBOVWAmkKS5kXsmCyYmLvjqVgSMsVnI6rnPHTZ3AJoQah9J7CrUA65rwjzVFS7ncyUKeBFJsmpjn1SLkADa94u21xjgchcL9T5VqHbvEJ8ii6VO84LAJc%2BwJkTC2Aiyl3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819094ce3392c5-FRA
expires
Tue, 22 Aug 2023 22:37:19 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46009
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 05 Jul 2023 22:27:15 GMT
server
cloudflare
etag
W/"64a5ee43-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY%2FWntDsW82rB3%2FuktP62oHpM4cJ1qaiixGu69xxFO%2BVDo3KrQPlRc0rvaaim7HiqKFK%2BRvFSZm29tfkhWTbcUnOOXydUspcY34uLX6VupUnilfpouqirrmEcEgdDMmJoUWVxBstxqMn9LPYAElT%2Feqe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819094ce3592c5-FRA
expires
Wed, 23 Aug 2023 22:40:05 GMT
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-125.ams1.r.cloudfront.net
Software
/
Resource Hash
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:23:26 GMT
content-encoding
gzip
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
208
etag
W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
2MhoXnEEDtw7hgeN0lpwExCMSeOQu2EC2fAQUxi5OAebc6kEgMjKjQ==
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-125.ams1.r.cloudfront.net
Software
/
Resource Hash
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:17:56 GMT
content-encoding
gzip
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
541
etag
W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
JseSr5chxwxa3_3J3wKO38IKK1JIlBqhaNQ_942tJKxAre25O06NJg==
/
services.vlitag.com/adv1/ 		575 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d060d8420c1c7cf908cb32ac0bf231e12a5bd26027bf2ce8bb2a0dde8192cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
cf-polished
origSize=589289
etag
W/"221a5a398da89ace8729d1cd3c481ec7 2023-08-16T06:20:32 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f819097eb0e9213-FRA
alt-svc
h3=":443"; ma=86400
image-45.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/image-45.png?resize=1024%2C738&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c9f7b3cab2e1ad7ca00d3037abe468d8e3bb8fc008eaa083405a8cc90a8ddab9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 17 Aug 2023 11:26:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 08:11:40 GMT
server
nginx
etag
"f87413a50d4cecea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/07/image-45.png>; rel="canonical"
content-length
34188
expires
Wed, 30 Jul 2025 20:11:40 GMT
Clorox-Companyu.png
securityaffairs.com/wp-content/uploads/2023/08/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/Clorox-Companyu.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbac956ac0824fccac32081f23ce182a6b707159b24b35340dfcb43ff9db5e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15957
alt-svc
h3=":443"; ma=86400
content-length
48971
last-modified
Wed, 16 Aug 2023 23:28:32 GMT
server
cloudflare
etag
"64dd5ba0-bf4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKypR6%2FWh9z8VZTgG1ELG0Bcp2Zb6pwqQMjZGlQbIyadTfv5U4YVglds53cQMuEaF5CYcwMOjAn%2FahXNuBauM811dKhj5uyMxk4YIIPA5RpPGu0F8B33B2atfeetN2tqK2oofo%2BrQtTWen5bG0bNA3DQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7f819097ddadbbaf-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-45.png
securityaffairs.com/wp-content/uploads/2023/07/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/07/image-45.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2488b8fea1a0d0951af61a3f55c92d707bdf4a673b35d305d93661fb777eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68997
alt-svc
h3=":443"; ma=86400
content-length
72551
last-modified
Sun, 30 Jul 2023 19:11:56 GMT
server
cloudflare
etag
"64c6b5fc-11b67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vj7cH0B4s16J3BNKS2VhMah3dOJMlSoeweYNl2h5EzSP5mJvihhc%2Fru1IpFntM1R6vefO%2FaBtoBanztJ754%2BWGk3DlCDocXBQoXSi7gog%2BKN5greBFoLfn5LsW1dSjZ76swg2mOxkVM9ZXAadqTIEGvv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7f819097ddbdbbaf-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Aug 2023 10:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d9fe95-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJQVLDzI4Uq%2FCf4wbqj%2FjCC%2FtWnulU%2Bzy8PlLOFKvExl%2B5s1x%2FkOw0icu%2BEg%2FzHT4pvfXnLytbrg9N%2FwqkLL4Fg21ge32DRJinJ%2Ff%2F%2Bo2Q85xRPYBqK6%2BhAaXH5vvtBpTLwy28Gda9m53jD%2BjVSCM8Bz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f819095bacebbaf-FRA
expires
Sat, 19 Aug 2023 11:26:54 GMT
image-44.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/07/image-44.png?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
16e5ba3dfcd97cd7f52ee974e66a8f30bdc2f1b565bcdc7a6db66185c82a05b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 17 Aug 2023 11:26:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jul 2023 00:42:54 GMT
server
nginx
etag
"89657fa54ba5ae89"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/07/image-44.png>; rel="canonical"
content-length
3956
expires
Wed, 30 Jul 2025 12:42:54 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b88eecdd9a5c14608e54b092b2e6dc0b50eb77e170c993790eb89f53682b7c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 11:26:54 GMT
image-cdn.js
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129803
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:53 GMT
server
cloudflare
etag
W/"64d2c3c1-2bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=462wD1%2BLldiOc8W5z%2BU5vkbJfbaAE9hEIrCu2CH2ugZrtGjNeXhPoSq25TCuT28lU836yHOvK%2FWPvPDTCu6ik4Mt1%2B7M9Vh%2FHK2y2NcWZEhdv0liXkXVOozbXHHsE9Ue%2FrlC8MImydLcg7myWN6kEClT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819095eb0abbaf-FRA
expires
Tue, 22 Aug 2023 23:23:31 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132362
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:50 GMT
server
cloudflare
etag
W/"64d2c3be-2a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2Fz2Sup5jscY%2Fbtteg%2B3fGn%2FAqGi3NMH3n3V4CMqbTqkBL4BLbIhgz5vW2%2FQsmmebi2%2Boatfyn45y4Ie8tdud1AwIRQomqjRb9Vhou4UTtYy9d82y6ZQNwv4q1tXKWC9a8RlKRO8bRcqkZ5AmpuYWLHl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819095fb27bbaf-FRA
expires
Tue, 22 Aug 2023 22:40:52 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132528
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:50 GMT
server
cloudflare
etag
W/"64d2c3be-328f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zYxCUZ1y9jokchrowDRHeouNzS1znnld25Oc%2B%2Bx%2Fcie5yasV6t4DumE37IThKl%2FS%2BRzfEhq1ol5ArBH66y%2Bp9AMO4LTbaTx0VzVqqSj0m1BaYecNcErfbyNg2xQFbBBHOiL4n0V7fLaDBZ7OQr61hdI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190961b67bbaf-FRA
expires
Tue, 22 Aug 2023 22:38:06 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337207
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Jun 2023 12:32:52 GMT
server
cloudflare
etag
W/"6485bef4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kCPI8l%2BNGadmFTO57wKQu0MukdyBoP0eE1gSuEbI7J8Mz78KgSVOz7%2FD4t3ZsYgdg%2Fb7oMbK2Q0frnSmWAkKu7ZfxdCnnPB4AbFFlKN7kKKPufGI8OVuG%2BBtZxZmetJVsBnM2sBiv4QwTqMPGvITfnF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190963b91bbaf-FRA
expires
Sun, 20 Aug 2023 13:46:47 GMT
hint.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		467 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228932
cf-polished
origSize=987
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyCPqcSr%2F9KEI%2B2XBFwYy%2FxDukqD3PJP6yVZyXIsLlsob5Noi4v3aqTPJuJ30Xw6FGtzG5TqPm4%2FuM5gol7YQPzrMQaT1pJuWQE3IBGqSDgI2aSIPpDpR8nEeqZi97QGlgGrTM%2FE%2FQE8RMQH%2Bdrg%2Fbo9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190965bb6bbaf-FRA
expires
Mon, 21 Aug 2023 19:51:22 GMT
jquery.tipsy.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174924
cf-polished
origSize=4371
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-1113"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3Y%2BO8laylqZy3myp0oVOu3jdKpmur7VJ8aXuhd7Cs63GmWajEuc1k82a1q4M3N7zaDZ0Lgob2miJkEYXVnW%2FhCLFfv6tCXTRGzMCJKZnQPqSCkExwI1oJGRZEG9b%2BU2IRV2DpxfQZjirnBS6fUlHZ13"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190966bddbbaf-FRA
expires
Tue, 22 Aug 2023 10:51:30 GMT
jquery.easing.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177537
cf-polished
origSize=8097
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
cloudflare
etag
W/"56710b89-1fa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNik%2FWuqaNc9CyZrdRgVzPCBm42Bw%2BcMc%2FGd%2BLWnNFb%2BAihwnDilSd6WWU4EGRVMEGPDZG9sqYnjc%2BwGM8jAutuUOh8zPR9%2BwSY%2F6QHQK40TWD8ngvd05UIoGkZsyPC73W8KcMA74ApXyN5T3cBcBqUU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190968c00bbaf-FRA
expires
Tue, 22 Aug 2023 10:07:57 GMT
browser.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185737
cf-polished
origSize=2614
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
cloudflare
etag
W/"56710b88-a36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbGHtgxjYl1424sSjWhXMIzO422D0ObtgtFZoGTVund7A1c8FCd0O8YtPmwd1Crw1DyRtj2Zk%2FGyRrvjNxpnBZgsYvzcD%2FyGOjiQ0Ho8Fa%2FYkNNv9EakJC9skJQA0cedyrJ6LzOY9Ctf0hoF6wBUx4FK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819096ac2dbbaf-FRA
expires
Tue, 22 Aug 2023 07:51:17 GMT
jquery.flexslider-min.js
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416466
etag
W/"56716d3e-53ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACtXVGiKPxvr2jHf%2BI8d%2BgGzoavxKKIdAk1e2E9mOsj1T5Ter3k6iOYH0LdLyak23IIINT8YXFRrIzCaKB7W9m767XPwl4qaA4y4TGvirusFpvw56F%2BR9i%2F1OwBiJHRsNuMciDWTU4VGpVvBG%2Bzy0D2o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819096cc5ebbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 19 Aug 2023 15:45:48 GMT
waypoints.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
544521
etag
W/"56710b8a-1f6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nr3hotQeXgZdJjnQZWHed%2FQ6TboVkWmRU1hP1ygRI2FXnlZUBrDhNKFOgg0kUvhmckOlpTCvAkTCIjQJkhYtfkEBJ9z%2BQ1krRDnCtOf7b4PO%2Btjm7vElCi17Ie2qyLNyrVoNlbCb%2BN41emxpe4NW0OXn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819096ec91bbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 04:11:33 GMT
mediaelement-and-player.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
177537
etag
W/"56716d42-11571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFH8VA3WYSsw109DzxvbE%2FLlhMhkwxYKFUNj6JMnIFsGv8xnErdb8V1yYYlGj0MILz31jPFM8wD4JClrHU%2BRxC9t1m1sEVXCjJ9rJk4TFpWI5DApkshsWkBxdvEWZID9rV1RtQ5FQs%2B6mQag8OU5jbLX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190970cb5bbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 10:07:57 GMT
jquery.swipebox.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
547470
etag
W/"56710b89-2a67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLdENa2qmn2E0IIf%2F6eBh4%2FMPtlvDHe8x14u89Hg3zT1km6VO4bG9a4B2cb1Jq2C1TtQF2CjtXQo3c%2BfP4B1V5uHLQ0dIGDn%2FFRNjH1EbDVicvnf1puUeXWW5TG5whL1dtLz9FMmoEDosmqKOnP4rl8X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190972ce4bbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 03:22:24 GMT
jquery.circliful.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
177537
etag
W/"56710b89-c18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLWTENyn4AFR8L21QrNyQjQSLj1XqPekFi9jk%2FdVxzZ8%2BKKssoieUxXIp6ZirJ6jCOqeqGs4bAMDcQN1TYCMIwdacNTsIfhnkrLmVQJfmscF182hNlEKIpYNCxfaVXDgOnO4ONX3iBIwX1q3Gd0zX7Qa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190974d08bbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 10:07:57 GMT
jquery.smarticker.min.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178482
etag
W/"56710b89-3225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGEBqvLPizEftmVKURCEL2vP7C7FP0QyEAl3O17Fl87Nv7Y1nl7eBhpMcFU0AAaog4Dj24EA5mbklk4ndqNyQlP1GwKmkWCAOmeKTNUt2iqdC%2Bh%2FHiklZm3Hh58B4SgKEUCuOtEnzsOSSEqsGATQA0tZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190976d24bbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 22 Aug 2023 09:52:12 GMT
custom.js
securityaffairs.com/wp-content/themes/rigel_old/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73796
cf-polished
origSize=12756
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
cloudflare
etag
W/"56710b88-31d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVu5iaabrJZOacu1sGCs7V2Z1iOs9cDak4db5KXOWBYR3il2v8oJuYJl4UiFvc8SEh2BGMEg5opTdbE09FmeQCoGtBnhouv5pxi5F7EX83sHrs2UJ6n%2FHqX6JJgX1wlrlTxv6CjRpJ2mHncBcYxKChSz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f8190978d49bbaf-FRA
expires
Wed, 23 Aug 2023 14:56:58 GMT
e-202333.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202333.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Aug 2024 06:45:23 GMT
sharing.js
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=12.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132527
cf-polished
origSize=18206
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:37:54 GMT
server
cloudflare
etag
W/"64d2c3c2-471e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDW916vsFFGr8a2x1xKeYVS0eAYqv7pKaMtMyPHAFuI8nvVgLhLpqt9lFugMPITLQOAqAZK74Cvuz2TXerRm0PuoD7om23KjOa8MEbtvMLFtu8M00AaL90AA4QBEQOAPvzfw8brbXkSAGU3XNS%2FE4r%2BD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819097ad7dbbaf-FRA
expires
Tue, 22 Aug 2023 22:38:07 GMT
1710701c-13de-4334-8a59-e3f49f6196c1
https://securityaffairs.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityaffairs.com/1710701c-13de-4334-8a59-e3f49f6196c1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31077066
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94bf45cfcca9fc9527e0f2b1fcab37720dae79ea210f1816a9de8233aeafb142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128226
x-xss-protection
0
server
cafe
etag
16106408425385369574
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:26:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/ Frame 0E4D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 06:56:55 GMT
etag
13776922816869014096
expires
Thu, 31 Aug 2023 06:56:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
64b5cd2fd23b930012608ffb.js
buttons-config.sharethis.com/js/ 		927 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/64b5cd2fd23b930012608ffb.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
DUS51-P1
age
4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
927
last-modified
Mon, 17 Jul 2023 23:22:28 GMT
server
AmazonS3
etag
"56f01d1dc4635d0cd55fc8c794bbe43b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
VRMzCrKURqAWHwzguo8Z-CQ_aXVc0i1kmWczYcq9CWaTi32oFaEsjw==
gtm.js
www.googletagmanager.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82d6749f3162bc12dc16e45f807d778ad378793a1c88f98299eae25c5593a66c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44441
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 11:26:54 GMT
pview
l.sharethis.com/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&product=unknown&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Experts%20warn%20attackers%20started%20exploiting%20Citrix%20ShareFile%20RCE%20flawSecurity%20Affairs&cms=unknown&publisher=64b5cd2fd23b930012608ffb&sop=true&version=st_sop.js&lang=en&description=Researchers%20warn%20that%20threat%20actors%20started%20exploiting%20Citrix%20ShareFile%20RCE%20vulnerability%20CVE-2023-24489%20in%20the%20wild.%20Citrix%20ShareFile%20is%20a%20widely%20used%20cloud-based%20file-sharing%20application%2C%20which%20is%20affected%20by%20the%20critical%20remote%20code%20execution%20(RCE)%20tracked%20as%20CVE-2023-24489%20(CVSS%20score%20of%209.1).%20The%20flaw%20impacts%20the%20customer-managed%20ShareFile%20storage%20zones%20controller%2C%20an%20unauthenticated%2C%20remote%20attacker%20can%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.228.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-228-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:54 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 03:38:46 GMT
x-content-type-options
nosniff
age
28088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Aug 2024 03:38:46 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 21:04:36 GMT
x-content-type-options
nosniff
age
570138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17908
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 21:04:36 GMT
fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9299422
etag
W/"56710b81-ad90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6tnbfk5W0qbQEBDa8tcbIrFhU0mu24tUinoJDXXzs4mCLKG2e9dwuglMBHBRplZtQnaDLaKGzDQdBlKcTgTHlh%2Fw5jmeq3igS4qMjxs6beDzXW74aHMMxd9PfZjUfNRSBnN7cMGhPE94C%2F1Q%2FTGxeh5"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=315360000
cf-ray
7f819097edcabbaf-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:19:27 GMT
x-content-type-options
nosniff
age
112047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 04:19:27 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 23:21:55 GMT
x-content-type-options
nosniff
age
475499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 23:21:55 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=fdac7e82ceaa541b1007433f3201d7ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 02:30:15 GMT
x-content-type-options
nosniff
age
464199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 02:30:15 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
486b694c4933bf0e1a51c429bdbd97e80ac818f4005c89885800230da524d4de

Request headers

Referer
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/octet-stream
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 17 Aug 2023 11:26:54 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Thu, 17 Aug 2023 11:31:54 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 17 Aug 2023 11:26:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"90081d39f1874091"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
30524
expires
Thu, 26 Dec 2024 13:09:36 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 17 Aug 2023 11:26:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"f66b518bba6e1555"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7234
expires
Thu, 26 Dec 2024 13:09:36 GMT
newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 17 Aug 2023 11:26:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 01:09:36 GMT
server
nginx
etag
"d8c02e2ccf1e41bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
18968
expires
Thu, 26 Dec 2024 13:09:36 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 17 Aug 2023 11:26:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Dec 2022 00:56:49 GMT
server
nginx
etag
"a583ea31753e6f10"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Thu, 26 Dec 2024 12:56:49 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=148981&tz=0&srv=securityaffairs.com&j=1%3A12.4&host=securityaffairs.com&ref=&fcp=0&rand=0.4580873329941355
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:26:54 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
twemoji.js
securityaffairs.com/wp-includes/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132527
cf-polished
origSize=33089
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-8141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNc2FDX7034egpEnNS5l2NTSzn43NWJLg0j2a0M5hWfkuxnJi%2B3%2FUN59iWACGNu52uqUt7lYCZkbfNBHSo1012BebXSX56Z0eze1%2BOxk3eocLNTcnHgzyBAtvKj0%2F8UGQeCrqZ%2FcH4jcNYR8Ey9qqfF5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819098cf09bbaf-FRA
expires
Tue, 22 Aug 2023 22:38:07 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=fdac7e82ceaa541b1007433f3201d7ec
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132527
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Kdbww5XdLZMdkmK7Kk33sMsaRaVlZI%2FRP%2FqorkuB%2FTL3utPywDRnIopQmQRNQjsQWpOGtFhocqxkx5Lnnn8DMP3yRi2sLyzUF3luAzYnd07e7jEstyMIZUGX0%2FnW0ccuZkoMPQtkgZxHxB6jmO3EoB4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7f819098cf0ebbaf-FRA
expires
Tue, 22 Aug 2023 22:38:07 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e67aef6c33b92fd72a5dbfe92b7501ee4089c6fbd05f310f2f1dd8e908d581be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82012
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 11:26:54 GMT
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3890&_p=1434909927&_gaz=1&cid=856126999.1692271615&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692271614&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&dt=Experts%20warn%20attackers%20started%20exploiting%20Citrix%20ShareFile%20RCE%20flawSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=856126999.1692271615&gtm=45je3890&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=856126999.1692271615&gtm=45je3890&aip=1&z=1462106467
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31077066
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
081efcc878ce0438aabf52ee1fb360a3718b53921e2e07c25bd7c5cdd3fbbd09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4134 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1692264415&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692271614305&bpp=387&bdt=121&idt=678&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1867037137086&frm=20&pv=2&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C31076469%2C44759876%2C31077148%2C31077066%2C44799580%2C21065725&oid=2&pvsid=659351553091557&tmod=275439526&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=706
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31077066
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/cli/ 		42 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0844f9c0583891902cccc7829921a0a4d2605e7061ced2496a02cb8170e2a245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909a1bc09be6-FRA
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je3890&_p=1434909927&cid=856126999.1692271615&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692271615&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&dt=Experts%20warn%20attackers%20started%20exploiting%20Citrix%20ShareFile%20RCE%20flawSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230815&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31077066
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
708b9b01c5620452c2276336830c8baebe0b0c4265f60b27d8101dc522342840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11635
x-xss-protection
0
vl.json
services.vlitag.com/vld/1692256733/ 		13 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1692256733/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 07:46:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909b0cfd9be6-FRA
content-length
13
alt-svc
h3=":443"; ma=86400
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/obj/1692256733/ 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1692256733/221a5a398da89ace8729d1cd3c481ec7.json?cc=CH&hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5c159ccf8b6fdfffad548013be4fda608eaec863ce4c2f657c3cbeb6365f724

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 08:09:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909b0d029be6-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com&bust=31077066
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 11:26:55 GMT
prebid-7.48.0.js
assets.vlitag.com/prebid/default/ 		561 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
704995
cf-polished
origSize=575587
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 08 May 2023 07:36:47 GMT
server
cloudflare
etag
W/"6458a68f-8c863"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
cf-ray
7f81909c0e1f9213-FRA
expires
Sun, 09 Jul 2023 08:07:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756a6f162302389f5e17e39068131de06d1da71af2d71e902ab7288766b751fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28636
x-xss-protection
0
server
cafe
etag
602 / 19586 / m202308100101 / config-hash: 4602172780968577675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:26:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Thu, 17 Aug 2023 11:26:55 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1154139
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
cf-ray
7f81909c0e209213-FRA
expires
Fri, 04 Aug 2023 03:21:03 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-65.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:40:02 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 21:28:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, DUS51-P2
age
2813
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
AfLaL8N1olGw5TA1_SuDCbvLNTCJVCdkqnEoFrkOYukcaNcyXlAmkQ==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA85 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 10:58:22 GMT
expires
Fri, 16 Aug 2024 10:58:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F448 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98bd886da3458da8602dba5a435be2aec8dd0bcba20255a624a3268b9f5deb40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HLWbjrzWM1xi36QQUXLznA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-HLWbjrzWM1xi36QQUXLznA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:55 GMT
expires
Thu, 17 Aug 2023 11:26:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
pagead2.googlesyndication.com/bg/ Frame FA85 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
137449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14718
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:16:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F448 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230815&jk=659351553091557&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-65.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
date
Thu, 17 Aug 2023 08:29:50 GMT
x-amz-cf-pop
DUS51-P2
age
18462
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
p5oWYnsKKV2JABFR4QIcVJps9o3qtdmjy8k9sWltU4-znWebOkRpKA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
3396
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 10:30:19 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecurityaffairs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-65.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 07:49:04 GMT
via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
age
13070
x-cache
Hit from cloudfront
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
MGUYAwYj0ED6pVzi4CzGmQ5rM_3Y-nihV9ZuJKovL_MjEqqMQrAycg==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230817
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f4ffa37f1248e72a8a1694f0ddda6a01e8a9de7762db4e5e45839577f898a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26762
x-jsd-version
1.0.1784
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-yzB+AVsdTJ7uVbjYg7uoqwfHXg0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFianY8h%2FY09DmQdCg0BPCzqxGaGM8km5HfmHj%2BDKRLQSG9L0btdvjCnmR4jNZaELlXv8UXIrCE4S81vYZOYfOs%2BxR9JsA5a0Ou79k1hwyXloUQcS8n%2F1NdLXNnXiXbIoA5gSbKmFsyuD818ikk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f81909d78a3372f-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:55 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
516460
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGZKSdDtqXfltX0hahUwTZwLO%2Fk5pTtPtJjMw605UFXi8zD40QSM64EEzp1qydnXC5SGeHCrhPdkfDpcv6ebPDitJtCHHG%2BaIJmed8ka2TetjB8hkSZnsdkvB6U2KFP7eqBRvLHZ%2BT7QRU3L"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f81909dea4f693f-FRA
c
prebid.a-mo.net/a/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f81909dfdea37e0-FRA
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		1 KB
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f81477562243cff0c56616fd2a1b40a7f1c229ecdb950eae4e5e119234344dc

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:55 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f81909e0f5139da-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
36653facf1e445fbdf025dbdced6e349f0877ea3b2b3fc2cf98121ef62fb2285

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.112 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:54 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=0&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_24493109421_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A109421%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
8CFR3WDV55WP15WZZHYZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
C9JA7qX0gG78WaiAwNTD_kwz7q3kjsi0-fxH22UXFE5E092079SfoA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAaPYTRzdNUqwBBaqB-MAwt-PBZy-atwa-aMPrMrKarUaeRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRwkjNARkjmNPTAbYBTRwlNqdb,hxwdqzoe,ldqkzqrltkctkRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ajop1TYNiU6J0JJkPW%2FdLDh5my3DlHGG%2FPQBw3fQfYNksCAggbZdTX39Xz7Yb1EW%2FkDLOwHoCVanw5qgvipWMSnN%2F8gzBQDNwmwmqLZUfZoCnrIi9VexEEtCPwRZlNNdbllSYMo8eDlcQrL4XTQFCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e29be371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAaPYTRzdNtZAeBKew-wtPe-PeUt-qarB-aYyAUqyYZUAaRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YPPaBTAaPYT_oflzktqdRwkjNARkjmNUPAbPMARwlNqdb,hxwdqzoe,ldqkzqrltkctkRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKvOFVwGNU7l9d%2FsuvpJAjmaUeo6LK3lwxHXHOz8NOhR2kbKI5xMSonvT4o0MNWqnvR3bXrhcXrtQWojJC8gwJVCpv72um3f%2BK54c8cwheSj%2BKjga95TwvC3vT%2Bky0TaxfMjO2cdbaDQevmgYbMyag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e29bf371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAaPYTRzdNaKTYBTMa-yAwt-PTqe-aTeB-UKYqZKAYqYayRlmNBBUbPMARdzNwqfftkRqxeNco_YPPaBTAaPYT_wqfftkRwkjNARkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNqdb,jxqfzxdrtb,kzwigxlt,qrquog,hxwdqzoe,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgTqlPuUu5Q%2B7bP4bpDMvoi2Kg%2B8kkEdfEA8h%2BGtLE5i1lKnck4o9yYTgHsejWQVqyCy7sQCcGqMClpoJMKun1v5QrPl9z3LoP5NfICnXkte0WtqwID58zg4BFo3K8Z1RwCIhLMb3Kgw4%2FiLqqWbAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e29c0371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNYrKZBtBw-eAYt-PqAP-wMyZ-YAABTKZYBZBURdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNTRmNTAaPYTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnimIpqltfihaqM3%2FL4UebMs0g8QMbXZQIZdRnvmucmzhSKNNmgp1AodIDKQGw765ZpU66eh6S6fEmZgEGb1OoXWRLD2QYe6gWuccG0Y1tXSbY5PSB1XQRsXyeF6TsE04XhM0bdVDdpSWZyroYf5ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e29c1371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNAKYBYyqe-ZwyU-PPyA-qyYB-KrPwyyyZyyKtRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNTRmNTAaPYTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lt131BsglLYpkxcHbXIgYodywXwlIb2Ef36BkF6F3MgXV0n1JlnrGPRrD5%2Bk35bgmaF8hx%2BfcTI1AwxyrC7GvlqpgEy9hkApQb4eSMC2iVyrpaYXhH5bhLQwIpYH4tqjl8WJYcmwT%2BfCSMeZEw4stQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e29c5371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f81477562243cff0c56616fd2a1b40a7f1c229ecdb950eae4e5e119234344dc

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:55 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f81909e0f5539da-FRA
expires
0
pbjs
useast.quantumdex.io/auction/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f81909e0e0737e0-FRA
access-control-allow-methods
POST, GET
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=1&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
GQXJ2VY9T64PVS320Z4H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8jeeG73Tz4k2CiAWHXunWfx0MM1epObff3oMTOJ_a1d5vYQL0itEOA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNYqAPATPT-rttr-PUwM-aaUq-yKwqKAeABZMwRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNARkjmNaKAbaARwlNhxwdqzoe,hxwdqzoe,qdb,kzwigxlt,qrquog,jxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1agz%2BXosS5jni1jpN8EN3R2lM4S1nezzO8d4uKKG4THmGTlhFELucrgRv8lCxBJVNq0OFuQojvhUl3DAFxmij71f29Ceds30UlOLYTCLSTcJqrX1N1XUi%2FmEHqo5HyJ4HGYfFpX8jH33vnOtJ8k1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e29c6371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNUqetAYKY-UPqM-Paqw-aKaZ-PAqyqPyqaqKwRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNARkjmNKYMbaARwlNhxwdqzoe,hxwdqzoe,qdb,kzwigxlt,qrquog,jxqfzxdrtbRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEr6Ih5OgerbPzQH6%2B0G7aQRg7Gk1dH2LlzGnrUwJ9aN7U9AhOFPQS6Ap7s66PxzH2x2GT7uwTfP3gv%2BMbhuZlO75MHVGAGywhRhGJ6%2FMBnpngmEUOhP%2FTYQHQhgxZRHAGwUH1HpVAvSk0j4W1YnmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e5a0e371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNMYyrtyTr-ZPwe-PAPT-araa-MteeyywZPrBZRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qG0BhlfQ1JJDP6%2FFWJzc9JNmi1iXB9ZoQIHfk7l3ngUg9Cju%2Fs8sc%2BXozJnxOMF7t6%2FlqlQ5sIWSkaKKlgydGuXqGHdWYmdYRg5LkzJOYEwPNh2v0xBTzNt%2BSNI8%2FlAfZi%2BM6xhrIUB4TvROzixhsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e6a11371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNUBYawKtY-ttAY-PyZM-wZYM-PAwqPAtPBeUyRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQ8UOpcl4TudrA7VrMkoc0r18r731QbqQExgiWyzdKx5AH%2BJm3Cuak39tlFJFkMILn%2FPKazI2bc5aYvvvvjG%2BQ0g3MY9Avv94UVxuVhNUB%2B8uLqPozXHUsHb4TJKK8Enwj2FZOpTX4O6%2FakH5XmwsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e6a12371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
CXCZRFV9101EQRYHW61P
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
ymfVjk1D3a2yKxoGX5HEa_UuvwnZC3rZgQ5aNzdSmFfcetoUagsS4g==
1679645040.png
assets.vlitag.com/widget/2023/03/24/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1154089
cf-polished
origFmt=png, origSize=323185
content-disposition
inline; filename="1679645040.webp"
alt-svc
h3=":443"; ma=86400
content-length
100856
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 24 Mar 2023 08:04:00 GMT
server
cloudflare
etag
"641d5970-4ee71"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
7f81909e3ff69213-FRA
expires
Fri, 04 Aug 2023 03:21:04 GMT
c
prebid.a-mo.net/a/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:54 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f81909e6e7c37e0-FRA
access-control-allow-methods
POST, GET
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31426097b330a7136add6c1c3fc77c3db8f49ae924fe475284c463b3ef22903

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:55 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. No supported banner or video size for adUnit: vi_24493108384_1
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f81909e6fcc39da-FRA
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMPRzdNAytqUwKM-PUtT-PeTZ-MUYt-wrtwMBUBUTwYRlmNUPAbBAARdzNwqfftkRqxeNco_YPPaBTAMBMP_TRwkjNARkjmNUPAbBAARwlNqdb,jxqfzxdrtb,qrquog,kzwigxlt,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITH4vSEDD0NVEdL8BCHMeH%2B%2Fvynzao%2F4nq%2B5vkBq3EuAjby8QV%2FZT4kYFna%2BSaFggbnq3uu4LuD3iPxekNBur7UX63p1dvL40V3EHOcGn1U40f1vHF7lEwBeNZnmZ2UDolvn9sgqudrbATNQE36cQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e6a13371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffdec5b8be104d3a27f94162a5c0f2ef7bd9ddc4a5b0ef35ab43a5cf149b905

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:55 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107667_2, Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f81909e6fdd39da-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:54 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f81909e6e9537e0-FRA
access-control-allow-methods
POST, GET
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
DW4A3C4DZCXBWY8EJB0N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
nBgFpSNEr-qL7K9X9AICUMJTBy28q-DEZFoSkCVGxKPy81-HYEM6oA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=2&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
0AE34ZVTGZXJRED6MTGZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CyTrwlV2rr7tmXeGu7OiJU_-2WHsWLx3Zvwty8vtKyXRzDoZEclpBQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAKUUKRzdNKyUtAYUT-aqeq-Pyww-qTAY-AttTetwUTAMaRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_YRwkjNARkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNkzwigxlt,qrquog,qdb,jxqfzxdrtb,hxwdqzoe,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j98CNO30Sq3d%2B6jL0IaRB%2FIiRCBwGhIwKg8plNVrrHdbHRspWvAzLvuWGpba%2BPhffFk%2BUebBpkzY588pwP06RAdSa8cgszFvArqoPbHhyCNyb9xyleqp5t3OwMkOCuz81kdJZ5w9NcsUTh1NalMnXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e7a33371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNqMweMAaT-raAq-PKyr-qwYT-MUreBqeTKPatRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNTRmNTAKUUKRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sS13BAPMirFgLb1qiY3shFY0YA0mlmmi4Pvgp2bcCfb5Z6xBYwic0uliTO%2FVvRnplgIuGJduMUBzeG9zBTFJGLQ6SUsuKXaTb%2BhyEQQuY50SQRL%2FkUTN8S%2FlZBeBEXuyla9uXfFDvpoSX16YiCWsYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e7a35371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
videoplayback
r5---sn-4g5edndk.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C...
  • https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C...
161 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:2b::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1692271270&mv=m&mvi=5&pl=46&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgY466EYQYRo2s-p3QgzONOydg9xZIl2ERt93lAWvlMJ4CIBbFIjJ52RAiNcweOuDYWTxzIsjlmYLSW-aI-yaXElgO
Protocol
H3
Server
2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

client-protocol
quic
date
Thu, 17 Aug 2023 11:26:56 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
last-modified
Sat, 03 Jun 2023 08:32:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-33307028/33307029
cache-control
private, max-age=19522
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
33307029
expires
Thu, 17 Aug 2023 11:26:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692291438&ei=Dv3dZOaVDNS1sfIP44-LwAw&ip=184.164.141.146&id=o-AH59Vka4II1-294PbI6v2FzLvZ4WKBRw8aSGPukXbRYB&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9fyhAqX1GYhLZZqNPYo57TA_RYgXGcqxzbXC9aA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=xFj88cJ8DyIV9glJfjo3TNAP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&c=WEB&txp=6216224&n=_JgZdWeAuX0os7Na&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPiWysTV3dwAx8YuGfzBp7WqcZhhBRfzU2o0i_R5h-yXAiB2OIlNgU45uc3vidXBhHjnvStsNBnpJnb1zA4W1Q6wGg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:2b::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1692271270&mv=m&mvi=5&pl=46&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgY466EYQYRo2s-p3QgzONOydg9xZIl2ERt93lAWvlMJ4CIBbFIjJ52RAiNcweOuDYWTxzIsjlmYLSW-aI-yaXElgO
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
19G63WFBYN7D0CY6BSA2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
WhymVQpugQ9ojWqI3tnCviguunr9Yu3hzWQFSac05HP5GHKfhrIxug==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=3&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107673_1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A107673%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
AY9Y7GYZKDWZPHR2HNNZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
3t-JL688gEB88DD6DSpziwoKXpwo-1VuVITMPDl9vp5kzCFocbgFgw==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNtqyZwZqP-AZea-Pqwy-attK-eUyMKMwYPUtKRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNaKAbYZA,aKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNTAKUKBRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS2McfsfNgDFESyXM6VQRb45OxlZITh1FpYRh38rlzohfwb6ized7xTRwYeYIvZQoX7N0UiKXKGFIkxecWulfI7cwvZSos0Oh6R%2F33BpW4a6SraK26qJ2WftHAdthHX%2FfNPUFcQKxrA25YkmAgSU3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909e9a5d371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
RDRE16AAMX0FHHJH4ZFN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
YqmBmSBJFc5-O434sDcTA96ap2RvvUVkgk7ht_eFCjGvlkce_V5DYw==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
X73CN19AY1JYTVK6PVJ8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
4uyzIN-lYNCK2va9u_OyAd7TSYkC0UphMN660XJnkLXWIsi7ltg8uQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=4&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
K88K5GP0S57KJPPXP96F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
aq7ffkfv-tFDnC1amnzES8WRfGFheWJIk6kyajBC_4ec_Z4zUx9KQg==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNeAByBUBr-trKP-PaMT-Mayr-YBYKqBZYywqBRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNARmNTAKUUKRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVatiRpNOIFaThSwXD%2FFQP1yVTy576npsqm%2FpMLRIAwCBHtryj5hoFBmwdpM8oHevEulC%2Bg4KuslqXE9%2BXZL3deLKU3uINUxRdss9LQxrwMymmKZyKSbZRUK7hurNNoxlGDPaF4c1ZFjWFMuQmU4Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f81909eaa6d371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
N4162KQFFWH0XZ0R19N3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
1AhhYkIqiaNNKJaGiE-lpaGr5rgWoQUkBAPaH2vXsJZ95_O3mA6dTw==
generate_204
tpc.googlesyndication.com/ Frame FA85 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dy1gDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
last-modified
Mon, 14 Aug 2023 12:28:03 GMT
server
cloudflare
age
0
etag
W/"c33119e4566ec99f3327d83c499e437882fc6da2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
7f81909f8afdbb9e-FRA
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:55 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
507745
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTnA3TfD02dLNiwjHQJPXHy624pKEHVHsPfWJFMEgGNYryC1jWgZ1msNK9ArariCH26rJX5BjRw4rDRGnXj1ulFXpO11YF7F6fJS4phlAlVriBT8LvD4E3hkjd9KtN1rQP6AkFH6aKgmUr0x"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f81909f6ec9bb47-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B45 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91636
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:26:55 GMT
expires
Fri, 18 Aug 2023 12:54:11 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2861 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91636
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:26:55 GMT
expires
Fri, 18 Aug 2023 12:54:11 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame B757 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP009 /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
server
33XP009
x-33x-status
2000208
/
ssc-cms.33across.com/ps/ Frame 26F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
server
33XP006
x-33x-status
2000208
PugMaster
image6.pubmatic.com/AdServer/ Frame 2861 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82371204&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4174045644dfe8154ef126dbac2d4cae81387dfe8c170652ef415e59b577be42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 11:26:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame 0434 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:55 GMT
expires
Thu, 17 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
223319
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 53CC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:26:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9VE1XM25K9RQCYPQHA0S

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:26:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
60A2N8VTBA00NQBXBT4C
Pug
image2.pubmatic.com/AdServer/ Frame 2C6B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame B4FD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6063412394628672121&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6063412394628672121&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
c01455cc-f929-4874-89f2-a793db13a3b1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6063412394628672121&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 78D8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 11:26:56 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=wb484hKWX3F2dPvXnUWD7FFfBSM&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 20B9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268251246673197204&gdpr=0&gdpr_consent=
42 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268251246673197204&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 11:26:56 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268251246673197204&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 257C 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 24BB
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame B7BB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729301179276
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729301179276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 17 Aug 2023 11:26:56 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729301179276
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 5E8E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGa21FN0p2QWdBQUNqaVRCckUxdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFkmE7JvAgAACjiTBrE1w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7110041939216051842&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAFkmE7JvAgAACjiTBrE1w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7110041939216051842%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7110041939216051842&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFkmE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFkmE7JvAgAACjiTBrE1w&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFkmE7JvAgAACjiTBrE1w&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:26:56 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFkmE7JvAgAACjiTBrE1w&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame CA2B 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
Pug
image2.pubmatic.com/AdServer/ Frame E55D
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUf7de4ef9918f410289efb8ad2b56ae4e&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUf7de4ef9918f410289efb8ad2b56ae4e&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUf7de4ef9918f410289efb8ad2b56ae4e&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 84BF
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=918224225410427648
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=918224225410427648
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=918224225410427648
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 785E 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 4A39 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:26:56 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-7082b9e91b76@version_1.566
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 4CB0
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=133p564au1dg
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=133p564au1dg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=133p564au1dg
lws
42
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 8532
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=690b41c74af2da30/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050URahWbjTWgMXQgYa&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050URahWbjTWgMXQgYa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050URahWbjTWgMXQgYa&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame 4E21
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f8190a1ea0e1e66-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f8190a0d8431e66-FRA
content-type
text/html
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
8
setuid
u.4dex.io/ Frame 134E 		0
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2861
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xC42yuNtTSelPPa8DrKu3w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=91635
accept-ranges
bytes
content-length
5606
expires
Fri, 18 Aug 2023 12:54:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 2861 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.108.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-108-17.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.112
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 2861
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=144034567
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:55 GMT
via
1.1 google
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
date
Thu, 17 Aug 2023 11:26:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 2861
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTc1YWY2Z0FnMTRRUEN2NXZMakF2MXVXdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4134219601264960897&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
54.157.243.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-243-229.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2861
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyRTM2Q0EtRTM2RC00RDI3LUE1M0MtRjZCQzBFQjJBRURG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2861
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHy_vTAjcWD9ruuI9GKqcuA&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHy_vTAjcWD9ruuI9GKqcuA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHy_vTAjcWD9ruuI9GKqcuA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2861 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 16 Aug 2023 11:26:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2861 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2861
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4134219601264960897
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4134219601264960897
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4134219601264960897
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2861 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:68c4:160f:554f:e0aa Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 2861 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 2861
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5657fa25-7c6d-4049-ac6a-b0aa70a5e1d4&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=5657fa25-7c6d-4049-ac6a-b0aa70a5e1d4&ssp=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
18.158.137.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-137-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=59&user_id=5657fa25-7c6d-4049-ac6a-b0aa70a5e1d4&ssp=pubmatic
Date
Thu, 17 Aug 2023 11:26:56 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 2861
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7446152413719114233&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7446152413719114233&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7446152413719114233&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2861 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2861
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bb1b958-32f7-48ee-ab51-a56f4699514f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bb1b958-32f7-48ee-ab51-a56f4699514f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0bb1b958-32f7-48ee-ab51-a56f4699514f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 17 Aug 2023 11:26:56 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2861 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190a11ac337e0-FRA
access-control-allow-methods
POST, GET
prebid
mp.4dex.io/ 		1012 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
585aa5e19ef2084e8d3da991bbf0a60392cd24112bbb16e1d298a5d74749da0d

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107673_1, Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f8190a11b7c39da-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAKUKBRzdNYtUwywyU-KAZP-PwAY-aaMT-ZrUPrMYTqwqaRlmNaKAbYZARdzNwqfftkRqxeNco_YPPaBTAKUKB_TRwkjNTRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARwlNjxqfzxdrtb,qrquog,hxwdqzoe,hxwdqzoe,hxwdqzoe,hxwdqzoe,qdb,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N50%2Bpl4S%2BMcGieZB5CSCKV4uWXFfNOYxkmmsAWWv2eeMXC61iCwboB8viz7CFJrJ1IupaDW8G%2FfQpoQlzmKU4mdP5fzuITRaKQhnHfysdXa5d5v2mihKh4tRw9y0osFuF14jh7Gj5AZHTVRIWlFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a12e34371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18699
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZQyr%2FuTDNeeEjpy3QKA5a7BoIvnVdgz3J55FLAAB3PImGZFAmIoJaE9zd7jPrSxaRW7QRw2qI6HbE0xMRUQk6EL0axvoNzez4AEqXa%2FnkXkIDRZ3yCMQeH%2FsuH%2FZs7VuxYKqd%2FHU7H3kvjJUeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f8190a16b103637-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
WYJ03SF4665EXAPH
age
1324
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f8190a18ab603a0-FRA
x-amz-id-2
IPw2zshTMOj9qvNKrCCoXTp8KGLaJ7ukJIc7DUBXDzOYxd3zAxkJWp25yM6/kBpV8aLA1H1DBkstusOQ1eZ41A==
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Aug 2023 11:26:56 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		938 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15603baf9a50855c028db2069c049bc5985556342316c6005f323da87fd041d

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: vi_24493107667_1, Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f8190a16bf939da-FRA
expires
0
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190a16b2037e0-FRA
access-control-allow-methods
POST, GET
translator
hbopenbid.pubmatic.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a76f18da4c1112060658c4082078c00fbafc6a82394c14161a279def8b556171

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 11:26:55 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1807
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAKUUKRzdNyZBUZtZM-PYyP-PwBK-MKtZ-wAPTKaKYTZtTRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRwkjNTRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNqdb,kzwigxlt,qrquog,jxqfzxdrtb,hxwdqzoe,hxwdqzoeRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVrNyDp2FeUjXtrbn1DdqpgYoNsTme75E%2FGLlhFVwDtmw0XzYyyCa4nc0jJf7QsVc%2Fb9Wx1%2FZKB48dawwCYBfiIOZHcHRZYSPk6BYXQBjO3s%2FCAyDzFvfJnqRyONbg2LPazXIGB7IRGvta6bP3W0rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a16e83371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNPaaZaKBa-aeAA-PZtU-qtye-qatMPAqZZMqPRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRysggkNAGATRwkNldqkzqrltkctk|AGPUAMMKaYBaUBBaaa|PTAbYBT|cortg%20gxzlzktqd|YPT|RmNTAaPYTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mIRH0A0cHNXz5zD%2FcEXfxd%2BD%2Bt8SnwydqCEczYO8UYcaL75FTHMEwDRxziJnEfdQqMXSMK43MCiSoHxgOUMbomQUCGxvefP%2F0asnw6aeqe5D%2BzjXpFYD84KsJu04cezXFk%2FF8U1gHjrXSu%2BqdzaWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a16e85371c-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659351553091557&correlator=3560488023979406&eid=31076869%2C21065725&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli108384&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x300&ifi=2&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Da036c3b8b996665e-22f8a45053de0031%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYszUPj7o1pdP5M9-w5HFiZ_E6Otw&gpic=UID%3D00000c6201a8e403%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYrAaU9IvQw84JhdKIwyOoYXusahA&abxe=1&dt=1692271616266&lmt=1692264416&adxs=480&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=640x-1&msz=640x-1&fws=4&ohw=1600&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYx8H-maAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMfB_pmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yx8H-maAxSABSAghk&dlt=1692271614184&idt=1638&prev_scp=vli_adslot%3D108384%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D640%26hb_height%3D300%26pw_tagid%3D108384%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=1788617067
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5c9cadd2e297aeb21a7c9180f6803818c3e85f6c12206dd4e193792c4efad28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15924
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNZePKaZBw-tyTr-PYUq-MqrT-MeryaKqBKtYyRdzNwqfftkRwlNqrb_TZYdtroqRkjmNUPAbBAARrdzNuggustRwkjNTRmNTAMBMPRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1dz6pqKiKsBWK3pDV8cJ4JkJ4ACBsBKfnN1G1I3qFR10TVxT9N%2FxSRDPGENlpJgyAMoK5Uve2lw1yP0LrOfZgtffzjAKY30cYuxblOpRrzErROadeNQKM0a%2FjCs0uB2ByMf67vTBBNdAsx5XgT%2FSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a1ce1c1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AADE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Fri, 16 Aug 2024 11:26:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659351553091557&correlator=2133344524132834&eid=31076869%2C21065725&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli107667&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Da036c3b8b996665e-22f8a45053de0031%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYszUPj7o1pdP5M9-w5HFiZ_E6Otw&gpic=UID%3D00000c6201a8e403%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYrAaU9IvQw84JhdKIwyOoYXusahA&abxe=1&dt=1692271616283&lmt=1692264416&adxs=980&adys=2213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYx8H-maAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMfB_pmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yx8H-maAxSABSAghk&dlt=1692271614184&idt=1638&prev_scp=vli_adslot%3D107667%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D107667%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=2774311525
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ba2fdbd34aacdbc81cb0c3511e64ec1440f9cfdf7613d925496f811d03ac95d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
google-lineitem-id
5877303303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377370642
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNeAYPqwAZ-wtKU-PrYr-qMqU-raMtKKMMMaTPRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VceEf3gCABhCKTiAJr51ZU%2F6Q5Kc4ouyDP12OPqnozBA1WDqaeXbQUL6hLDmQJHSC5UIGMR6ivrPhoLja2qjkVnB3R%2B5r30%2Fqoakbszt7WyYGZO2nUCwYhygDNS34raxXb2yvJzccJUCMz5HttqLdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a1ce2e1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6063412394628672121
0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=6063412394628672121
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
an-x-request-uuid
3ca16f84-9e17-40db-a3f6-d9a0eae9c07f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u.4dex.io/setuid?bidder=appnexus&uid=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Aug 2023 11:26:56 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659351553091557&correlator=528021671004664&eid=31076869%2C21065725&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli108383&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Da036c3b8b996665e-22f8a45053de0031%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYszUPj7o1pdP5M9-w5HFiZ_E6Otw&gpic=UID%3D00000c6201a8e403%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYrAaU9IvQw84JhdKIwyOoYXusahA&abxe=1&dt=1692271616326&lmt=1692264416&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=1600x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYwsL-maAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMfB_pmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yx8H-maAxSABSAghk&dlt=1692271614184&idt=1638&prev_scp=vli_adslot%3D108383%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D108383%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=3262429219
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca61d5f30d2b6374b37a95bb383ed1fa32cdec08b22d588530311a769830f9b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11944
x-xss-protection
0
google-lineitem-id
5877303303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377370645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNtPMZKKeB-tPey-PMtM-qUPU-TrqUPtayTaatRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSwv%2BhDVvVUwJ3n9OFrqYBwrMQiY03FPzfXceaOyhJ0KfMSJM%2BlPynPuajDnPC3oxX1vPiRbzbYiaey9jVjB6SeVNFVzBkCx8lHEXVpkqA8qfY81%2BpkHTBXv7idNXwa6deMtS3v2GXIksR%2F%2FKcmSng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a20ea21e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
increment
id5-sync.com/api/esp/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame D251 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=securityaffairs.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:56 GMT
server
Kestrel
server-processing-duration-in-ticks
267469
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659351553091557&correlator=494884699531613&eid=31076869%2C21065725&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli107673&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x100%7C728x90%7C468x60&ifi=5&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Da036c3b8b996665e-22f8a45053de0031%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYszUPj7o1pdP5M9-w5HFiZ_E6Otw&gpic=UID%3D00000c6201a8e403%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYrAaU9IvQw84JhdKIwyOoYXusahA&abxe=1&dt=1692271616367&lmt=1692264416&adxs=320&adys=621&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=1600&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYwsL-maAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMfB_pmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yx8H-maAxSABSAghk&dlt=1692271614184&idt=1638&prev_scp=vli_adslot%3D107673%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D250%26pw_tagid%3D107673%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dsecurityaffairs.com&adks=1424843809
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
861785463cb81b9b502fbb0906ec0881be80823a81f3421be224e86db65407f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
google-lineitem-id
5877303303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377346452
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNwBMqZrYM-MPqr-PUqw-wBBa-KyYBUUUZqByZRdzNwqfftkRwlNqrb_TZYdtroqRkjmNaKAbYZA,aKAbaA,aKAbUU,aUAbaA,aZAbaA,aBAbTMA,KZAbTAA,KYMbaA,PUMbUARrdzNuggustRwkjNTRmNTAKUKBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNU5ehVL9PV51lEaQDnTgY%2BYlyK2VP%2B8uzUmvJbOagPRAGhr7WttjBYT06%2FBsq52IUbQx%2BdeeOPfgiiJwnFr%2FP6Ej5C33IZFwt%2BP7aTlIk4L5kAvE28w%2Fc1hoaZ4aXIBU7UeQCpmj6%2F3Wkk76HDhqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a25f0d1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
sid
mug.criteo.com/ Frame D251
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=securityaffairs.com&sn=ChromeSyncframe&so=0&topUrl=securityaffairs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=a5W2HXxxdHY0QlFEblNHMzZtR3J4empmelIwWkp2S2xkTEFQZzduYVB3Z09EMHZqNDJMQmJTUmd3WWRhVXFhYW5rR3YvQk81YWxlRUZVUVR2d1J2WGJBQTRqdWVsSmpFaUxyeWZPMUJUczBydkFJb2QrVGprK3p2dVc1ST...
457 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=a5W2HXxxdHY0QlFEblNHMzZtR3J4empmelIwWkp2S2xkTEFQZzduYVB3Z09EMHZqNDJMQmJTUmd3WWRhVXFhYW5rR3YvQk81YWxlRUZVUVR2d1J2WGJBQTRqdWVsSmpFaUxyeWZPMUJUczBydkFJb2QrVGprK3p2dVc1STJOV1hKOTFlVzdsUzBsV2JaSVZIdUZHUmtmTXFjMk1UL1lwRFdQeWUrc0JmeDB6c04ybG04S3NzODRFRGdDTzNMUFo0QTAzNnB1OVF5YU00ODlCcSs3dnMvRzBIMUZWejZic3J5RHNkMlNaUjlXTklIVVZjQU1YT1B3eG9Td3hveXdDenA5Tllqc3VEZHVDTlBwZnozdm1EU1VNWllOUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
840e6b43b12cc78bc74f2f8174bce1321f64060e824ee2f3121c6c869c632b44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1294002
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=a5W2HXxxdHY0QlFEblNHMzZtR3J4empmelIwWkp2S2xkTEFQZzduYVB3Z09EMHZqNDJMQmJTUmd3WWRhVXFhYW5rR3YvQk81YWxlRUZVUVR2d1J2WGJBQTRqdWVsSmpFaUxyeWZPMUJUczBydkFJb2QrVGprK3p2dVc1STJOV1hKOTFlVzdsUzBsV2JaSVZIdUZHUmtmTXFjMk1UL1lwRFdQeWUrc0JmeDB6c04ybG04S3NzODRFRGdDTzNMUFo0QTAzNnB1OVF5YU00ODlCcSs3dnMvRzBIMUZWejZic3J5RHNkMlNaUjlXTklIVVZjQU1YT1B3eG9Td3hveXdDenA5Tllqc3VEZHVDTlBwZnozdm1EU1VNWllOUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
265067
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230815&jk=659351553091557&bg=!19Sl1IDNAAZGPLJIZjw7ADkAdvg8WkXI1ICejp-U62o5mAc7UOLZ816qJTBpIG06CvuA4OUqJxb3sTPofKsbLErYFIKXMetJ03YCAAABylIAAAAJaAEHmQLFYs1umdNL3D9-hC8cjWBiSlh9kLcgeBR97LnpsJZznQy-q0Gz6StYzH-U_YadHaaq_GNfuIfnUrCF36D_o77e0Gvi2R5TZuVFiJ5UddTGRYU8gceO6jUc38iEq5AmG5Tq_wwfFLgpP52bhBP7bMMDGmaSlbIxQuFn7qz6kBhZzOFb1of8XSjL-P60q3-o0s6rKdehhe59BzHlav2TUPdnJxfHZuQCIbdRlKahfXtC-rStpkZjwMl6kLOL33kKkzPPhluz-Dsw11ROr5PyAYEus_Lei1V1Lt3MTOxL9t6dpCsMxmBN_ktzgrJmAF9G6LK3X9SBLbkzvxpbvbjTfsSnmDSFnwW6OgeAS-SQ3Lc41weEER_uMkEZNLTr2muRAdJbOCqd7owOVHFZQKaNUibfeAe4BIxRYuraUuin8XvQtrGQHhmTqqbIZCGdRfAdxxRf3xQ7YYuXFQa68E6GGyqQiFxq675n7ytJCi7-wUunTurVLohz1c9G1juXHLw0ZZVVrIuXsn9XPMboKHcGa42mu0EOPFmR7pjBKqrOM15eVrxjFpFm69gdqm2U8c2QK9XJisxt3Wf4YYDRFoQQa8XJyFPYGB6aXY2Hcv0WbhP6cwONicdj8JFziYNfo1XTPbMAH9ZIY90ad-ZkbwO1x9s9hIwqNG_ljZBNBvqKb2Mdc8SizQgIWq_z7XFNL8vA4uap9zhYm_qAiQ1YioSjNGoAF7aB9gsOWiDTTxjadzYgd0dGrJ60CH0VRciZ_31c5jveqRIsMIzmkdrxvvctWLFN3tj6yLBq2047uzP2G_Ey5RuZrpGLUouo2npr_4TCJrZ2L-kk6LH8LLZIijZCSpZHJGPYpCzBOylx8BvslamGIfohyOio8sU4mvLxKreQ3LON4ZukM3m43ZyQhZg3KK02X1SuHl1hRT4MgXUdGrHUrWGCIA-8Sg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
container.html
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0DD0 		0
0
/
services.vlitag.com/passback/ Frame FAF5 		671 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/passback/?t=1692256733&d=24493&z=107667&divID=vi_24493107667_2&w=300&h=250&geo=CH&hn=securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c304034bd3c9391d5f43577ca0196f2da624e338dc647fa9515bcae598f66ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a37f57917c-FRA
alt-svc
h3=":443"; ma=86400
container.html
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B6EC 		0
0
container.html
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44EF 		0
0
/
services.vlitag.com/passback/ Frame A1FE 		671 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/passback/?t=1692256733&d=24493&z=107673&divID=vi_24493107673_1&w=970&h=250&geo=CH&hn=securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e9b01c66b444e890378db9d97922a8a76cda78ab90265fe726836e8b7bf276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 17 Aug 2023 11:24:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a3cfd8917c-FRA
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNZYwPUeqa-TYKM-PqUB-MYYe-AyyrPtTKryTMRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRysggkNAGATRwkNhxwdqzoe|AGYMMU|BAAbYZA|wqfftk|TMA|RmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRiC8iGA6miuPIImHPbwzfvI8A%2FLMHiq5pCD6xIXiL3HuAdVojCAfxRpG0031XWj1bmUXzkk5kc7o8uJpcBOAXnMvI9n3eWZCYetlZlTtdCJGKy8CbgbENwkPc9IQMY6nsGeirKbhSuoetm6uzbm6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a3f9601e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=659351553091557&correlator=33644517800929&eid=31076869%2C21065725&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=21724377464%3A22897089438%2Csecurityaffairs.com_vli107667&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C180x150&ifi=6&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Da036c3b8b996665e-22f8a45053de0031%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYszUPj7o1pdP5M9-w5HFiZ_E6Otw&gpic=UID%3D00000c6201a8e403%3AT%3D1692271615%3ART%3D1692271615%3AS%3DALNI_MYrAaU9IvQw84JhdKIwyOoYXusahA&abxe=1&dt=1692271616649&lmt=1692264416&adxs=980&adys=1054&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&psts=AOrYGsl0tJN0bfoF7LimdfLxWJNW3qM3uUUAZF-jFDEMaHz8DRBFJus2dQGq7YomQBsr8ovN0JesXrUTFTvJwP39kw%2CAOrYGslORxqPvYL_rOYivUueDEcbRIaFWx6MjkHpV5cnvhEpF3aB-AgQy74lwLRg_z3ySgmnbAq6KFrlvpiJnAQ8ew%2CAOrYGsmtb-mXlhLLbBiRc5TgQU9JuIDDOr-tElmvqlB02JjwCf7BLP236w8dHbZ1HYQ39asO9C1fF3D_GAXDLB3MTQ&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYwsL-maAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMfB_pmgMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y-ML-maAxSABSAghq&dlt=1692271614184&idt=1638&prev_scp=vli_adslot%3D107667%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D107667%26vli_sf%3D1%26pw_network%3Dtrue%26hb_bidder%3Dpubmatic%26hb_adid%3D82a21ea5385ba8e%26pw_pb%3D0.36%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dsecurityaffairs.com%26real_cpm%3D0.2886&cust_params=hb_domain%3Dsecurityaffairs.com&adks=2774311524
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdac7ed61a4c4e697220230525eb016786745290e2ef04787b6bcaab15c1a0a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12031
x-xss-protection
0
google-lineitem-id
5877303354
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377370636
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNytAUqrKq-YtaP-PMAy-qKyZ-tqAaArtyYZKwRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARrdzNuggustRwkjNTRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j3snkd6JuQ3OzChL1OJfxVpG3iIcofXxMBfHCySGpCgJOXmqJ84GEz7pyA1URmu3INOUpb52%2BJysUHbUc5Pfa0MfLXThXgS5Pipergw%2BwHJRgU4BGEDLxlzjiDtGUOtrA%2Bk8i2kO5D5qAJHxDjzag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a419851e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
7.jpg
assets.vlitag.com/ads/300x250/ Frame FAF5 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/ads/300x250/7.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d23121bdca4371bbb06f12b2cf53f87953a3458f62e352dcfb373413d789bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1153042
cf-polished
qual=85, origFmt=jpeg, origSize=58737
content-disposition
inline; filename="7.webp"
alt-svc
h3=":443"; ma=86400
content-length
21220
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Nov 2019 05:04:46 GMT
server
cloudflare
etag
"5dbbbcee-e571"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
7f8190a468f5917c-FRA
expires
Fri, 04 Aug 2023 03:26:14 GMT
14.jpg
assets.vlitag.com/ads/970x250/ Frame A1FE 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/ads/970x250/14.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a77f8f7f0228e6c91c9f3573cbc970f235c892338b2159790a766fc29a802c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1129513
cf-polished
qual=85, origFmt=jpeg, origSize=52915
content-disposition
inline; filename="14.webp"
alt-svc
h3=":443"; ma=86400
content-length
18746
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Nov 2019 05:04:46 GMT
server
cloudflare
etag
"5dbbbcee-ceb3"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
7f8190a4b958917c-FRA
expires
Wed, 26 Jul 2023 18:20:11 GMT
container.html
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B406 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Fri, 16 Aug 2024 11:26:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/imp-v4/ 		0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNyUKrZqYM-yeTy-PUrZ-MwZr-rZMZrYqKeYArRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTAMBMPRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDYh1d79Yv5YeOOiNJcXyPIE6sj9dYY%2FMfxpo%2BHf4zDiQqdMkH8UNWuzNuzNsZ4oKxgRi2wgYvDeDn77GB1BW%2BqtpZEG5YG35T%2FBKH7F5s6Iqbv80I7ZHLU4qDz%2FaVRJ9jFXxui3hYLIQkH5VTp31g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a56b671e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
container.html
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A85F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Fri, 16 Aug 2024 11:26:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cc.jpeg
px.vliplatform.com/bw-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNeaBTAMZA-MZwT-PTrY-waMt-rMMMTwMrAwZtRqxeNco_YPPaBTAKUUK_TRwNhxwdqzoeRhNAGYMMURlmNBAAbYZARdzNwqfftkRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsMPzjCPXAANFJ1RafhZHVLg3N7WBeeuaaOIyqS0wDDNkQk%2BlE4%2BcTPAAfYQQkdP517DUkSSW%2BgzGpgBwaeABPQ2LD%2BjiVrdvuyMabiZKPSyqRmHon%2BM9DGMdZc0nQd4gExaJmscuUPpMjpb9ZpvfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a57b881e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2E9F 		217 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ea58a1c60652b4bad222be3a70b575a8b92cd7b97fa6ceaf42d7b48f45c88f05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8mj60HbqLKGb_3jj8BYD0DeJ8D123I9rQCfnbOpVeOEaUw1UtVmAFBSyPDcp-3cwBpF3z4WnMg1hOgoWCM8mysYf7zkGUUU8no4Nx27hPs5pQYhvDjgD5o2TjGHO_2IxLoT6CVMdKS7n1sZNHIGfAaoruqHKlKWglPiOOuNDV_qP6vjEznt9No64l_hRK-hhr_eKrOi0OC-XgMp-GqEHIHDk5mXvKGaF4Ph-tSETyNyv9bQ3FrEDp64kNYB6Y4DV4F9h_A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
74378870
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame B406 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 10:30:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
3396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:30:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3960 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 08:16:14 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 08:16:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame B406 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
47516
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:00 GMT
l
www.google.com/ads/measurement/ Frame B406 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgAj5NU_PU5BDdUECPFi-iTHM8txssOGE-Jry3-XSM0L9QWG05RJAKHwtFIosDVtocQVAwV0-g-Bo1YhQDILN01H1AwQ
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B406 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B406 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:26:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A85F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Aug 2024 21:45:47 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame A85F 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10020
x-jsd-version
1.15.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs%2FUUtRi6Sta2yDOM5j%2FxoL1U3H%2FkbozoGwe%2FUyvbsZsa1wKN2ZwGyrg1eGOprRFPfEM1OmMlgitFAEkI2ZG9KoTxiFhCWiiKmTiwaYRsSIp6TnaH4U4NJbgO2t0v7p4yGPiIvbYoTiPGYYjmug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f8190a598ae3637-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A85F 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 11:26:56 GMT
truncated
/ Frame B406 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d8c907191c324c8ed7fcc63538284643d249b0f0ef7915a3d9711a57b37b74e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A85F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhyCF5kg6w9T-WS07s6LhSXCqeRCbCOEkNIq9NJYv6T5-f7s__5jgkrtds8zH_2o1UjIJV_gtXTE7PJedN3hlj0iCbtnwWFoRsq0EVyPGO4t9Ip8BNjaBNJcORcvDS-Yynsn9-XPQEHX58_ZRwSY3RwfGl8JpKHkztVRjfDIsSJsYwMxb3q4plPMy-yQ3KV8S3u1KD5sAQJkO4dYhVu0aklj0Kri7yTwKOsCCRwx683HxI0RDVbWdFyPTl11tc0NeqZRHmTwdTehskRozqPTjU4Y0TeYNfQFPXYX_9S-kEJ3Ln88vM-n4gH6x27wkWrhZml3VH4qIbTBzX_zLOzCWh00uuna_-_3hiMP4xbwSoVw&sai=AMfl-YS4iKOzdEDgSDvBg8F7gyfgPmppkBF8V_lvZTeZtycRqnwgItQb4Akc_GXxsfaDgnzsmvk0ytSCVQ196nlJCPBBAJGUPAWLs1w9z0dNMCXNNm6pOiy4o_N0-fr-lNo&sig=Cg0ArKJSzDq5WFxruqiSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3960
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGJzidLECQGRGQU-InB3QuM&google_cver=1&google_push=AXcoOmR2RLGaNLfk6NYZcjoJKgYEFylhDRiLlfOV7TZ5IpB23Rk8E7cS5gBVGp2D7UXBdqtnRwhIIxoKhK5214zUKPLeZEWWZXrp
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzQ0NjE1MjQxMzcxOTExNDIzMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGJzidLECQGRGQU-InB3QuM&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGJzidLECQGRGQU-InB3QuM&google_cver=1
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGJzidLECQGRGQU-InB3QuM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 3960 		43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEPnhjzaGf9kR6f4gR3uWDI8&google_cver=1&google_push=AXcoOmRlo0QFIXwcLKJPldvsQ9KouzwVqUQYbHvkViTi2y7-KnNmDBY7xy7LI9YoSYgOuoh9KaOezsW_LXZ8WbOhzeXAZIu6Hrrm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRlo0QFIXwcLKJPldvsQ9KouzwVqUQYbHvkViTi2y7-KnNmDBY7xy7LI9YoSYgOuoh9KaOezsW_LXZ8WbOhzeXAZIu6Hrrm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f8190a5d80b1e66-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3960
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGlgCmQf8EfNz5tc2mpptzE&google_cver=1&google_push=AXcoOmSbR1JhdQ110rToawsXbeDyZnPXN1rFK1udcNYFa9GcqBBEZKy-lzwNeJ-EVXfVPZuHjmO-LJHlryt...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSbR1JhdQ110rToawsXbeDyZnPXN1rFK1udcNYFa9GcqBBEZKy-lzwNeJ-EVXfVPZuHjmO-LJHlrytfvogw0K60jJRpN2ZD&google_hm=sNta9L6pQueomeTXHZlvPSM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSbR1JhdQ110rToawsXbeDyZnPXN1rFK1udcNYFa9GcqBBEZKy-lzwNeJ-EVXfVPZuHjmO-LJHlrytfvogw0K60jJRpN2ZD&google_hm=sNta9L6pQueomeTXHZlvPSM
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSbR1JhdQ110rToawsXbeDyZnPXN1rFK1udcNYFa9GcqBBEZKy-lzwNeJ-EVXfVPZuHjmO-LJHlrytfvogw0K60jJRpN2ZD&google_hm=sNta9L6pQueomeTXHZlvPSM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3960
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMUwJJ4zEwGyVjSy1sy6EMA&google_cver=1&google_push=AXcoOmSRFZj-HAvcI6TPXUypb9MfZlzLsfyi5eTrm4OnBpmrcCLUPiCmj2m5rQyPa-u0RsUS6LPc8KyyxTFsxq...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODI1MTI0NjY3MzE5NzIwNA%3D%3D&google_push=AXcoOmSRFZj-HAvcI6TPXUypb9MfZlzLsfyi5eTrm4OnBpmrcCLUPiCmj2m5rQyPa-u0RsUS6LPc8KyyxTFsxq7YPM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODI1MTI0NjY3MzE5NzIwNA%3D%3D&google_push=AXcoOmSRFZj-HAvcI6TPXUypb9MfZlzLsfyi5eTrm4OnBpmrcCLUPiCmj2m5rQyPa-u0RsUS6LPc8KyyxTFsxq7YPMJ1HawRKuj7
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODI1MTI0NjY3MzE5NzIwNA%3D%3D&google_push=AXcoOmSRFZj-HAvcI6TPXUypb9MfZlzLsfyi5eTrm4OnBpmrcCLUPiCmj2m5rQyPa-u0RsUS6LPc8KyyxTFsxq7YPMJ1HawRKuj7
Date
Thu, 17 Aug 2023 11:26:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 3960
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJV7bNmg2H5AKXQU_rXXBBQ&google_cver=1&google_push=AXcoOmTSLI6UOK7kS4YHqIWoqd-MDfLSL0FcQpbpi2UGUT8HsrjWXVKAYhQ12WqE7oywRztb85IWgYDy-8zPNKids8J7mv2...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTSLI6UOK7kS4YHqIWoqd-MDfLSL0FcQpbpi2UGUT8HsrjWXVKAYhQ12WqE7oywRztb85IWgYDy-8zPNKids8J7mv2Hiqtj&google_hm=eS1iSzZqQ05wRTJwRkVBcT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTSLI6UOK7kS4YHqIWoqd-MDfLSL0FcQpbpi2UGUT8HsrjWXVKAYhQ12WqE7oywRztb85IWgYDy-8zPNKids8J7mv2Hiqtj&google_hm=eS1iSzZqQ05wRTJwRkVBcTJqeWdVNXQ3TGU3TW1fcjFZY35B
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTSLI6UOK7kS4YHqIWoqd-MDfLSL0FcQpbpi2UGUT8HsrjWXVKAYhQ12WqE7oywRztb85IWgYDy-8zPNKids8J7mv2Hiqtj&google_hm=eS1iSzZqQ05wRTJwRkVBcTJqeWdVNXQ3TGU3TW1fcjFZY35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3960
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFE33Zf9zEI2ImOaVP_pgaE&google_cver=1&google_push=AXcoOmSDaXZS8lL8CSmNmnEJGEBB1ZbTYY_YeFMxKcF5wHn5F9Vejmax_dBXnYmlCSzvU7-DXCqidP7tkvX3u99aunqObbh...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSDaXZS8lL8CSmNmnEJGEBB1ZbTYY_YeFMxKcF5wHn5F9Vejmax_dBXnYmlCSzvU7-DXCqidP7tkvX3u99aunqObbhfA0I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSDaXZS8lL8CSmNmnEJGEBB1ZbTYY_YeFMxKcF5wHn5F9Vejmax_dBXnYmlCSzvU7-DXCqidP7tkvX3u99aunqObbhfA0I
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSDaXZS8lL8CSmNmnEJGEBB1ZbTYY_YeFMxKcF5wHn5F9Vejmax_dBXnYmlCSzvU7-DXCqidP7tkvX3u99aunqObbhfA0I
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58281/ Frame 3960 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENrxNK29uXR3jBuLtJRm6xc&google_cver=1&google_push=AXcoOmQ_PxNRKZZs5m8WBzBEO9Nsvbs7KhQEBF18rHP3PSUlXYot1oQ-AaUa1vq2kVuNWjYzW_flcB2Q-Yfbc2cQN7ysuQI9qkIs
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 3960 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_cl4WLyDBJLya-rOl2DFE_tdTwkOydWzvGVCG9-pRhDiB52IQMNQ5hNH_UdbnEBmSGuxW1Q
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
dsp.adfarm1.adition.com/cookie/ Frame 5B61 		0
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.adfarm1.adition.com/cookie/?userid=7268251246673197204&ssp=9&gdpr=0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.118 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.adfarm1.adition.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame 5B61 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395096&cid=5357381&bid=18322084&auction=897304EB-B29B-4DCF-9A1A-F4D5622ADF0E&ts=1692271616250&bidid=7268251246669208980&p[country:de,isFirstPrice:1,postalCode:59073,trafficType:2,long:7.79,bidId:7268251246669208980,advertiserId:635558,ssp:9,referrer:aHR0cHM6Ly9zZWN1cml0eWFmZmFpcnMuY29tLzE0ODk4MS9oYWNraW5nL2NpdHJpeC1zaGFyZWZpbGUtY3ZlLTIwMjMtMjQ0ODktZmxhd3MtYXR0YWNrcy5odG1s,adSlotId:3599896,supplyId:157940,domain:securityaffairs.com,winningPrice:0.360000,networkId:3202,auctionType:1,lat:51.700001]&userid=7268251246673197204&adhost=ad-dsp50&gdpr=0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
ad904d0a33d667fcbbbd91f37ce8462cc89957cb9e13bb1d9daa8f53e5da2e7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 13:26:56 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cc.jpeg
px.vliplatform.com/imp-v4/ Frame 5B61 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNaAwUwYUB-Btyw-PeAB-qBAe-qPTMYTMKTAMMRqxeNco_YPPaBTAKUUK_TRwNhxwdqzoeRhNAGYMMURlmNBAAbYZARdzNwqfftkRrdzNRwkhNRmNTAKUUKRleNpl
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TvwDTjI%2FiWjlLA7Jg5JmoWTHdTqhxv4JQTzn3Zm3iYMnwxBENoAh%2FzvrwWQ%2B6jbmxJRFVBvl0p520qtxWfOzMrydIdFeGEffTyIsbt%2FEOVaE81W19dGvCMSzzDGi%2FMoW3Z93fMeLKPHw1GIy8uCnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a5ec231e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
/
dsp.active-agent.com/reporting/ Frame 5B61 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=897304EB-B29B-4DCF-9A1A-F4D5622ADF0E&bid=7268251246669208980&bannerId=18322084&campaignId=5357381&contentUnitId=4395096&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.360000&contacts=1.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Aug 2023 11:26:56 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame D754
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:26:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 767E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:26:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server
AkamaiGHost
cm
u.openx.net/w/1.0/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame A85F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c7c2feee7844e05dea0b940835202dd7446f35cd69f85af2f1849ca3a76e454

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
dbtlib.js
imagesrv.adition.com/js/dbt/ Frame 5B61 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/dbt/dbtlib.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
47d8dabc70c62f44afef6ddc54356b49f16ed6b4f01b306f519f63c7a1283f79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
br
last-modified
Tue, 07 Aug 2018 06:19:39 GMT
etag
"3896939110-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8729
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6F77 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26848
content-encoding
gzip
content-length
14445
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
Thu, 17 Aug 2023 18:54:25 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 9D38 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157940&siteId=824873&adId=3599896&imprId=7B2F31B9-2A1D-416E-92AC-F97803EE7E3C&cksum=ECD07DC1E46B623B&adType=10&adServerId=243&kefact=0.391645&kaxefact=0.391645&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1692271616&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.391645&dcId=3&tldId=0&passback=0&svr=BIDAMS0011&adsver=_2513587008&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=AATeZDs_BQDgJHfercBFTl6R33wzoDSrQJc1NWXxgJANqGWY&ekaxefact=AATeZEI_BQAfM955Zd0iJAtM_WSkX5KQ77HglDShjw0cdI5N&ekpbmtpfact=AATeZEs_BQDzfVClVOr0y03Q6JVyWfTqG_IxGcNxu892kLV2&enpp=AATeZFM_BQAaggv_F-I1lSYPnN1NJdWoqMN7BvIQFSnLHzJ3&pfi=1&domId=8222502327166973060&dc=AMS&pubBuyId=20680&crID=18322084&lpu=mobile.1und1.de&ucrid=14797319907573267814&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3202&wDspId=1101&wbId=2&wrId=2610456&wAdvID=113000&wDspCampId=5357381&isRTB=1&rtbId=897304EB-B29B-4DCF-9A1A-F4D5622ADF0E&ver=12&dateHr=2023081711&oid=7B2F31B9-2A1D-416E-92AC-F97803EE7E3C&cntryId=58&domain=securityaffairs.com&sec=1&pAuSt=2&wops=0&sURL=securityaffairs.com&BrID=5
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:56 GMT
expires
0
pragma
no-cache
adview
securepubads.g.doubleclick.net/pagead/ Frame B406 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSd0dAATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTFAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChTFzsaQzbMdBrZDpfyOhD09zLWlRdqTTfofjeuInuT08__qGE_jvgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zOTYwMDk1NzA5OTMwMTM0GNKubQ&sigh=PZ2D18VELlU&uach_m=[UACH]&cid=CAQSPABpAlJWFjXfKTwZhJrpRkKN4cSmCPZW7U87UPhr5C2iU_-kIAMdFoNN2_AB59g8U-5rmu3_-uQM8ip3chgB&cbvp=2&vis=1
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame B406 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kriJFrr5RIAFrAKdg2ICAgAAAAms-DdKzdJ92Xec4RAABN5k30WstZgyjWfyXwAAEgAACgpBUVVCRHdFQkR3&wp=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&cbvp=2
Requested by
Host: 86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
170189
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2E9F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2E9F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2E9F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 11 Aug 2024 11:26:57 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2E9F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 11 Aug 2024 11:26:57 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 2E9F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xBXwDwbVe7T5J-bNBIsZaqQ0QG5q05_3PSHfVf5KRX1KhwAnTcRzOCDkKburuLsSWEVT84dy63dXs8h9pQZnqIqsaBjd0ZkEdbvkW_8p_szDDOqm1QnhJ1YY1WbgukPD9Ymw4Jiv46Kob3DS9U8lvzOGMKQlEDyNRo6et9_5yG9scCG8TT6a3FSQ89F-ud0K_LXjnVALgjtvfwkqwccW38q8dBcWvxszl860zzUxGfzwQHmN5MDIuz3cttr9fhQNA5W4Q8-xKee9Xptx2oGHghrSr4MnPn5WMsHQByJAYjkAGksgApnImLNqZYTITmK1TDxxu0p3mB0cIQEysUQ8A4DKRiZHoClBLyEbT8hMglads2O6hA2IpDBjlygOJkzs89hR4kHn9UD3vq0iHvHhKbSD-0xOpe92xMDFaWf55EGBNAW3iVgbFPZEjyC-e8yxk20GNCz5vwsrQJK-NouQ-SgvIAc7TP74kS4sMCa5spl65cf33tQSdVeNO4vSQSNndPtFc0IbJdDmNm6OWca0Z4ycdfZq7ybV1EiL2fZeARhQ8nar
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2742462
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D754 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41088
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:45 GMT
usync.js
eus.rubiconproject.com/ Frame 767E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41088
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:45 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2E9F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2382863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP3YrHrICTmWbT%2Fip%2Bk4TiFbwGYEcsJJ17ejl8yK6pDbSATyNcrySMe9oCXQx9PeyGY1ZiKHiwpUdw1Z4GSOWmTPXR%2FBFhOUuIi8fQM7BGH6OUwmaLorwudN4bh0PiV2IzSpQtzz%2FtPH9AWHTWDhInpu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f8190a6ccea2c4f-FRA
expires
Tue, 06 Aug 2024 11:26:57 GMT
animejs.js
static.criteo.net/animejs/ Frame 2E9F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
khaos.jpg
token.rubiconproject.com/ Frame D754 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=596&m=0&partner=97215&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F97215%2F230227%2Fb895686af0ef4c14b7c7a731718d4377_magnanni.logo-2x.jpg&v=3&w=196&s=Idt0mb5a5t10CQQAsoe8vNp7
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0a51b3c32576974ef48aa7c6bc2cd9b881ff3f229c90aa4d7fe9983c4842bbdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
1252
expires
Tue, 30 Jul 2024 03:20:14 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F0%2F1%2F013341_1_magnanni_cabrera_cuero_23953_side.jpg&v=3&w=800&s=fMgaJO0L0qJ8VHBn09vmJWKh&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
31d034e7a229722efa4c52a0467820b7cf4ed1f5616b71ac6355c76588879f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
17144
expires
Wed, 31 Jul 2024 08:05:23 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24777_men_maceo_black_side.jpg&v=3&w=800&s=Ogzb582U-NP1jSiPXiGzUUlC&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec220e0c50cbe44662343fa05040645edeccb7fc4643da3bbec76c7110d17017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
14826
expires
Mon, 05 Aug 2024 21:51:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22961_men_severo_cognac_side.jpg&v=3&w=800&s=889a62B6wQuMP3r1WzhVC9ot&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
358540e12d98567a2ec53c2ba13ebc2328a6d90540918ca80e1d7505ced05464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
19474
expires
Thu, 01 Aug 2024 15:48:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F1%2F0%2F1078_asiago_sky-blue-suede_main.jpg&v=3&w=800&s=9HpqgD093F9u6fvYfuIUrARF&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1b091171f324151450f01a9f81716c7815cc496c1986a4ad5ab09a077c20ee8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
9468
expires
Wed, 31 Jul 2024 06:31:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24525_men_carver_tabaco_side.jpg&v=3&w=800&s=_BfONY-h7gHrWfxJ-AHOmilE&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a89701824927fb59bf44c9c56e03714bf6cc87f13f810759a1ca6957a5b12af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
16556
expires
Wed, 31 Jul 2024 13:15:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24701_men_latham_midbrown_side_v2.jpg&v=3&w=800&s=8gZPADAIMLPdHHlaVUD1NSyd&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
90bf9270a48475f96375e66c516362c4e8965a5ca3875c614d00a72a8d264b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
16584
expires
Wed, 31 Jul 2024 08:01:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F23845_men_remo_navy_side.jpg&v=3&w=800&s=g3_h1BeJaZ3_1kkSw-5RlpbX&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ef60ecae90e87144b6346fe1f031774dec3be996a48d8cf5e1b2c83b42508b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
12452
expires
Tue, 30 Jul 2024 19:54:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F0%2F0%2F000564_1_cangas_black_monk-straps_magnanni_side_1.jpg&v=3&w=800&s=ndmYqHPBn7364c8dqhA9rls5&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dd9f10210cae3546c339cab4ff18fd923159622c63a44a66ea45273665aaace1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
11406
expires
Tue, 30 Jul 2024 12:39:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F0%2F20089_men_camarena_black-cognac_side.jpg&v=3&w=800&s=zl5dO37SrC2bUwPc1_47xphT&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a1f291c7cd6d5a518e48858f44b210da38d95fdd51c3d7bddc640246ff9d6585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
15982
expires
Wed, 31 Jul 2024 09:25:34 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F0%2F0%2F004462_1_dress-sock_red_sock_magnanni_front_1.jpg&v=3&w=800&s=X71uyZuWFJI6Cxs0OMsCpPIo&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
15457c8a7b18fd0a3ec329c78a7c9d5053b4b3f2ebf1a4ed998462dbd668bc6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
9376
expires
Wed, 31 Jul 2024 14:25:02 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25126_men_Romero_White-and-Taupe_side_v3.jpg&v=3&w=800&s=k52wa875Q911Czf1RoJ7ZyH4&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
51f1b9d6ecc9843fd9f9308a0dc59e6e37f1796195fffaa964b980bcaa5752a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
34258
expires
Mon, 29 Jul 2024 16:35:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2E9F 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25282_men_danillo_sky-blue-suede_side.jpg&v=3&w=800&s=uSMRC9R6rl58DZKo4DCj-dco&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a49383956b0c309324f9e51dff3d3f015ce1be14d068832ad5354eac76b728f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
18046
expires
Tue, 30 Jul 2024 20:35:53 GMT
all
csm.eu.criteo.net/ Frame 2E9F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8mj60HbqLKGb_3jj8BYD0DeJ8D123I9rQCfnbOpVeOEaUw1UtVmAFBSyPDcp-3cwBpF3z4WnMg1hOgoWCM8mysYf7zkGUUU8no4Nx27hPs5pQYhvDjgD5o2TjGHO_2IxLoT6CVMdKS7n1sZNHIGfAaoruqHKlKWglPiOOuNDV_qP6vjEznt9No64l_hRK-hhr_eKrOi0OC-XgMp-GqEHIHDk5mXvKGaF4Ph-tSETyNyv9bQ3FrEDp64kNYB6Y4DV4F9h_A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:26:56 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2E9F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2E9F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
khaos.jpg
token.rubiconproject.com/ Frame 767E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view
securepubads.g.doubleclick.net/pcs/ Frame A85F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGzjHlO5Enb9RGlOkfTr79pq32Um43es_tZlrc1GPhiv4ojY50TvhjN4kHwya1Ceh6TT9vFGH7XUJ6ygf6mwn9c00EdTeSFsiIQ8j4Fut1eQyuJ-woWoSAujN2mWk3ngrT9P6CS-BmHSBFwq5OmDW-nkdvhIZss9UUqgWgjcVBbGhayqcIgxLXfdQwAvJrGXzDHvuTDkMeT1kPapvdzVV-I_-cG2_4TZ-RZ9TlJ1Xt3TVvbs8Zv4LwtHnRRMwYpNFSOB2251U--NKEPcUkHPyFIdxntNKb9-4iB0sgwsvzTKxv3rFc27KARjsEyfSb_t-W_GzrHbrYM2AA5VR8Zp7N4l_BFSo-41xRDCVnuhR2L9_k&sai=AMfl-YQaG9v9sC7Ue2MTSeHOMb7gkNZmtE26Gh7qEZLRN23znT_4rdCU9DEll4L2cayez4poKhXPpZQgNohKsYfLBaKDSS-f_D_MguB0XPMYhdHYv8QEjRkLd8HitaFTNDY&sig=Cg0ArKJSzAky6b19hlE_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 11:26:57 GMT
nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 2E9F 		2 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 2E9F 		2 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
recommend
dbt.adition.com/resources/banner/ Frame 5B61 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/banner/recommend?DA_CLIENT_ID=bd92ffc2-ac69-4abd-97d6-73377d8db6d4
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/dbt/dbtlib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
2c3337118e0931cb2d981cc3c320b4a0d8a488a815ba902d72a197254ab12628

Request headers

Accept
application/json
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 dbt-directory02
Server
ISAS
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
transfer-encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
recommend
dbt.adition.com/resources/banner/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/banner/recommend?DA_CLIENT_ID=bd92ffc2-ac69-4abd-97d6-73377d8db6d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Allow
OPTIONS,POST
Content-Length
0
Date
Fri, 17 Mar 2023 09:51:16 GMT
Server
ISAS
Vary
Accept-Encoding
X-Pect
The Spanish Inquisition
via
1.1 dbt-directory01
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 767E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 2E9F 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-4254"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 2E9F 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-42dc"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:26:57 GMT
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js?ts=1692271617253
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Allow
HEAD, DELETE, GET, OPTIONS
Content-Length
26
Content-Type
text/plain
Date
Fri, 04 Aug 2023 13:34:40 GMT
Server
ISAS
Vary
Accept-Encoding
X-Pect
The Spanish Inquisition
via
1.1 dbt-directory01
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 5B61 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js?ts=1692271617253
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/dbt/dbtlib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
790402e3824b48ca388555d4eaa06a555ab5e118149f652a4393906129b1945b

Request headers

Accept
application/json
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 dbt-directory01
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"d184e5aefdb92ecb0c561702634d2083"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d610bf__@@_____A1M-150_300x25062b9682c0fe7f.js";size=82924
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
82924
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1692271617352
  • https://ad.turn.com/r/cs?pid=45&rndcb=5393566980
  • https://sync.1rx.io/usersync/turn/7446152413719114233?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a72102a7-e9a5-412e-a052-538e891a4a90-003?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-a72102a7-e9a5-412e-a052-538e891a4a90-003
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-a72102a7-e9a5-412e-a052-538e891a4a90-003
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-a72102a7-e9a5-412e-a052-538e891a4a90-003
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-a72102a7-e9a5-412e-a052-538e891a4a90-003
date
Thu, 17 Aug 2023 11:26:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa72102a7e9a5412ea052538e891a4a90003
content-type
text/html
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 17BB
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
755406f1a7da7220b8a8cb8393305addb2418e21b6f6d6ba5d1832a24f0ccbb0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
Thu, 17 Aug 2023 11:26:57 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 17 Aug 2023 11:26:57 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 6041 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
cbdd744652a0996e4783197fe2396762405a851da4ad61cb6f373e5896efca94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 dbt-directory02
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"24d1c00de548caf36808b231014eaf4c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg";size=207608
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
207608
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 6041 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
75cb64f6fb01f8ff69747b4d466b4b3fdcd778fa31005e1be1d1b81de379799f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 dbt-directory01
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"e71a4700fb6caf45f6b6b8f5eca56c24"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg";size=238655
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
238655
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 5B61 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
cbdd744652a0996e4783197fe2396762405a851da4ad61cb6f373e5896efca94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 dbt-directory01
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"24d1c00de548caf36808b231014eaf4c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d6ea94__@@__64ccaeb59fb40.jpg";size=207608
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
207608
8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 5B61 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
75cb64f6fb01f8ff69747b4d466b4b3fdcd778fa31005e1be1d1b81de379799f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 dbt-directory03
Last-Modified
Fri, 04 Aug 2023 13:34:37 GMT
Server
ISAS
ETag
"e71a4700fb6caf45f6b6b8f5eca56c24"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="8eae7f33-45ae-4cf9-ad0f-f74afe8f06ed.64ccfe6d81791__@@__64ccaec200959.jpg";size=238655
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
238655
pixelSync
pixel.sitescout.com/dmp/ Frame 17BB 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D44672ae83b198b19
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame 17BB 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D44672ae83b198b19%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
prebid
rtb.openx.net/sync/ Frame 17BB 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D44672ae83b198b19%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 17BB 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:56 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 15 Aug 2028 11:26:56 GMT
um
u-ams03.e-planning.net/ Frame 17BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D44672ae83b198b19%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=44672ae83b198b19&uid=6063412394628672121
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=44672ae83b198b19&uid=6063412394628672121
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:26:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
an-x-request-uuid
c878981e-596e-4f12-bc2a-116ea497b0f6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=44672ae83b198b19&uid=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 17BB
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D44672ae83b198b19%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=44672ae83b198b19&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=44672ae83b198b19&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:26:57 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=44672ae83b198b19&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame 17BB 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D44672ae83b198b19%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-25
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame 17BB
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=44672ae83b198b19
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=44672ae83b198b19
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=44672ae83b198b19
date
Thu, 17 Aug 2023 11:26:57 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame C9F4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:26:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:26:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 047E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44672ae83b198b19%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91634
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
Fri, 18 Aug 2023 12:54:11 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame A9A3
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
2 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a5076cbb6e83c34251548dbc76e07a3e0ea3f2eaafb9ce8290bfc6d97f24ef

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8190a96d3318e4-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU7LDPmnRqK%2BawwSxTDFKE3xnsfJtjweVOlRw484VoEHzO9lou9ldEVrV8GPYd6qQUXVVKFeksX1lwgxtGdRY54sLozuhO492CBKlxUhN%2BFMeBrdX%2BbO6U36QaBod7HfW5Rz%2F9WB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8190a91cba18e4-FRA
content-length
0
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYUtojzOTTI1iQW0y%2FQ59vyCc5nIXfDUVc7XFfGNU1AoUn4GPDIlui%2BpWlmX586OUikPsHhpfq6eSgiJRWEgYRbuU7Ebn4m4xuc3Nuwu7N4rQ7nAc2A5RxU9AzLR7FdxxD0CwFUR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D10D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
a14b987d2f461769cb2ec0c9a8f8a4ae
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 4E6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame D846 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ce9eee86730ae594f4e95442218606b478cbe03951cb78a16387b9be670410
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7f8190a8ce4218fd-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
usync.js
eus.rubiconproject.com/ Frame C9F4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41088
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:45 GMT
khaos.jpg
token.rubiconproject.com/ Frame C9F4 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 17BB 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-114.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
85907
x-amz-server-side-encryption
AES256
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
hEeazLHVUoeZVmAyP0vXBS2NDt1uB0IwGbv4gkEQZfew8GoPPWP_kA==
15581
rtb.gumgum.com/usync/ Frame B5A8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.92.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-92-6.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2f15edd96758d40a592871ce3cd36e450f0d3cf0487bdcbcc1630a780cfd1a9a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 17 Aug 2023 11:26:57 GMT
etag
W/"052c38280d4e432e21e699fb19c4e4fe8"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 8957 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:57 GMT
setuid
u.4dex.io/ Frame 0C55 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AEkjataYkDweaOa-
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C9F4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
getuid
ib.adnxs.com/ Frame D846 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame D846 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=0d5c5d39-7694-4bd1-a13e-0ba7919c7cf4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0d5c5d39-7694-4bd1-a13e-0ba7919c7cf4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190a9f83218fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=0d5c5d39-7694-4bd1-a13e-0ba7919c7cf4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame D846 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame D846 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame D846 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230050-FRA
server
nginx
x-timer
S1692271618.531514,VS0,VE8
x-fastly-to-nlb-rtt
7356
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame D846 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:6418:3db0:a56e:6f03 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D846 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 11:26:55 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame D846 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b001:ea7e:ead4:fe95:47ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2655eff2-de2b-46f3-5553-544084b184c9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2655eff2-de2b-46f3-5553-544084b184c9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=76784550908184016741314098254196150176&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=76784550908184016741314098254196150176&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190aa891b18fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v050-02e2ff31f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
S5ChT5d4RZY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=76784550908184016741314098254196150176&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame D846 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=2655eff2-de2b-46f3-5553-544084b184c9&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-53941-0.576265001692271617-b1e7511ae29564d2286911ebe9a50bbf&zdid=533&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-53941-0.576265001692271617-b1e7511ae29564d2286911ebe9a50bbf&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190a9f83a18fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023081713-53941-0.576265001692271617-b1e7511ae29564d2286911ebe9a50bbf&zdid=533&env=mWeb
Date
Thu, 17 Aug 2023 11:26:57 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7268251246673197204&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7268251246673197204&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190a99f7818fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7268251246673197204&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Date
Thu, 17 Aug 2023 11:26:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame D846
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2655eff2-de2b-46f3-5553-544084b184c9
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2655eff2-de2b-46f3-5553-544084b184c9
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2655eff2-de2b-46f3-5553-544084b184c9
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2655eff2-de2b-46f3-5553-544084b184c9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=xzeZcFbrEPmkEqidcRCCuO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4b...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=xzeZcFbrEPmkEqidcRCCuO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190a99f7a18fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:56 GMT
via
1.1 google
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=xzeZcFbrEPmkEqidcRCCuO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame D846 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2655eff2-de2b-46f3-5553-544084b184c9&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2655eff2-de2b-46f3-5553-544084b184c9?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190aa58ca18fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
cache-control
no-cache
x-server
10.45.5.28
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-KaPy9eJE2ooA3_iySHlaEhzqxHCwr7B4og--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-KaPy9eJE2ooA3_iySHlaEhzqxHCwr7B4og--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190aa992018fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-KaPy9eJE2ooA3_iySHlaEhzqxHCwr7B4og--~A&zpartnerid=570&env=mWeb
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n9CKjHnzXDBQy0upfjRoAPcJ8vFFiem6%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n9CKjHnzXDBQy0upfjRoAPcJ8vFFiem6%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190aa48a418fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n9CKjHnzXDBQy0upfjRoAPcJ8vFFiem6%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame D846 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame D846 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.154.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1692271617
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D846 		95 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
date
Thu, 17 Aug 2023 11:26:52 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4EAQAAAH4legAb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8a...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4EAQAAAH4legAb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190ab1a0318fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-etou8220076-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1692271618.678199,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZN4EAQAAAH4legAb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame D846
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.252.154.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1692271617
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
date
Thu, 17 Aug 2023 11:26:57 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame D846
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-555...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-555...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
45DF2WHKFFQA4XZCVZQE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P2PQ9AC0CG0KAH2WVKYN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2655eff2-de2b-46f3-5553-544084b184c9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame D846 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame D846
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D265...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190ab2a0f18fd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
date
Thu, 17 Aug 2023 11:26:57 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame D846 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame D846 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2655eff2-de2b-46f3-5553-544084b184c9%26reqId%3D89ebd885-0410-4baa-7af9-a8aa724c391f%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.137.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-137-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame D846 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190aa992d18fd-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame D846 		557 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8598dd08980f7e7e64c31ea352f5be7c31090616ef3c448cd525e7de6ccba7eb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f8190a93efb18fd-FRA
access-control-allow-headers
*
sans-57-condensed.woff
is.dopascalls.1und1.de/banners/3202/dbt/1u1/assets/fonts/ Frame 6041 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://is.dopascalls.1und1.de/banners/3202/dbt/1u1/assets/fonts/sans-57-condensed.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.12 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
32a3422a74af7d747de4ac5565752364302c87f16f4f546cf2f9473626d7df8e

Request headers

Referer
Origin
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:26:57 GMT
last-modified
Wed, 15 Dec 2021 21:09:51 GMT
accept-ranges
bytes
etag
"236482354"
content-length
29376
content-type
application/font-woff
usermatchredir
ssum-sec.casalemedia.com/ Frame A9A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELKIlmkQc8wD4-E6e38KSmY&google_cver=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELKIlmkQc8wD4-E6e38KSmY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=860mohvEzQle0LNXGlMGK7GLdAGcLniktkpepWwMChN9qQVSK%2Fwz6oCM5qa%2B0d0kT79Tan%2BtI4QPQvml1HBxwxBco5RtfRrYioh9vBtGG9G6k5z8TUQn%2B3%2BDDHDbt2Bwpp57YkYWnpgFwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190a9ce1318e4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELKIlmkQc8wD4-E6e38KSmY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A9A3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A9A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4EAVsNjsjP28jsj-vBvwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcz5r9lM5qoc4xSkgP-oGU&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcz5r9lM5qoc4xSkgP-oGU&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VWb9%2BSHfLZULCVkAm2uxJ6vf%2Fl39cUBlzEqiJgmZ2jkUk31dA1WzVghaf3h9JsYZp6p52oEXa6V4BDAZA6fmuiTIJctF0detRIlQ%2Fg4UlKjidcXEdgZbrFrF7BZXMJ5EnycMBAEGZrf%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190aa2e454dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcz5r9lM5qoc4xSkgP-oGU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A9A3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TZFAVPX5Z22VXYEAGJYB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A9A3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4134219601264960897&expiration=1693481217
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4134219601264960897&expiration=1693481217
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnixvNnNouRuWuKNmmUdhXs6JbvDVY6mHcr9G0i9Spb5ZgiQqXpjbDlZj8ATJ1V%2FMEHrAsKC7RISRAii4Eie1KLZoePpI0uzgYUHLNNT22zCAE5NtznHzdc%2BT5ZWBtP4Qjfm8VJBR1i03g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190a9fe0f4dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4134219601264960897&expiration=1693481217
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame A9A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wb484hKWX3F2dPvXnUWD7FFfBSM
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wb484hKWX3F2dPvXnUWD7FFfBSM
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmhFLpt5GMZP1JTr3KdssQTVF%2B%2FxKkv6XmuuoSoY3ZGex%2FKoMmw%2FqHFBMzKIr1irbXmWqPSxutFdMB4jZclV%2FW31fYN4He5kwZ7MYbfpCq9xF7CYi6b9Hso%2Bfm3ZApzcftjRcZ8CA8HFBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190aa4e724dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=wb484hKWX3F2dPvXnUWD7FFfBSM
Date
Thu, 17 Aug 2023 11:26:57 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame A9A3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5v3rx-D9v5L9-O2asvCiwLKqv5v98LzA460Xgxvf
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5v3rx-D9v5L9-O2asvCiwLKqv5v98LzA460Xgxvf
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pdcg21MOqd4Amkw1bM1qwa9C21B5FkuRj5D1xdvKpENaoskOPAt5HEJTTasWeaHxdjbo3YrsDYX%2F9qvfvZYSV%2FwVg9DMRvX%2FR2T1W%2BNaG%2FWEgLJdiQdGtW499mmCWMBAuj9tS9GgxO5ZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190a9bdff18e4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5v3rx-D9v5L9-O2asvCiwLKqv5v98LzA460Xgxvf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A9A3 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:68c4:160f:554f:e0aa Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
um
u-ams03.e-planning.net/ Frame A9A3 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=44672ae83b198b19&uid=ZN4EAVsNjsjP28jsj-vBvwAA%261142
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D44672ae83b198b19%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:26:57 GMT
content-type
image/gif
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:57 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190a9d9da37e0-FRA
access-control-allow-methods
POST, GET
prebid
mp.4dex.io/ 		60 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:57 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f8190a9e82039da-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:57 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F148981%252Fhacking%252Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
5QDRP7R7QRA3AZ4QYTPR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
FlAJqz1XVpj_DvpooOpUu6yhai7x-kQNeTcI5XK8uDrZ41Llf01y-w==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=5&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
MP2BH3HP4GWYGEWTQ9EQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Q3pK4wnVWhQBmOxqNFGo1Du6gVPI2Ve3c3Q9GAgjo57tsAutJHRvcQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNYPAreaYB-ArYY-PAYM-arKq-ZPeeYKyeaZMrRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,qrquog,hxwdqzoe,hxwdqzoe,qdb,kzwigxltRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVKHtw6RvNSRP7%2FkxdM0hyhM2N704TStxwOjH5HnWpDF8SYbzRvKMjVz36z8hwYyd9pAoy%2FJ9qzfMEhOQTo4SWnWXAti%2BuUlZD9mQXPSJYbsNRJ9qdgNm2WcMYVYhcsamycLo29uuRH1Zb7xcjBdew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a9f9751e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNwtrawarT-waYA-PZKU-wUZM-rtAKtPUPMrerRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNARkjmNKYMbaARwlNjxqfzxdrtb,qrquog,hxwdqzoe,hxwdqzoe,qdb,kzwigxltRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMqTudKqcgfaxtJ6uMCv9olvKckZJl8zgt%2FslFi54mXhAGFFJQ%2FoCIdViG3%2FbcMmn46jUZT7TGF0eFfRtndzJanSBtQTAL82Lp5H69lVPABMA9Ex7NEzNbrzU9QIesGSrcK38Qx1p8plInVUWaQfYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a9f9761e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNZZKPrArT-MPrq-PeMw-aZMq-YeYTaZBKMKZZRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25ovNOzyZgUtiCKINyn8CgjmWrPPpaztCEsHyWWMqFeiDOHSz1O%2BRPoxVqbezEl9JN8N1xGDfXVnXvxOnB1NSj2ZIs6kNc5Ar1%2BKLl3rVZePm9LYBQXRIavhluluUXF6pvJUCT6OG4SK1CjQbsqypQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a9f9771e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNUTaATtMe-BAUr-PeBr-MMBP-aMZaUPwKqwrrRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWjfCuTCHqgkCkLydAzuo2hffVpebN2j1MNeV%2FONzc025uB2XYvjG1F5rPWOAQnEyrPSwfNqWQRsiGUx%2BnyhOef71ux3o5qObXHseHhAcZlz4%2BNOwIQL23ZFYdf1jw2gDnad%2BZxLMh28PdzDmMEg3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190a9f9781e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6063412394628672121
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6063412394628672121
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
an-x-request-uuid
672b2dd1-5bb8-4372-b5d2-e4bb824be869
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame B5A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_95bc501f-3909-46a0-962d-de4dd882968e&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=BTemUgM38gceMqAPUTrvVVFg8g4eOvFVAGc6I7hP
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=BTemUgM38gceMqAPUTrvVVFg8g4eOvFVAGc6I7hP
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Server
18.158.137.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-137-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=BTemUgM38gceMqAPUTrvVVFg8g4eOvFVAGc6I7hP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
syncPlatform
sync.outbrain.com/ Frame B5A8
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28lp4lYtEyH45IAM7R3KVsAROGVYkXxq4FABIAbUqbHyx5io2K6qXxlqXoIkXlHDA0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_95bc501f-3909-46a0-962d-de4dd882968e&obuid=ENC(lp4lYtEyH45IAM7R3KVsAROGVYkXxq4FABIAbUqbHyx5io2K6qXxlqXoIkXlHDA0)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:58 GMT
Cache-Control
no-cache
X-TraceId
db0e65660b07d867610aee620138decd
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Thu, 17 Aug 2023 11:26:58 GMT
X-TraceId
fc743f55f66387e53145f5e6ffa367a3
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame B5A8 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35
Date
Thu, 17 Aug 2023 11:26:57 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-7SrtXPVE2pcGR4O5R1daz.7XmOAMyzusPuqs~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-7SrtXPVE2pcGR4O5R1daz.7XmOAMyzusPuqs~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-7SrtXPVE2pcGR4O5R1daz.7XmOAMyzusPuqs~A
content-length
0
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=806672dc-28e9-430f-88d2-6a14f9417bd4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=806672dc-28e9-430f-88d2-6a14f9417bd4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=806672dc-28e9-430f-88d2-6a14f9417bd4
Date
Thu, 17 Aug 2023 11:26:57 GMT
Connection
keep-alive
X-CI-RTID
234adf98-59f1-4d73-aef1-3421d4f5f371
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
519460276
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame B5A8 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_95bc501f-3909-46a0-962d-de4dd882968e&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=e83e0acc-ffc9-491e-8cdd-e79cc36408af
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=e83e0acc-ffc9-491e-8cdd-e79cc36408af
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=e83e0acc-ffc9-491e-8cdd-e79cc36408af
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:26:57 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame B5A8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=YchItTyONgvv&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=YchItTyONgvv&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=YchItTyONgvv&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-gnn4h
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame B5A8 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
content-length
0
um
sync.e-planning.net/ Frame B5A8 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=44672ae83b198b19&uid=e_95bc501f-3909-46a0-962d-de4dd882968e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Aug 2023 11:26:57 GMT
content-type
image/gif
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 0199 		0
0
pixel
cm.g.doubleclick.net/ Frame 018D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NWJjNTAxZi0zOTA5LTQ2YTAtOTYyZC1kZTRkZDg4Mjk2OGU=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A46 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91634
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
Fri, 18 Aug 2023 12:54:11 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6027 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:57 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame AA9E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN4EAsCo5s4AADjKUNoAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZN4EAsCo5s4AADjKUNoAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:26:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 17 Aug 2023 11:26:58 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZN4EAsCo5s4AADjKUNoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad397.dc4p.scaleout.jp
X-SO-IP
81.95.5.35
X-SO-Key
ZN4EAsCo5s4AADjKUNoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZN4EAsCo5s4AADjKUNoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad397"}
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad397
gumgum
cs.admanmedia.com/sync/ Frame 31E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_95bc501f-3909-46a0-962d-de4dd882968e&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 11:26:59 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usermatchredir
ssum-sec.casalemedia.com/ Frame 963D 		43 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8190aa1e2d4dbe-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:57 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh20vXQT2hYovUvFlcdgkjgvlQi4lsCyZLQ%2FCZ3flO0ya5p5sTO8nNFzYADvYjMQg8Il3TPNikuV5BBgz5UeBpdUyzKv2AIxHNcPPu%2FRFQqwzyVgyAK1R%2BfP%2FHu40plqLQXmsAGEKbA6oA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame CB9E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=8HGYLKbtsAhkpH1Z7pTO&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=8HGYLKbtsAhkpH1Z7pTO&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:26:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 17 Aug 2023 11:26:57 GMT Thu, 17 Aug 2023 11:26:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=8HGYLKbtsAhkpH1Z7pTO&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 958D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D44672ae83b198b19%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 17 Aug 2023 11:26:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 17 Aug 2023 11:26:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 958D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 22:52:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41088
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 22:51:45 GMT
khaos.jpg
token.rubiconproject.com/ Frame 958D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNoc-yUKrZqYM-yeTy-PUrZ-MwZr-rZMZrYqKeYArRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTAMBMPRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2eYOWWdoxwtVPLbAvBDsWTYHYGW4LN4h4WmybmHDOrhONQL36tWjmUVNqBg%2BQwpO0%2FeBclxykP25d0lciUPl1bi8fm85uYlBdnUdVUy28rvIEqRKu1xQrIjuUAIT6RFUVV4G8kmUEhP%2FJO59B6rdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190ab1b1d1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNoc-aAwUwYUB-Btyw-PeAB-qBAe-qPTMYTMKTAMMRqxeNco_YPPaBTAKUUK_TRwNhxwdqzoeRlmNBAAbYZARdzNwqfftkRrdzNRmNTAKUUKRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP%2F3i9XEfOcfuo%2FhZR8uUAu8VM4H2fbWidvekZZOFpu0YUH5E9z1XkN85mKgf%2BeDE2WkX4HsWRn7WD33kdnhGwg62%2F4Z%2FfRUQ5eQfbr4uOIVMy8GgRwDgdMB2dRBgTxjOde8MVez5JL90rFTynO4MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190ab1b1f1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
occ
ups.analytics.yahoo.com/ups/58675/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
eb2.3lift.com/ Frame 592C
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
1dafa2179a8480cea1f4d7bf89e648531ceba2819a28ba2a4aaf42c75ae23b45

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1308
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:57 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:57 GMT
location
/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 9D07 		840 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d0363657135b714e0a42154474425b20e12eda4eb132ef2db40b2d1aa4101b63

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
840
content-type
text/html
date
Thu, 17 Aug 2023 11:26:57 GMT
generic
match.adsrvr.org/track/cmf/ Frame 592C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame 592C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUxMTcwNzAyNDYwNzc1OTE3NDYzMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 592C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP1MH4MESQsaYEgwxVUYhvY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP1MH4MESQsaYEgwxVUYhvY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEP1MH4MESQsaYEgwxVUYhvY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 592C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUxMTcwNzAyNDYwNzc1OTE3NDYzMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUxMTcwNzAyNDYwNzc1OTE3NDYzMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDUxMTcwNzAyNDYwNzc1OTE3NDYzMA%3D%3D
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 592C 		0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4511707024607759174630&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E1FF00CC34954EEF8340BB9F94AA8763 Ref B: FRAEDGE1916 Ref C: 2023-08-17T11:26:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDHLCpDHfu4XsUL70a4A==
sync
x.bidswitch.net/ Frame 592C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4511707024607759174630&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
18.158.137.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-137-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb
date
Thu, 17 Aug 2023 11:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 592C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4511707024607759174630?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-5.NywlFE2oRvWxsujPw4PDHXd.RRkvB0_dY1yemG3g--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5.NywlFE2oRvWxsujPw4PDHXd.RRkvB0_dY1yemG3g--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5.NywlFE2oRvWxsujPw4PDHXd.RRkvB0_dY1yemG3g--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 592C 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4511707024607759174630&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D282AFE666D48A5A704B65630F5892D Ref B: FRA31EDGE0522 Ref C: 2023-08-17T11:26:58Z
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 592C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
  • https://eb2.3lift.com/xuid?mid=2711&xuid=f3b671d8-d5a3-4f1d-b5b2-a5e833248a9d&dongle=013b
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=f3b671d8-d5a3-4f1d-b5b2-a5e833248a9d&dongle=013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=f3b671d8-d5a3-4f1d-b5b2-a5e833248a9d&dongle=013b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
618922
content-length
0
expires
Thu, 17 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 592C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6063412394628672121&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6063412394628672121&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
an-x-request-uuid
c5794b2f-bf1c-4abb-9b3b-f8c81aa7f133
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6063412394628672121&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/ Frame 592C 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=4511707024607759174630
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B406 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3mmN5fXhf_LolJaUVWkbCwolcou-ZQV3IiPMad0GwzriqXorADW7cJeLgCcK0EdMA9hpWgXNQZNThCQtoXER2GIWxj-rLmeYztxu9&sig=Cg0ArKJSzAyf7AEyPh_vEAE&id=lidar2&mcvt=1000&p=0,480,300,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1788617067&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692271616851&rpt=147&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/ Frame 9D07 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=7110041939216051842&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 9D07
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4134219601264960897&gdpr=0&gdpr_consent=
43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4134219601264960897&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4134219601264960897&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 9D07
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268251246673197204&gdpr=0&gdpr_consent=
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268251246673197204&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7268251246673197204&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 11:26:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9D07
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzExMDA0MTkzOTIxNjA1MTg0Mg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzExMDA0MTkzOTIxNjA1MTg0Mg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NzExMDA0MTkzOTIxNjA1MTg0Mg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
s.ad.smaato.net/c/ Frame 9D07 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:2200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:22 GMT
via
1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
age
36
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
OjSXyfw0HU4UePFO08L0MbNLqeTmupyQtSzijdsMdWxQALlgDg0B4w==
SPug
simage4.pubmatic.com/AdServer/ Frame 2861 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 2E9F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8mj60HbqLKGb_3jj8BYD0DeJ8D123I9rQCfnbOpVeOEaUw1UtVmAFBSyPDcp-3cwBpF3z4WnMg1hOgoWCM8mysYf7zkGUUU8no4Nx27hPs5pQYhvDjgD5o2TjGHO_2IxLoT6CVMdKS7n1sZNHIGfAaoruqHKlKWglPiOOuNDV_qP6vjEznt9No64l_hRK-hhr_eKrOi0OC-XgMp-GqEHIHDk5mXvKGaF4Ph-tSETyNyv9bQ3FrEDp64kNYB6Y4DV4F9h_A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:26:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A85F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv91U3Cwv6_x7cAQstEQW3E-aN4y-GGh_7E8-obSzzVkPHI08GIBz-sancvlv0QcNXmKzrSg0RbGt8JC5U0Sam0P6FV3FoAswm8hfBDDXAOoctoNrMl&sig=Cg0ArKJSzGri_kqnI-IhEAE&id=lidar2&mcvt=1001&p=803,980,1053,1280&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2774311524&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692271616864&rpt=300&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=1c998db1ae8abf1c53290502242194e
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=1c998db1ae8abf1c53290502242194e
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=1c998db1ae8abf1c53290502242194e
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692271618272090-389
Expires
Thu, 17 Aug 2023 11:26:58 GMT
/
onetag-sys.com/usync/ Frame BBF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:59 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190b21eb737e0-FRA
access-control-allow-methods
POST, GET
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:58 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		60 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:26:58 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f8190b21baa39da-FRA
expires
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=6&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
T211GRDHE9KA7DJYZPKK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6E1NIrnQWHKNxqUa5aNIM7zqzPG_pQgJt_heMe_StWLvi0KARRrE2w==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNyAAqrteM-ByZe-PAay-attT-rZqaeBYYBtBMRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,kzwigxlt,hxwdqzoe,hxwdqzoe,qdb,qrquogRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6D8lWuc7VLSXPVdhDUeM8xWpy%2FflZKwt5%2B1enPEJ2iNG7uMSLpDcZyvjVSEz5Te10K0BMRRpf1H4EIpAWzA%2B3kPSTAfqoQbka7E3Q%2Fz5tyvPsZXNOlc0hC4EKz3TrfPLYGDY%2BUUVpCTNstVx5mPrZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190b22d041e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNMBrPeTer-MyBB-PyBq-MPtK-BeyTyMATPAZTRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNARkjmNKYMbaARwlNjxqfzxdrtb,kzwigxlt,hxwdqzoe,hxwdqzoe,qdb,qrquogRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EabNEmMfH%2BlueBW7vBH%2BawBHEo0piEdYVozLdn6KX5jmpWWLNT0o8yhJ6XerdNvD8xRSom3dkILQsJOJrG99w7gUGoVxkq6o%2FcHxP6mPCAd4JZ9r3qoYd%2F5z5ImWzU4iOUTCnTcm21Rh08NSHFPYog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190b22d061e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNtatwZTtq-wUUe-PUya-qKUU-BaywaTyyByKZRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzKAuSvPSumtd4PT4EIyN9L%2FeqXCAQYzQIxBya%2FuIx9YanWZ3c2eTPQKSAEwt1VWNQF9QsqsdKNb0bV3c7JARjakr4r2%2BJ83RJf0v07v3kHTA9wDEjxyshCKdlr6b6JQhFQyC%2BY%2Flim6tEV9gihmGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190b22d071e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNMrPtKaMa-TMKy-PyrM-wYAB-rBZaAqMTtTteRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd8Xh6%2FfsF5km4IomcKAXHs8xAgEFrh7NZcprnsnCYiXmuxusd076NWYwNyulsx2yuQpX9fuTKwzzdHl%2BIqWXGudYo8wtQzepZ75a0D5H5RyQK0frjA%2Bl4LS5vHO1%2BJepe2gS%2FdxhIKFqNpi3pB3Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190b22d0a1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qAiG3aJlCOQwZOvXp%2FicnipXj2oIc9lwnE7T47RPlPCQmmVQ8kJb0cr53XkFreRLqE5O%2FgTAdL8Ga8OMjzGRRExnf5aq7vLnN6SnY06YuWvmRInDJD6J2dKJZPb%2FpTywhxPIZH4yf%2Bu%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
cache-control
no-cache
cf-ray
7f8190b268354dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=5850bc379b5690f9c06ceb5a4dd8
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=5850bc379b5690f9c06ceb5a4dd8
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=5850bc379b5690f9c06ceb5a4dd8
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1692271618917015-418
Expires
Thu, 17 Aug 2023 11:26:58 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=e83e0acc-ffc9-491e-8cdd-e79cc36408af
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=e83e0acc-ffc9-491e-8cdd-e79cc36408af
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=e83e0acc-ffc9-491e-8cdd-e79cc36408af
access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:26:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
PugMaster
image6.pubmatic.com/AdServer/ Frame 6B45 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41107859&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a26209101a7b3553a51a95c35a862fcb8ea5e6f7ab3fc398b55a63ab45be94d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 11:26:57 GMT
content-length
1424
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 4A38 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F391
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 11:26:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pub
matching.truffle.bid/sync/ Frame 0ED8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 17 Aug 2023 11:26:59 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 3A83
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB4E4A0877F048BF8C098D95F10E469B&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB4E4A0877F048BF8C098D95F10E469B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
Wed, 16 Aug 2023 11:26:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CB4E4A0877F048BF8C098D95F10E469B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 32FE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7495079869
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7495079869
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
etag
RXa72102a7e9a5412ea052538e891a4a90003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7495079869
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
setuid
u.4dex.io/ Frame 7D1B 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
mw
mwzeom.zeotap.com/ Frame 6B45 		95 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f8190b31df818fd-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 6B45
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:27:10 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:27:10 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6B45
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4f09fba599f6c1caf4f1f0c2e9b3469e&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6B45
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6063412394628672121
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6063412394628672121
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 17 Aug 2023 11:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
an-x-request-uuid
cf5b1d67-6dde-4183-b255-657d0599f3c0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2861 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39078101&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 11:26:57 GMT
content-length
47
content-type
text/html; charset=UTF-8
setuid
u.4dex.io/ Frame 104A 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
177684
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
set
id.a-mx.com/
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html&tl=https://securityaffairs.com/148981/hacking/citrix-sharef...
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
  • https://id.a-mx.com/set?uid=0d18acac-4c0a-4b9f-9830-df35dbe9c05c&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
99 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/set?uid=0d18acac-4c0a-4b9f-9830-df35dbe9c05c&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d7e763bde04a51979fdec1d70381ab2869f328f3d663869181a1eef552f96a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rl%2FBZ9167nsd874LAuZaofOCsekwvYv1U%2BtqfvmZzGZZDqN65g1de1%2Bax5deWExz0IKujrFSi5CZ9ZEhSMhAKpL54xwVzr%2FWVGD8gOV8vdPXOVP4qYgIXRWcZKohulBJHRYSnyluJvmL%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
7f8190b4794d1e49-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 17 Aug 2023 11:26:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://id.a-mx.com/set?uid=0d18acac-4c0a-4b9f-9830-df35dbe9c05c&gdpr=0&gdpr_consent=&us_privacy=null&gpp=&gpp_sid=
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
7f8190b45b869025-FRA
content-length
0
json
gum.criteo.com/sid/ 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.com%2F&domain=securityaffairs.com&cw=1&pbt=1&lsw=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
193573
expires
0
prebid
id5-sync.com/api/config/ 		135 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
isyn
prebid.a-mo.net/ Frame 3CEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 17 Aug 2023 11:26:59 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 414D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
Fri, 18 Aug 2023 12:54:11 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame C105 		4 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46c288e1384b5f1ace1f59a2b022481de3770741b780fe93e32bcc659f1765a

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f8190b40a3937e0-FRA
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
server
cloudflare
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
29a29eb4d1a8dc57b59e2ff7a2ac88fb9fc6e40e978624eaf32af2b72bf748d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
696.json
id5-sync.com/g/v2/ 		276 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a62b84e2c24769cec1a113817b6592a052ee886494b52fd82737a56a65cb09e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sync
eb2.3lift.com/ Frame E03D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/148981/hacking/citrix-sharefile-cve-2023-24489-flaws-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
d705df4d386073e8eb755142d80b3fda6987fff8572ecbd7c7153dedfce327c0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1162
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame E03D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4511707024607759174630
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
an-x-request-uuid
fa1bb021-71b3-47f2-948a-154d98671c83
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame E03D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4511707024607759174630
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
an-x-request-uuid
5a208310-ada8-4c73-b988-29811dbd8a82
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame E03D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=806672dc-28e9-430f-88d2-6a14f9417bd4&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=806672dc-28e9-430f-88d2-6a14f9417bd4&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=806672dc-28e9-430f-88d2-6a14f9417bd4&dongle=d54f&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 11:26:59 GMT
Connection
keep-alive
X-CI-RTID
ad8534ac-ffe7-4967-844d-d89e814300ef
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame E03D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7446152413719114233&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7446152413719114233&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7446152413719114233&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame E03D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame E03D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-c1be3ce2-1296-5f71-7674-fbd79d4583ec$ip$81.95.5.35&dongle=4430
Date
Thu, 17 Aug 2023 11:26:59 GMT
Connection
keep-alive
Content-Length
136
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame E03D 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.190.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-190-158.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:59 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame E03D 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.190.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-190-158.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:59 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E03D 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame E03D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4511707024607759174630
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
setuid
u.4dex.io/ Frame E03D 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=4511707024607759174630
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
v1
match.sharethrough.com/FGMrCMMc/ Frame C105 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.224.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-224-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
0.gif
id5-sync.com/i/495/ Frame C105 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 17 Aug 2023 11:26:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
pixel
ap.lijit.com/ Frame C105 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 17 Aug 2023 11:26:59 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame C105
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190b56c6637e0-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-store
content-length
0
expires
0
/
s.ad.smaato.net/c/ Frame C105 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:2200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:34 GMT
via
1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
age
25
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
T_26fFkkR9rS-NH8f69q7uz1soqWKgUjyVadZia5W3saY6ORRwNKIA==
setuid
sync.quantumdex.io/ Frame C105
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=3642485598235832665
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9e475534-89fd-52e5-a818-4788ccc6438b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9e475534-89fd-52e5-a818-4788ccc6438b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190b74f4837e0-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9e475534-89fd-52e5-a818-4788ccc6438b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame C105
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6063412394628672121
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6063412394628672121
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190b4cb6737e0-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
an-x-request-uuid
60444e8f-cd3a-4ea1-a80f-26eb089d677b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D5A6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
793e9537613f4b2407607984a4983c5511c7014863f1e2c07529bbe8fb1b1aa0

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8190b4cb324dbe-FRA
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0S4hgnmVjG79bRiSFooQKJHWctiCUFuhmi6lIishfXqc%2BTHLXtkoJs4uLtW2jqutI1RbynXzFqXlb94nq5LJh181VCZBK5YdRACAN2mWOURyu4a0rTWYIXJH4s%2Bi2%2BjD8IWYaC%2F0ZRQUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F86 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
expires
Fri, 18 Aug 2023 12:54:11 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 864D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame 97EA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f8190b4fb9d37e0-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
sync
eb2.3lift.com/ Frame B265 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
6969bdf88a5cce710189e26a5b582a593cbfc5d6c5c0c4d1c29bc70566837677

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1214
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 11:26:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8B60 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.234.116.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-116-116.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Thu, 17 Aug 2023 11:26:59 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
setuid
sync.quantumdex.io/ Frame 3E53 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f8190b4fba837e0-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
server
cloudflare
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=orw5lqS8bcO5uT_L9rFwkfbrbcq5sW6Rp-zx4Yle
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=orw5lqS8bcO5uT_L9rFwkfbrbcq5sW6Rp-zx4Yle
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=orw5lqS8bcO5uT_L9rFwkfbrbcq5sW6Rp-zx4Yle
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
triplelift-match.dotomi.com/match/bounce/ Frame B265 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkmE7JvAgAACjiTBrE1w&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkmE7JvAgAACjiTBrE1w&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAFkmE7JvAgAACjiTBrE1w&dongle=bzwx&gdpr=0
Date
Thu, 17 Aug 2023 11:26:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
img
sync.mathtag.com/sync/ Frame B265 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Thu, 17 Aug 2023 11:26:59 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 17 Aug 2023 11:26:58 GMT
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4EAQAAAH4legAb&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4EAQAAAH4legAb&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-fra-etou8220076-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271619.365182,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZN4EAQAAAH4legAb&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=e6d08350-425b-4c44-b662-e18384abc79c&dongle=31ac&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=e6d08350-425b-4c44-b662-e18384abc79c&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=e6d08350-425b-4c44-b662-e18384abc79c&dongle=31ac&gdpr=0&gdpr_consent=
Date
Thu, 17 Aug 2023 11:26:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=CB4E4A0877F048BF8C098D95F10E469B&dongle=yf3
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=CB4E4A0877F048BF8C098D95F10E469B&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 17 Aug 2023 11:26:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=CB4E4A0877F048BF8C098D95F10E469B&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 16 Aug 2023 11:26:59 GMT
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=8HGYLKbtsAhkpH1Z7pTO&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=8HGYLKbtsAhkpH1Z7pTO&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=8HGYLKbtsAhkpH1Z7pTO&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT, Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncTripleLift
rtb.adentifi.com/ Frame B265 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.180.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-180-243.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
xuid
eb2.3lift.com/ Frame B265
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=0VVXEIRF1QwB9x5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=0VVXEIRF1QwB9x5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0dcb732bd13b1eb84@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=0VVXEIRF1QwB9x5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D5A6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6063412394628672121
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6063412394628672121
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8ynz1zO3WO5QVeQPqfUmZciU80jYmLD4UfmIH90lbG3TU12gN0X8dVkhWJNb8hzEekeYkgAdf8y7GbEULt93KP95f7W%2BBFVH%2F%2FE%2FpYvuL80gTo1PwLNp9YjI3YFkLVRGtKkxd53gkjIbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190b51b994dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
an-x-request-uuid
af5c006b-965b-451a-9d89-b07e488bff78
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D5A6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4EAQAAAH4legAb
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4EAQAAAH4legAb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbYPuNFIEFDLMFVgwtmA5iEpw17oymr9AgezqP2xbitIedculHvKjYNEUH1cqFvAGqmqqQrvAJDoPJtjhuDKmYziM88LfHLU3Hpi68Ar7YsVUJ85sxG%2BRWQNEUUHtMDTTdfAoJ5rWxjy2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190b51b964dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-etou8220076-FRA
pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692271619.359305,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN4EAQAAAH4legAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
user-registering
ads.stickyadstv.com/ Frame D5A6 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:59 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1692271619268084-368
Expires
Thu, 17 Aug 2023 11:26:59 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame D5A6 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame D5A6
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZN4EAVsNjsjP28jsj-vBvwAA%261142&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e622d5f2-9ccb-44e5-a4ae-bdcbc2db2912-tuctbd78983
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e622d5f2-9ccb-44e5-a4ae-bdcbc2db2912-tuctbd78983
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB259671W5cY3vjP1mU20odUkZ9XjIQ%2BMJVXOXmhrDVyqBHUPdPDTSW8xZUrb1brl4CfsfK2tFiuXcJtXf0eVW7NCA98unpH41ab%2Fe0axtKn2wgf5uinCqdV8B77RmwGFXVQdNBdpXFdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190b6be064dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e622d5f2-9ccb-44e5-a4ae-bdcbc2db2912-tuctbd78983
date
Thu, 17 Aug 2023 11:26:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18416
crum
dsum-sec.casalemedia.com/ Frame D5A6
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=814986434619
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=814986434619
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2OCDGOTQcDFY9eyNk8nv%2BvSg8J%2BwgoT5GAgwzLwSMzE2GiPSOJa9ZArRARL2bDDtCF6jGVq2y%2FbJSFW3Gm46Wf8NHG2PMyd54fmEzSQZ70MbGgIMT%2F8Ph%2FU5WzJ%2BzVEpRXbCLYNmRco3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190b59c674dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=814986434619
content-length
0
crum
dsum.casalemedia.com/ Frame D5A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6063412394628672121
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6063412394628672121
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Aug 2023 11:26:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
an-x-request-uuid
7393f077-76e2-4480-b817-64c3331d1afe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6063412394628672121
x-proxy-origin
81.95.5.35; 81.95.5.35; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D5A6
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZP0dxnLIQmz5jhV4ZqAo7Pq59U%2BH2iJSh3MCWYgY8tyFGMCo9NwxcvGlbxWuNeB7ysLhani%2B8JwzlxffjToG3aqK7pyznuxAlbsBP255OUPPIjpkqcisdZo5ZBaiCi4hIrpxK5Ye5h%2FYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f8190b54bdc4dbe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Thu, 17 Aug 2023 11:26:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame D5A6 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:26:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190b50bd237e0-FRA
content-length
43
content-type
image/gif
setuid
sync.quantumdex.io/ Frame F206 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f8190b59cbf37e0-FRA
content-length
43
content-type
image/gif
date
Thu, 17 Aug 2023 11:26:59 GMT
server
cloudflare
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:27:00 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190badca037e0-FRA
access-control-allow-methods
POST, GET
translator
hbopenbid.pubmatic.com/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b66975a1b8f9e5c0afad9e691d5d2326364c0a6345024ae7e8178922b8e1563

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:27:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:27:00 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		60 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:27:00 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f8190baef9639da-FRA
expires
0
c
prebid.a-mo.net/a/ 		297 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
632b9eff7d99c88aac8009adf5dab68ef957a997eae1f922f0e470c3dece5bf3

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=7&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
T035WPEVDC29NDQ1KY4H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
9LiK_bpGD3k6bR5HR-oWT_-IgJgHEE41Qcd5Fu9vKUJszTOkCxTSEQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNUTaYqAAU-UyrM-PtTy-aYTw-rrAeytAByreARlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,hxwdqzoe,hxwdqzoe,kzwigxlt,qrquog,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0%2F1fBakBKnQckgVwvhKImmuKNuLqwwjwu%2Bywjf2w4dqjA2i2HXyucnvJqYVaaB%2BKOLcquG%2B42K2D2f25HTNbazbBqAUI8YuG4uL%2FGYmT%2FYOxPXRCfMuM2TvglXUSr3I%2Fn51jtE07I2sWszYel%2Bvhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190bae8a21e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNKZeMqTaT-Uaqa-PUMU-MBYa-yBAPYZPUMyPMRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNARkjmNKYMbaARwlNjxqfzxdrtb,hxwdqzoe,hxwdqzoe,kzwigxlt,qrquog,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNfSXKolt7FDw0nwtIKHcPdO5b8TdhOSAXcfCwkv27Il10wfr07378U4NzLlN25MOcsW2NxrpmdfG8Q0bjOf40EV2Zba7VsiRUuYoQglVMGt3kpJxUL2Py8s8K%2BedBFBo34vZocUiBMP7sVGHWU7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190bae8a31e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNeAwYqAty-BKyr-PqqU-qtZy-BewUYyatYUryRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS5%2BToJY1V7WFwa5PeyZCUEfYfIYr8kiI2Jr2BQYE9lsW%2FLUnvMxyFBXVV60%2F%2FdGVH15vFAhUhitZtWORV5C3UWX2faQ5W9L4PPM3%2FInb8X%2FENG8GxvW%2FUDqNwuWUDf1NTcXhTr88kB7JKCtoNs%2BsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190bae8a51e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNTraBBryM-aMYy-PyTK-qaPU-YrYwPMeaBMBURdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwPAhlrSu4W7nuz4a1NraKPVWS%2BXOZJi1k7zWXn8ZN6ACZtrgJWTRlZxvFqhmnRZpdjoa%2FX72BcmAfHwMaw32Yngd4kCr1PHJh1mzM%2FHFHyqF%2FHKfQxtyzBq2JBBy5ohxttsKzZwu47LBTUMVZGQoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190bae8a61e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
um
u-ams03.e-planning.net/ Frame F1C9 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=44672ae83b198b19&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:27:00 GMT
server
openresty
um
u-ams03.e-planning.net/ Frame AA2B 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=44672ae83b198b19&uid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D44672ae83b198b19%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 17 Aug 2023 11:27:00 GMT
server
openresty
cc.jpeg
px.vliplatform.com/br-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNZUYaeaZZ-tPZt-PATt-MAKY-yTeaqUeePrwYRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRysggkNAGATRwkNhxwdqzoe|AGYMMU|KYMbaA|wqfftk|TaK|,hxwdqzoe|AGYMMU|KYMbaA|wqfftk|TaM|RmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQIM1%2FX%2BB4C6mZQ7J0iZWRiwgNKWMGd1eAlkxSwWDU82WUP%2F6jw9WlGLCbKu3PX%2BlE3cNFHTgjOZMAQAdyNfGtIjlJtzABy183swMkUi59YQtyzC7mDG232PssU9jkAoZAMkrJ6pS4oGn%2BpW0GCjxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190bcbb091e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
usersync
usersync.gumgum.com/ Frame BD06 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:27:00 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame B099 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 17 Aug 2023 11:27:00 GMT
Expires
0
Pragma
no-cache
SPug
simage4.pubmatic.com/AdServer/ Frame 6B45 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:27:01 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f8190c39af337e0-FRA
access-control-allow-methods
POST, GET
translator
hbopenbid.pubmatic.com/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a246d9b5788010f6eebe91132fec5b54793f07bff9b62c3ec495db31aae8656f

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:27:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
prebid
mp.4dex.io/ 		60 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 17 Aug 2023 11:27:01 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1252
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f8190c39d0939da-FRA
expires
0
c
prebid.a-mo.net/a/ 		297 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
a61bf166074a5a8d1aa194d2ecf83a1a9be54300b138b65596cc48f8f9d3af54

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 11:27:00 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Thu, 17 Aug 2023 11:27:01 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&pid=O8wHcz9HMdueJ&cb=8&ws=1600x1200&v=23.725.1446&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
T38AP7FHHFGGCPK979TG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Ny-KWn2notRfb43IiUbyILF5H1_ISZIkO0tCPyRPBSjcGL_4bvEhMQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNePTTeZyU-rMaY-PyqT-MUqw-KAYUaBMKAUyZRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNARkjmNaKAbaARwlNjxqfzxdrtb,hxwdqzoe,hxwdqzoe,qrquog,qdb,kzwigxltRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:01 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve%2F35uEXG1BFoiRVCQBO0VPFTB11xYS6%2Fe55jXeNb4rFEgaKAwMj%2FKUT82Scnp6KQ57a7fP9SDZlh0UiBTP07wlZZk%2BtErZIyiIz0H7%2FH8n1eRJvFXn7ZdCyBz4fNKxJ%2B5UoMtZ36nPhkOvNop%2FWiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190c3ad9d1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRmNTAMBMBRzdNyTZMaBrY-TtwA-PwKq-ayZY-YUZqTZTZTttYRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNARkjmNKYMbaARwlNjxqfzxdrtb,hxwdqzoe,hxwdqzoe,qrquog,qdb,kzwigxltRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:01 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ece%2FmD9ueTnl%2FDaB2BTG1EJcLGWziomn21bPUqaZR3j6cZEJAu8lWGBeV2iApUTNLo0u8qjeaiMXguWYtKgeX%2FqPvdzcf8MgBk%2B6fBi3SY%2FGPfsvAwYOKpbKfuN%2BRa%2FcWdDwXch6%2BPLEUX1Ysxplfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190c3ad9e1e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNyZKaUwra-BZMt-PeKa-MryT-KqYUBMAtKwyARdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:01 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snyCmjqHrqcMwuvlmt1t8aQiev4pMz2WqjXFQFgG1G0PC9yJxzqE7NftIDrIlRxGmn8Q26Dx9yDIz5VAEMiV7UtNDcZfzAewmxBv9VIiDlDc5nC6t9hxO3Pf85b9gEkJkZFNs21etOTJ8cwPp5npYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190c3ada01e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNPtrrYYMU-etAe-PKZT-aMZU-MtKqwatKAKyeRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:01 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPWVM%2FRmYylanAchTc6buNpQzoXpwHiank4adcs%2Fk0ufrp4VZgk2i0dhFSONll3Bq5BmtimnnBMnUlaZ3eGssFpTZlMDFP6uXN%2FOSoct9Fpu7qRUaSi1USw5KhVpaOfufaVnZOYb2%2Bz%2B%2FUZmssp2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190c3ada11e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/br-v4/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzdNwUMKTKyr-BKwP-Ptqa-qPqq-TPTKeqtyZyyKRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRysggkNAGATRwkNhxwdqzoe|AGYMMU|KYMbaA|wqfftk|TMP|,hxwdqzoe|AGYMMU|KYMbaA|wqfftk|TMZ|RmNTAMBMBRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:27:02 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 11:27:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXHfXxVQRq0usON8Qw9bh5kuw6vVIzUGfN2pTmIs5oCi2Qwidtyy64wpLd5ThYE78qd3zkvTMDOuHMbmOk9XboWMcPI%2B4NxWw%2B0fxkqvbrbHUFIzeqWLvv%2B0v9gzKeRFDX4nX%2BFDDGIRFlyuiXFGGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8190c4ef931e56-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
u.4dex.io/ Frame 60C3 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 17 Aug 2023 11:27:02 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
all
csm.eu.criteo.net/ Frame 2E9F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8mj60HbqLKGb_3jj8BYD0DeJ8D123I9rQCfnbOpVeOEaUw1UtVmAFBSyPDcp-3cwBpF3z4WnMg1hOgoWCM8mysYf7zkGUUU8no4Nx27hPs5pQYhvDjgD5o2TjGHO_2IxLoT6CVMdKS7n1sZNHIGfAaoruqHKlKWglPiOOuNDV_qP6vjEznt9No64l_hRK-hhr_eKrOi0OC-XgMp-GqEHIHDk5mXvKGaF4Ph-tSETyNyv9bQ3FrEDp64kNYB6Y4DV4F9h_A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZN4EAAAFFZ0K3s7BAAdZHv8dMSecGtT4B2h5yg&u=%7Cezp3ziMYicLD%2BdbNjZZ0hZqW7xUNAQhvZ5P8JHeDndw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64SRU6AfCnNofiq0tDcm4LQ8zuzp1PkdBtf5AeqqFHVhk9b9WeOFHpqOivtA8xQlCTw-hls2cEtXkBJ7g6wCvwLKqqMRTJbfYue6QT-Nv7RXmYfXZYTUT8XrbO2_F7TceKzmmXmZo-WbVvG66m2vyosfadj6R362Mp-EINMNNpZccO6KP4kz2lKIKUFGlTJBNRrxpHPfVK6c9SYCT7R2s-Nlz0wTLDuAjMCFumLhSVRZjW7vmkiASLrn6E1JSqOdImrxdz85eGBYlOqo9m3iAN2pH03_CgpKneUlPAKB08ZF2zYBny0W3ufL6XADnZopyG2XO5bQvCHrxKr9qoGiisDHX-8r0XGhz3Ke09jv7ZaPVB8Fz24VFjK3KxdwuhpKYW1BiyPjvaucsfpX8pKp36exklwlA81KF3oVB4DspDnLTFkfoqr07SzmmAePX31CWFfhmtT7p3_1qfVQX7gBRVWd0cLtoqDZijfpYK6UpDCizQNQr3CE7iWEXAkOVaUnFDOeWBeWGue473iQj1DGFOQ_EKNt6lqI69pqWwHvpEa00RL6dpH25OVi02LKhuVYgI9hQPbPy7Nkl2eYriwx6vLYYDmWumB9hxAxm3EAv6NykqdpI6jekWlNiJNeTxpnwHLm8rGkWmpNELVyK_YP-xLZglD0Ti4j1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy0b2AATeZJ2rFMGd-waesp3YBcme0rFcxYyL4JoBwI23ARABIABglaKigrAHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAlWCjHsMQ7I-4AIAqAMByAMCqgTIAk_Qgnnwmu__OA0yRTKZmL4VQzqdBATwzhZMUvq7fpUoErUEE5kObrQ1JB7mzNslMijze6coIzEBm5ZKLShbev0kpgEimXKXDqo2zbLmyq4SGv7NF_NLF4si58u2LiJkrqaEQAaS21zHG1jFzA6HP0H7sZ7YzmhixxkGS7awuaW7-S9EiJBAjGMtxy2iKm4J2wPrMWkdiebqhfVP-yR8cobnl_CdViPjtcJNEbaWXapZZXNI_EAwImkO0iRqm-tjzJZafYaDeH86uMTZVQLmw2pm_7ZOQgDkisRlbhMp-Qdb7x2OeMPYyQjoyXHvtR9P2GzmQ3IbL4D3rUVogL0WO6CWwXESSeAipEEQ4mUxviijS6Vrp7Mk1FNHly2qY_ChDl7N-4tUrcPU-C78GNXlK9XfUOJXhyxdFTDjHntRUWMnewsA7YQcrHzgBAGABqOJ2aza9siGUKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0PnR_wdlIrb88JCE4M7UdnqxGs7A%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 11:27:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
URL
https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| documentPictureInPicture object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| dataLayer object| vitag function| google_spfd number| google_unique_id object| google_sv_map function| gtag object| WPCOM_sharing_counts object| swv object| wpcf7 object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| _stq object| sharing_js_options object| WPCOMSharing undefined| windowOpen function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| wp object| twemoji object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag object| GoogleGcLKhOms function| getEidsByVLI object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| _aps boolean| apstagLOADED object| apstag object| googletag object| observeElementInViewport object| apscustom object| sas object| apntag object| _ADAGIO object| pbjs function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| ONFOCUS

149 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgAIQgNr-maAxCgoIgQIQ39n-maAxCgoIhwIQpM_-maAxCgkICRCkz_6ZoDEKCQhJEN_Z_pmgMQoJCAsQ39n-maAxCgoIiwIQgNr-maAxCgoIjAIQpM_-maAxCgoIzgEQ39n-maAxCgoIjgEQgNr-maAxCgoIkQIQ39n-maAxCgoIkgIQ39n-maAxCgoIlAIQgNr-maAxCgoI1gEQgNr-maAxCgkIGxDf2f6ZoDEKCgidAhCA2v6ZoDEKCgjeARDf2f6ZoDEKCQhfEKTP_pmgMQoJCB8QpM_-maAxCgoIoQEQpM_-maAxCgoI4gEQpM_-maAxCgoI4wEQgNr-maAxCgoI5gEQpM_-maAxCgoI5wEQgNr-maAxCgoIrAIQ39n-maAxCgoIrQIQ39n-maAxCgoItAIQpM_-maAxCgkIORCA2v6ZoDEKCQg6EKTP_pmgMQoKCP8BEIDa_pmgMQ==
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1692271614.1.0.1692271614.60.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.1.856126999.1692271615
.securityaffairs.com/ Name: _ga_P62M3QN974
Value: GS1.1.1692271615.1.0.1692271615.0.0.0
.securityaffairs.com/ Name: __gads
Value: ID=a036c3b8b996665e-22f8a45053de0031:T=1692271615:RT=1692271615:S=ALNI_MYszUPj7o1pdP5M9-w5HFiZ_E6Otw
.securityaffairs.com/ Name: __gpi
Value: UID=00000c6201a8e403:T=1692271615:RT=1692271615:S=ALNI_MYrAaU9IvQw84JhdKIwyOoYXusahA
securityaffairs.com/ Name: __ppIdCC
Value: aexuritywddwira_xon210.6671015306
securityaffairs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.securityaffairs.com/ Name: sharedid
Value: 83d82654-b13a-4f6f-93d0-700d9ade2e10
.quantumdex.io/ Name: uid
Value: 97e7a6f3-8216-45e3-a5cf-37303e838b6b
.script.ac/ Name: __cf_bm
Value: u7FAUQDXUUuQDEZiphWThVuwm3qfvjR0W2dCAX9KWX0-1692271615-0-AeXnWo2biKVYcAjoqp/0hHkbv1Pc+aByi0Dz4XMpEwdgqFUCxcvI+/b0pnE2gg9UDuDgQEwfEGuf9LnQXShWGN8=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
.adnxs.com/ Name: uuid2
Value: 6063412394628672121
.quantserve.com/ Name: mc
Value: 64de0400-1b8b9-bbc09-93b3d
.adfarm1.adition.com/ Name: UserID1
Value: 7268251246673197204
.weborama.fr/ Name: AFFICHE_W
Value: emIvKbdkMuV659
.csync.loopme.me/ Name: viewer_token
Value: 774acfca-0aee-41da-a832-fcdac2e54aa1
.adx.opera.com/ Name: UID
Value: OPUf7de4ef9918f410289efb8ad2b56ae4e
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3sjQ2MDQ0tzQyNxPiM9QNNbTUrXTL9c_JCckBAKRxsC8lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlkZG5oBoSmpgBfqvcdEAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3sjQ2MDQ0tzQyNxPiM9QNNbTUrXTL9c_JCckBAKRxsC8lAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7268251246673197204&KRTB&23369-7268251246673197204
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6063412394628672121&KRTB&23339-6063412394628672121
.de17a.com/ Name: guid
Value: 1.918224225410427648
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559729301179276
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27&KRTB&19420-_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27&KRTB&22979-_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27&KRTB&23403-_nhh-_h4Na7lfWemqnUo_KovNafldTb8-yjc2C27
.simpli.fi/ Name: suid
Value: CB4E4A0877F048BF8C098D95F10E469B
.doubleclick.net/ Name: IDE
Value: AHWqTUlfWIwlgsXtN-14s7T3yGtyrfqCCDzfDD-tebpk7Zy6mKoOQGBIiJXd_5-Efxk
.adform.net/ Name: C
Value: 1
.onaudience.com/ Name: cookie
Value: 690b41c74af2da30
.onaudience.com/ Name: done_redirects104
Value: 1
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDgtMTdUMTE6MjY6NTUuNzYyNzYzNjc0WiIsImFwcG5leHVzIjoiMjAyMy0wOC0xN1QxMToyNjo1Ni4xODY0NjE3NTlaIiwiZXBsYW5uaW5nIjoiMjAyMy0wOC0xN1QxMToyNjo1Ni4yMzcwMTg3ODhaIiwiZnJlZXdoZWVsIjoiMjAyMy0wOC0xN1QxMToyNjo1Ni4xODY1MDEzMzFaIiwiaW1wcm92ZWRpZ2l0YWwiOiIyMDIzLTA4LTE3VDExOjI2OjU1Ljc2Mjc4NTQyNVoiLCJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wOC0xN1QxMToyNjo1NS43MTE1NDYzMjNaIiwib25ldGFnIjoiMjAyMy0wOC0xN1QxMToyNjo1Ni4yMzcwMzUwMzFaIiwib3BlbngiOiIyMDIzLTA4LTE3VDExOjI2OjU1Ljc2Mjc3MDU2WiIsInB1Ym1hdGljIjoiMjAyMy0wOC0xN1QxMToyNjo1NS43MTE1MzQ1NzJaIiwicnViaWNvbiI6IjIwMjMtMDgtMTdUMTE6MjY6NTUuNzExNTM5MTg3WiIsInNtYXJ0IjoiMjAyMy0wOC0xN1QxMToyNjo1NS43NjI3ODE1ODlaIiwic292cm4iOiIyMDIzLTA4LTE3VDExOjI2OjU2LjIzNjk4MDcxMVoiLCJ0cmlwbGVsaWZ0IjoiMjAyMy0wOC0xN1QxMToyNjo1Ni4xODY1MDQxOTlaIiwidW5ydWx5IjoiMjAyMy0wOC0xN1QxMToyNjo1Ni4xODY0Nzk0MDlaIiwieWFob28iOiIyMDIzLTA4LTE3VDExOjI2OjU1LjcxMTU0NDE5NloifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiMzZjMTM1ZWQtNDRlYi00NGU5LWIxZjAtYjU5MGIwMjQxMTQwIiwiZXhwaXJlcyI6IjIwMjMtMTAtMTZUMTE6MjY6NTUuNzExMjI0MjM0WiJ9fSwiYmRheSI6IjIwMjMtMDgtMTdUMTE6MjY6NTUuNzExMTQ4NTcxWiJ9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHy_vTAjcWD9ruuI9GKqcuA&KRTB&23025-CAESEHy_vTAjcWD9ruuI9GKqcuA&KRTB&23386-CAESEHy_vTAjcWD9ruuI9GKqcuA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-918224225410427648
.adform.net/ Name: uid
Value: 4134219601264960897
.adsby.bidtheatre.com/ Name: __kuid
Value: 0bb1b958-32f7-48ee-ab51-a56f4699514f.461485616
.bidr.io/ Name: bito
Value: AAFkmE7JvAgAACjiTBrE1w
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-H1I2i050URahWbjTWgMXQgYa
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4134219601264960897&KRTB&23263-4134219601264960897&KRTB&23481-4134219601264960897
.bidswitch.net/ Name: tuuid
Value: 3d9d9ed8-a19e-4ab4-b372-3fb8b92513cb
.bidswitch.net/ Name: c
Value: 1692271616
.bidswitch.net/ Name: tuuid_lu
Value: 1692271616
.criteo.com/ Name: uid
Value: f3b671d8-d5a3-4f1d-b5b2-a5e833248a9d
.amazon-adsystem.com/ Name: ad-id
Value: A5u-xDhBIkjrrKrwHxSkGNQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: pid
Value: 7110041939216051842
.smartadserver.com/ Name: TestIfCookieP
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c1be3ce2-1296-5f71-7674-fbd79d4583ec.gRDBzBTBsr9zOd5F67Ymji0%2BH%2F2HKUET9H4T27jOlek
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c1be3ce2-1296-5f71-7674-fbd79d4583ec.gRDBzBTBsr9zOd5F67Ymji0%2BH%2F2HKUET9H4T27jOlek
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Awb484hKWX3F2dPvXnUWD7FFfBSM.j6Vxh%2FxoH2zgmeaR5nWYizdKHL%2FcU5XXVAu6q%2BSiko8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Awb484hKWX3F2dPvXnUWD7FFfBSM.j6Vxh%2FxoH2zgmeaR5nWYizdKHL%2FcU5XXVAu6q%2BSiko8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFQ0djjpesswbzeb2DSNRN8qZEpurb4k442V6ER0u3ydEHwYBCCAiPimBjABOgTa3nmDQgRGZDzp.w1nXRCVOOMG8UnAnjO6q5KvdTqtLmG7SfYe5I5vFqD8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFQ0djjpesswbzeb2DSNRN8qZEpurb4k442V6ER0u3ydEHwYBCCAiPimBjABOgTa3nmDQgRGZDzp.w1nXRCVOOMG8UnAnjO6q5KvdTqtLmG7SfYe5I5vFqD8
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-wb484hKWX3F2dPvXnUWD7FFfBSM&KRTB&23334-wb484hKWX3F2dPvXnUWD7FFfBSM&KRTB&23417-wb484hKWX3F2dPvXnUWD7FFfBSM&KRTB&23426-wb484hKWX3F2dPvXnUWD7FFfBSM
.securityaffairs.com/ Name: cto_bundle
Value: szQD919RcTRPUWVPVUFpSjFBVTZnYTRoZ0JpWHBvb3hMcFpMS0VlRldraSUyRkpmTld4a0FvJTJCanZmNW5KdzNUJTJGQjRzdzZZVXI5eVNLRiUyRmJ2VXNkV2IlMkIyclBTUVlCWkpzQnlFeE5RSEd0QlowdVVDZjFSRWpkUnRMNEZVMElBZXludnFtVWpFQWdqMXprQWhlZnZjRERWczYwbDhDcHVDOWM1RjBhZ01vZm44aHAyT0RzJTNE
ads.avct.cloud/ Name: uuid
Value: 5657fa25-7c6d-4049-ac6a-b0aa70a5e1d4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7aca625beb9d387a
.audrte.com/ Name: arcki2
Value: 975af6gAg14QPCv5vLjAv1uWw!20220908!1692271616478!ip#81.95.5.35
.audrte.com/ Name: arcki2_pubmatic
Value: C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF!20220908!1692271616480
.turn.com/ Name: uid
Value: 7446152413719114233
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFkmE7JvAgAACjiTBrE1w
.gammaplatform.com/ Name: _aGeoIp
Value: ES|Caceres
.gammaplatform.com/ Name: _aUID
Value: 133p564au1dg
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7446152413719114233&KRTB&23150-7446152413719114233
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-133p564au1dg&KRTB&23446-133p564au1dg&KRTB&23465-133p564au1dg
.audrte.com/ Name: arcki2_ddp2
Value: 975af6gAg14QPCv5vLjAv1uWw!20220908!1692271616616
.ctnsnet.com/ Name: gid_CAESEGlgCmQf8EfNz5tc2mpptzE
Value: 1
.ctnsnet.com/ Name: cid
Value: b0db5af4bea942e7a899e4d71d996f3d
.yahoo.com/ Name: A3
Value: d=AQABBAAE3mQCEIPDVAYEWyWPBvdLf-0tEvQFEgEBAQFV32TnZAAAAAAA_eMAAA&S=AQAAAj7ewL1Y-E9VZ7mTaWClomU
.adfarm1.adition.com/ Name: lv_5357381
Value: w=4395096|t=1692271616
.tribalfusion.com/ Name: ANON_ID
Value: aMnw7TR3YWj7UXuRu8rpedwID1NZcZbWPh3AT9JcJsFy0TisRUHyUaZdeiZab6OGyO7dM7rqvZdDQe4kD7POrxkwpuyZdaGGyKmfUvk9BWVbArZd7ntVlLScfBVZbefgAiIE
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AEkjataYkDweaOa-
.zeotap.com/ Name: zc
Value: 2655eff2-de2b-46f3-5553-544084b184c9
.zeotap.com/ Name: zsc
Value: %CF%C4%DA%AEz%B8%CAv%E0%95%7BlJC%2B%3E%E2%D3%08bC%AF~8%01-%EC%82~R%C2P%9A%EC%E1%91F%AA%88%A8%F3%13%CA%7CM%0C%E4.%BD%C7%EE%DD%D5J%B7%CC%E6A%AB%AE%A6%11%A5%AB%21rH~%E0vh%2A%15r%93%8F%A1%F5%837%A5%96%E6%C0%D5%F9%F5%F5%29%23%9D%DC%8F%D0%97%A5%8A%D9%11R%3B8%B8%E8%3B%DDL%0F%82%E5%3D%E4gBA-%DF%80%FB9%FCTT%05iY%22R%F3%CB%86%A6%B5%FEI%B8%22%F8T%10%5B%7F%A3%D2u%E5%86yfI%BA%B2%14%C4%81K%B8%E0%97%B4%90ma%23%AC%16Mt
.casalemedia.com/ Name: CMID
Value: ZN4EAVsNjsjP28jsj-vBvwAA
.casalemedia.com/ Name: CMPS
Value: 1142
.casalemedia.com/ Name: CMPRO
Value: 1142
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a72102a7-e9a5-412e-a052-538e891a4a90-003%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.gumgum.com/ Name: vst
Value: e_95bc501f-3909-46a0-962d-de4dd882968e
.tapad.com/ Name: TapAd_TS
Value: 1692271617541
.tapad.com/ Name: TapAd_DID
Value: 0d5c5d39-7694-4bd1-a13e-0ba7919c7cf4
.agkn.com/ Name: ab
Value: 0001%3AXM5P8pyI1OX%2BCVJNt%2B%2BSKjBaGohM31Xl
.demdex.net/ Name: demdex
Value: 76784550908184016741314098254196150176
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_c843008a-ec12-4ba7-94ba-4180d9ac8aa5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN4EAQAAAH4legAb
.creativecdn.com/ Name: u
Value: 8HGYLKbtsAhkpH1Z7pTO
.creativecdn.com/ Name: ts
Value: 1692271617
.go.sonobi.com/ Name: HAPLB8G
Value: s8525|ZN4EB
.dpm.demdex.net/ Name: dpm
Value: 76784550908184016741314098254196150176
.richaudience.com/ Name: avcid-zeo-uid
Value: 2655eff2-de2b-46f3-5553-544084b184c9
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2deb
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-bfddba05-8cb5-3a02-9d3e-ac2c187bb1d3
.360yield.com/ Name: tuuid
Value: e83e0acc-ffc9-491e-8cdd-e79cc36408af
.360yield.com/ Name: tuuid_lu
Value: 1692271617
.krxd.net/ Name: _kuid_
Value: PvY0YtrJ
.audrte.com/ Name: arcki2_adform
Value: 4134219601264960897!20220908!1692271617758
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.fwmrm.net/ Name: _uid
Value: "o076e_7268251250964934404"
.3lift.com/ Name: tluid
Value: 4511707024607759174630
.outbrain.com/ Name: obuid
Value: 91a42e4b-911e-436e-b2f6-001741857022
.ipredictive.com/ Name: cu
Value: 806672dc-28e9-430f-88d2-6a14f9417bd4|1692271617920
.smartadserver.com/ Name: csync
Value: 22:4134219601264960897|49:7268251246673197204|127:AAFkmE7JvAgAACjiTBrE1w
.bing.com/ Name: MUID
Value: 33B74CA74F7469D52E3B5FD74EFF6842
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&487a2f3f-8b62-4378-8e29-7eff35f5566d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTIyNzE2MTg7MjswMjHv7t12dAfTd1bsJfAaMe6aiA+GZ2ANdrAW+6m6NO+ovA==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3024:u=1:x=1:i=1692271618:t=1692358018:v=2:sig=AQHSUw4iarnyjQZy2ng1GtwZCZHIvV3q"
.pubmatic.com/ Name: DPSync3
Value: 1693440000%3A201_245_241_227_226_219_197_235
.pubmatic.com/ Name: SyncRTB3
Value: 1694822400%3A203%7C1693440000%3A56_238_234_165_88_166_3_71_220_243_13_264_251_46_161_249_54_176_233_214_254_81_55_99_21_8_22_204%7C1693526400%3A35%7C1697414400%3A69%7C1693094400%3A63%7C1692835200%3A2_223_15
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a72102a7-e9a5-412e-a052-538e891a4a90-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3ATQ3eQ2dkAwijMMb0hT9K5FAmvVukfrPk.zRRnnAplc6%2Fe8iHi0NLMGPvheagz%2FgzmLT%2BAUlPcnLk
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1692293219137
.exelator.com/ Name: EE
Value: "4f09fba599f6c1caf4f1f0c2e9b3469e"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEkzcAyLSnR1NIyzSzZMDkxzSTNMM0g2SjVMsnYxMwydXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR9lXAAA2JwqmQ%253D%253D"
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&KRTB&23413-C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&KRTB&23479-C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&KRTB&23505-C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
.pubmatic.com/ Name: PugT
Value: 1692271617
.onaudience.com/ Name: done_redirects147
Value: 1
.a-mx.com/ Name: amuid2
Value: 0d18acac-4c0a-4b9f-9830-df35dbe9c05c
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2H`hnTWjB!@wnf-Te9(SNOfY2^u31Es$PlFTv6vCy@d^CzFoxFpZFsEt(Y>m!spqVkq*o9RrTqATxhF
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NTExNzA3MDI0NjA3NzU5MTc0NjMwIiwiZXhwaXJlcyI6IjIwMjMtMTEtMTVUMTE6MjY6NTlaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDgtMTdUMTE6MjY6NTlaIn0=
.quantserve.com/ Name: d
Value: EJ8BHgHdKfijC_vLEL7iDtqNEA
.mfadsrvr.com/ Name: tuuid
Value: e6d08350-425b-4c44-b662-e18384abc79c
.mfadsrvr.com/ Name: c
Value: 1692271619
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692271619
.w55c.net/ Name: wfivefivec
Value: 0VVXEIRF1QwB9x5
.semasio.net/ Name: SEUNCY
Value: 5E94DD15DD1A4E46
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1692271619
.w55c.net/ Name: matchtriplelift
Value: 5
.acuityplatform.com/ Name: auid
Value: 814986434619
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRQBnemuEmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUAZ3prhI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 9e475534-89fd-52e5-a818-4788ccc6438b
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZN4EAwAK_IBEZOkt0Ay5Cx07qBO_YLJBxpME1w==
.pubmatic.com/ Name: SPugT
Value: 1692271621
.prebid.a-mo.net/ Name: __amc
Value: 7_1692271615_1692271621

28 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1692264415&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F148981%2Fhacking%2Fcitrix-sharefile-cve-2023-24489-flaws-attacks.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692271614305&bpp=387&bdt=121&idt=678&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1867037137086&frm=20&pv=2&ga_vid=856126999.1692271615&ga_sid=1692271615&ga_hid=1434909927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C31076469%2C44759876%2C31077148%2C31077066%2C44799580%2C21065725&oid=2&pvsid=659351553091557&tmod=275439526&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=706
Message:
Failed to load resource: the server responded with a status of 403 ()
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u.4dex.io/setuid?bidder=appnexus&uid=6063412394628672121
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7(Line 6)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7(Line 6)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u.4dex.io/setuid?bidder=eplanning&uid=AEkjataYkDweaOa-
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://u.4dex.io/setuid?bidder=unruly&uid=RX-a72102a7-e9a5-412e-a052-538e891a4a90-003
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2655eff2-de2b-46f3-5553-544084b184c9&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D44672ae83b198b19%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=44672ae83b198b19
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=2655eff2-de2b-46f3-5553-544084b184c9&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2655eff2-de2b-46f3-5553-544084b184c9&reqId=89ebd885-0410-4baa-7af9-a8aa724c391f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u.4dex.io/setuid?bidder=triplelift&uid=4511707024607759174630
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=smart&uid=7110041939216051842&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=freewheel&uid=1c998db1ae8abf1c53290502242194e
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=freewheel&uid=5850bc379b5690f9c06ceb5a4dd8
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN4EAVsNjsjP28jsj_vBvwAABHYAAAIB
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=improvedigital&uid=e83e0acc-ffc9-491e-8cdd-e79cc36408af
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=triplelift&uid=4511707024607759174630
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C42E36CA-E36D-4D27-A53C-F6BC0EB2AEDF
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ap.lijit.com
assets.vlitag.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
buttons-config.sharethis.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c3.a-mo.net
cadmus.script.ac
cat.fr3.eu.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cookies.nextmillmedia.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dbt.adition.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.active-agent.com
dsp.adfarm1.adition.com
dspcluster.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.e-planning.net
i0.wp.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imagesrv.adition.com
imasdk.googleapis.com
ipac.ctnsnet.com
is.dopascalls.1und1.de
l.sharethis.com
lb.eu-1-id5-sync.com
loada.exelator.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.vlitag.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
platform-api.sharethis.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prg-apac.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.vliplatform.com
r.turn.com
r5---sn-4g5edndk.googlevideo.com
redirector.googlevideo.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.e-planning.net
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
securityaffairs.com
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
triplelift-match.dotomi.com
u-ams03.e-planning.net
u.4dex.io
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
useast.quantumdex.io
usermatch.krxd.net
usersync.gumgum.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
86d3592865fda04f7aa92d50cc333aaf.safeframe.googlesyndication.com
sync-tm.everesttech.net
103.132.192.30
104.18.25.185
108.128.108.17
108.156.255.65
13.248.245.213
13.32.110.114
13.32.119.77
141.226.228.48
141.94.161.190
141.94.171.212
141.94.171.216
141.95.98.65
142.250.185.162
145.40.97.66
151.1.205.165
151.101.2.49
154.59.122.79
157.90.211.246
162.19.138.120
178.250.1.11
178.250.1.9
178.250.7.9
18.158.137.139
18.196.20.206
18.239.94.125
185.15.245.80
185.184.10.30
185.184.8.90
185.29.132.245
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.89
185.80.39.216
185.86.138.153
185.86.139.94
188.42.191.196
192.0.76.3
192.0.77.2
193.0.160.131
193.3.178.1
193.3.178.3
193.3.178.4
195.5.165.20
198.47.127.205
2001:4860:4802:32::36
202.241.208.55
205.234.175.175
208.93.169.131
212.82.100.182
213.155.156.185
216.52.2.91
217.79.188.11
217.79.188.12
217.79.188.4
23.201.255.110
23.35.236.201
23.88.86.2
2600:1f16:e61:3f00:6418:3db0:a56e:6f03
2600:9000:224a:7600:c:abe:f440:93a1
2600:9000:25e8:2200:1b:5138:8a40:93a1
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:4700:10::6816:1957
2606:4700:10::6816:2560
2606:4700:10::6816:3bc7
2606:4700:10::ac43:15e3
2606:4700:10::ac43:266a
2606:4700:20::681a:8a9
2606:4700:3031::6815:90b
2606:4700:3037::ac43:9e3b
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700::6813:9e13
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:23::a
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2004
2a00:1450:400c:c07::9c
2a02:2638:3::1a
2a02:2638:3::c
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:fa8:8806:20::2040
2a04:4e42:600::300
2a04:fa87:fffe::c000:4902
2a05:d018:24:b001:ea7e:ead4:fe95:47ef
2a05:d018:d29:3601:68c4:160f:554f:e0aa
2a06:98c1:3121::3
3.120.112.58
3.122.199.127
3.234.116.116
3.33.220.150
3.75.62.37
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.149.40.38
34.160.236.64
34.196.43.220
34.252.154.12
34.254.143.3
34.91.62.186
34.95.81.168
35.157.224.148
35.186.154.107
35.186.193.173
35.186.253.211
35.210.239.72
35.214.136.168
35.244.159.8
37.157.6.243
37.252.171.52
44.205.87.2
46.228.164.11
46.228.174.117
51.38.120.206
52.201.180.243
52.204.160.102
52.209.59.223
52.210.15.1
52.212.215.149
52.212.220.173
52.213.141.191
52.29.228.116
52.3.206.88
52.46.151.131
52.50.92.6
54.147.190.158
54.157.243.229
54.72.84.52
64.227.64.62
64.95.96.108
67.202.105.23
67.220.226.238
69.166.1.67
69.173.144.138
69.173.144.139
70.42.32.255
70.42.32.95
72.246.169.24
77.243.51.121
8.18.47.7
8.2.110.24
80.77.87.162
81.17.55.112
82.145.213.8
85.114.159.118
85.114.159.66
85.114.159.67
88.221.169.246
95.101.54.106
98.98.134.241
98.98.134.242
99.81.14.86
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e9b01c66b444e890378db9d97922a8a76cda78ab90265fe726836e8b7bf276
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081efcc878ce0438aabf52ee1fb360a3718b53921e2e07c25bd7c5cdd3fbbd09
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0844f9c0583891902cccc7829921a0a4d2605e7061ced2496a02cb8170e2a245
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a51b3c32576974ef48aa7c6bc2cd9b881ff3f229c90aa4d7fe9983c4842bbdc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
15457c8a7b18fd0a3ec329c78a7c9d5053b4b3f2ebf1a4ed998462dbd668bc6f
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
16e5ba3dfcd97cd7f52ee974e66a8f30bdc2f1b565bcdc7a6db66185c82a05b5
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a49383956b0c309324f9e51dff3d3f015ce1be14d068832ad5354eac76b728f
1b091171f324151450f01a9f81716c7815cc496c1986a4ad5ab09a077c20ee8f
1b66975a1b8f9e5c0afad9e691d5d2326364c0a6345024ae7e8178922b8e1563
1b88eecdd9a5c14608e54b092b2e6dc0b50eb77e170c993790eb89f53682b7c3
1ba2fdbd34aacdbc81cb0c3511e64ec1440f9cfdf7613d925496f811d03ac95d
1c304034bd3c9391d5f43577ca0196f2da624e338dc647fa9515bcae598f66ac
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1dafa2179a8480cea1f4d7bf89e648531ceba2819a28ba2a4aaf42c75ae23b45
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
29a29eb4d1a8dc57b59e2ff7a2ac88fb9fc6e40e978624eaf32af2b72bf748d0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ba7c2311986ffb857dac36c0269f59bd9eb78fbf7435f2a2ebe5ba3af6fb9b2
2c3337118e0931cb2d981cc3c320b4a0d8a488a815ba902d72a197254ab12628
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f15edd96758d40a592871ce3cd36e450f0d3cf0487bdcbcc1630a780cfd1a9a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ffdec5b8be104d3a27f94162a5c0f2ef7bd9ddc4a5b0ef35ab43a5cf149b905
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d034e7a229722efa4c52a0467820b7cf4ed1f5616b71ac6355c76588879f50
32a3422a74af7d747de4ac5565752364302c87f16f4f546cf2f9473626d7df8e
32a42197dc440d45716dd692e63b89b7023bdd66b43d60de83e4de5750c83988
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
358540e12d98567a2ec53c2ba13ebc2328a6d90540918ca80e1d7505ced05464
36653facf1e445fbdf025dbdced6e349f0877ea3b2b3fc2cf98121ef62fb2285
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4174045644dfe8154ef126dbac2d4cae81387dfe8c170652ef415e59b577be42
42638cf7ce147ae414ebf639d0c94c85b08018380903afb94e2190b1d4adb317
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d8dabc70c62f44afef6ddc54356b49f16ed6b4f01b306f519f63c7a1283f79
486b694c4933bf0e1a51c429bdbd97e80ac818f4005c89885800230da524d4de
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7c2feee7844e05dea0b940835202dd7446f35cd69f85af2f1849ca3a76e454
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
51f1b9d6ecc9843fd9f9308a0dc59e6e37f1796195fffaa964b980bcaa5752a5
52f5e657405d02f0ab9761d8c352e50ddf0329275461a34ad512267f3b06c4db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a5076cbb6e83c34251548dbc76e07a3e0ea3f2eaafb9ce8290bfc6d97f24ef
585aa5e19ef2084e8d3da991bbf0a60392cd24112bbb16e1d298a5d74749da0d
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f81477562243cff0c56616fd2a1b40a7f1c229ecdb950eae4e5e119234344dc
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632b9eff7d99c88aac8009adf5dab68ef957a997eae1f922f0e470c3dece5bf3
63d23121bdca4371bbb06f12b2cf53f87953a3458f62e352dcfb373413d789bc
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
6969bdf88a5cce710189e26a5b582a593cbfc5d6c5c0c4d1c29bc70566837677
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0aad09d2e9f6415bba4210ec032a41dcdea45b6223dcac746f359cbe946823
6dbac956ac0824fccac32081f23ce182a6b707159b24b35340dfcb43ff9db5e0
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
708b9b01c5620452c2276336830c8baebe0b0c4265f60b27d8101dc522342840
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
755406f1a7da7220b8a8cb8393305addb2418e21b6f6d6ba5d1832a24f0ccbb0
756a6f162302389f5e17e39068131de06d1da71af2d71e902ab7288766b751fb
75cb64f6fb01f8ff69747b4d466b4b3fdcd778fa31005e1be1d1b81de379799f
75f4ffa37f1248e72a8a1694f0ddda6a01e8a9de7762db4e5e45839577f898a1
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
77a97368f8991ef6bcba68e58a58f0aa3aaa1e61b687bb5f2c7930d12800de13
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
790402e3824b48ca388555d4eaa06a555ab5e118149f652a4393906129b1945b
793e9537613f4b2407607984a4983c5511c7014863f1e2c07529bbe8fb1b1aa0
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7d060d8420c1c7cf908cb32ac0bf231e12a5bd26027bf2ce8bb2a0dde8192cd9
7d8c907191c324c8ed7fcc63538284643d249b0f0ef7915a3d9711a57b37b74e
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
82d6749f3162bc12dc16e45f807d778ad378793a1c88f98299eae25c5593a66c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840e6b43b12cc78bc74f2f8174bce1321f64060e824ee2f3121c6c869c632b44
84d7e763bde04a51979fdec1d70381ab2869f328f3d663869181a1eef552f96a
8598dd08980f7e7e64c31ea352f5be7c31090616ef3c448cd525e7de6ccba7eb
861785463cb81b9b502fbb0906ec0881be80823a81f3421be224e86db65407f3
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8c2488b8fea1a0d0951af61a3f55c92d707bdf4a673b35d305d93661fb777eec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
90bf9270a48475f96375e66c516362c4e8965a5ca3875c614d00a72a8d264b19
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
935309674176a5794193c0841af92c9d2f196d4cce2c6875f4303d6c5866abf9
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94bf45cfcca9fc9527e0f2b1fcab37720dae79ea210f1816a9de8233aeafb142
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
98a77f8f7f0228e6c91c9f3573cbc970f235c892338b2159790a766fc29a802c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bd886da3458da8602dba5a435be2aec8dd0bcba20255a624a3268b9f5deb40
99734dcfce77b3d9c7555659b0e92798bee3e15a5f244da8c97287bad050d7cd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a15603baf9a50855c028db2069c049bc5985556342316c6005f323da87fd041d
a1f291c7cd6d5a518e48858f44b210da38d95fdd51c3d7bddc640246ff9d6585
a246d9b5788010f6eebe91132fec5b54793f07bff9b62c3ec495db31aae8656f
a26209101a7b3553a51a95c35a862fcb8ea5e6f7ab3fc398b55a63ab45be94d9
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a5c159ccf8b6fdfffad548013be4fda608eaec863ce4c2f657c3cbeb6365f724
a61bf166074a5a8d1aa194d2ecf83a1a9be54300b138b65596cc48f8f9d3af54
a62b84e2c24769cec1a113817b6592a052ee886494b52fd82737a56a65cb09e1
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a76f18da4c1112060658c4082078c00fbafc6a82394c14161a279def8b556171
a89701824927fb59bf44c9c56e03714bf6cc87f13f810759a1ca6957a5b12af2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad904d0a33d667fcbbbd91f37ce8462cc89957cb9e13bb1d9daa8f53e5da2e7f
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b10bb429c2fbd98657b33a5cea1c15f1883dca0183c0718b27513e74c2ce3ed2
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2527a54dbc05270bbdb47cbbf6e42dbfe67dc399cb3e49e17c57cdbe33d8f61
c31c872bd1b263e86b8127059907e0c7e94c0985a85acd24d856f4d9aa294db9
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5c9cadd2e297aeb21a7c9180f6803818c3e85f6c12206dd4e193792c4efad28
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
c9f7b3cab2e1ad7ca00d3037abe468d8e3bb8fc008eaa083405a8cc90a8ddab9
ca61d5f30d2b6374b37a95bb383ed1fa32cdec08b22d588530311a769830f9b8
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbdd744652a0996e4783197fe2396762405a851da4ad61cb6f373e5896efca94
cdac7ed61a4c4e697220230525eb016786745290e2ef04787b6bcaab15c1a0a9
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0363657135b714e0a42154474425b20e12eda4eb132ef2db40b2d1aa4101b63
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d705df4d386073e8eb755142d80b3fda6987fff8572ecbd7c7153dedfce327c0
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
dd9f10210cae3546c339cab4ff18fd923159622c63a44a66ea45273665aaace1
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63ce5b7ed21eed9e79e149fd15071f7d52af26b7b50b23af810cfe3b50f7a1a
e67aef6c33b92fd72a5dbfe92b7501ee4089c6fbd05f310f2f1dd8e908d581be
ea58a1c60652b4bad222be3a70b575a8b92cd7b97fa6ceaf42d7b48f45c88f05
ec220e0c50cbe44662343fa05040645edeccb7fc4643da3bbec76c7110d17017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60ecae90e87144b6346fe1f031774dec3be996a48d8cf5e1b2c83b42508b46
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f31426097b330a7136add6c1c3fc77c3db8f49ae924fe475284c463b3ef22903
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3ce9eee86730ae594f4e95442218606b478cbe03951cb78a16387b9be670410
f46c288e1384b5f1ace1f59a2b022481de3770741b780fe93e32bcc659f1765a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb