URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Submission: On January 23 via manual from GB — Scanned from US

Summary

This website contacted 116 IPs in 10 countries across 118 domains to perform 745 HTTP transactions. The main IP is 2606:4700:20::ac43:4615, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com. The Cisco Umbrella rank of the primary domain is 137454.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.
This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
222 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:1400:d::... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.65.166 15169 (GOOGLE)
1 34.117.228.201 396982 (GOOGLE-CL...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2600:1f18:24e... 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
3 108.138.115.22 16509 (AMAZON-02)
6 137.116.89.182 8075 (MICROSOFT...)
6 10 2620:116:800b... 14618 (AMAZON-AES)
1 108.138.128.124 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
1 4 54.162.250.6 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.124.226 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 2620:100:a001... 19750 (AS-CRITEO)
2 54.163.128.108 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
5 17 34.98.64.218 396982 (GOOGLE-CL...)
1 184.29.129.73 16625 (AKAMAI-AS)
17 34.226.144.29 14618 (AMAZON-AES)
2 34.235.214.237 14618 (AMAZON-AES)
13 17 68.67.160.132 29990 (ASN-APPNEX)
7 11 145.40.89.200 54825 (PACKET)
1 2 35.170.172.42 14618 (AMAZON-AES)
1 2606:ae80:145... 25751 (VALUECLICK)
5 30 51.222.39.184 16276 (OVH)
2 4 69.175.41.44 32475 (SINGLEHOP...)
1 104.36.115.111 62713 (AS-PUBMATIC)
10 2607:f8b0:400... 15169 (GOOGLE)
2 21 52.46.128.147 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
20 2607:f8b0:400... 15169 (GOOGLE)
1 4 23.52.167.93 16625 (AKAMAI-AS)
2 2 2600:9000:220... 16509 (AMAZON-02)
3 3 34.171.234.26 396982 (GOOGLE-CL...)
5 6 69.166.1.12 27630 (AS-XFERNET)
1 1 199.187.193.182 47043 (SMARTADSE...)
7 7 2606:ae80:147... 25751 (VALUECLICK)
6 6 20.127.253.7 8075 (MICROSOFT...)
5 5 162.19.138.117 16276 (OVH)
6 11 44.209.91.56 14618 (AMAZON-AES)
6 23.52.161.180 16625 (AKAMAI-AS)
5 8 198.148.27.139 19189 (PULSEPOINT)
2 21 18.214.193.123 14618 (AMAZON-AES)
3 4 35.71.139.29 16509 (AMAZON-02)
1 6 2607:f8b0:400... 15169 (GOOGLE)
1 5 8.28.7.81 62713 (AS-PUBMATIC)
18 19 35.71.131.137 16509 (AMAZON-02)
4 4 54.237.254.37 14618 (AMAZON-AES)
6 9 172.64.154.237 13335 (CLOUDFLAR...)
15 58 142.251.40.130 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2620:100:a001::3 19750 (AS-CRITEO)
3 2620:100:a001... 19750 (AS-CRITEO)
5 6 2620:112:f002... 6336 (TURN-US-ASN)
2 4 2620:1ec:21::14 8068 (MICROSOFT...)
10 16 69.173.151.100 26667 (RUBICONPR...)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 1 52.45.175.185 14618 (AMAZON-AES)
4 5 185.167.164.37 198622 (ADFORM)
6 12 151.101.194.49 54113 (FASTLY)
3 23 162.248.18.37 62713 (AS-PUBMATIC)
3 4 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 1 141.94.171.215 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 9 8.28.7.83 62713 (AS-PUBMATIC)
1 54.147.97.191 14618 (AMAZON-AES)
3 52.3.185.245 14618 (AMAZON-AES)
4 4 52.21.122.168 14618 (AMAZON-AES)
4 4 199.38.167.130 54312 (ROCKETFUEL)
8 8 50.31.142.159 22075 (AS-OUTBRAIN)
19 22 35.211.178.172 15169 (GOOGLE)
23 2620:100:a001::4 19750 (AS-CRITEO)
3 74.119.119.147 19750 (AS-CRITEO)
2 3 8.18.47.7 398989 (DEEPINTENT)
3 3 23.43.252.214 16625 (AKAMAI-AS)
1 34.96.105.8 396982 (GOOGLE-CL...)
4 4 74.119.119.150 19750 (AS-CRITEO)
4 4 34.233.108.47 14618 (AMAZON-AES)
5 5 207.198.113.90 13768 (COGECO-PEER1)
7 9 107.178.246.49 15169 (GOOGLE)
4 5 35.207.24.140 15169 (GOOGLE)
2 2 54.157.142.114 14618 (AMAZON-AES)
19 19 199.127.204.171 26120 (RHYTHMONE)
7 8 18.214.96.241 14618 (AMAZON-AES)
1 2 35.186.193.173 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
3 3 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 3.227.167.227 14618 (AMAZON-AES)
5 5 68.67.160.24 29990 (ASN-APPNEX)
21 2620:100:a001::a 19750 (AS-CRITEO)
5 2620:100:a001... 19750 (AS-CRITEO)
7 7 35.190.90.30 15169 (GOOGLE)
2 3 35.186.253.211 15169 (GOOGLE)
1 1 52.73.27.182 14618 (AMAZON-AES)
7 10 52.45.33.138 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 72.21.81.64 15133 (EDGECAST)
2 2 135.148.35.199 16276 (OVH)
2 2 202.241.208.53 4694 (IDCF IDC ...)
1 3.135.132.32 16509 (AMAZON-02)
1 184.28.61.13 16625 (AKAMAI-AS)
2 205.185.216.42 20446 (STACKPATH...)
2 5 2a02:2638:1::13 44788 (ASN-CRITE...)
2 6 8.28.7.84 62713 (AS-PUBMATIC)
3 74.119.119.139 19750 (AS-CRITEO)
2 99.84.37.71 16509 (AMAZON-02)
12 184.29.128.24 16625 (AKAMAI-AS)
10 173.223.72.70 16625 (AKAMAI-AS)
1 23.52.160.130 16625 (AKAMAI-AS)
1 18.164.116.3 16509 (AMAZON-02)
1 1 37.157.6.254 198622 (ADFORM)
2 3 108.138.128.83 16509 (AMAZON-02)
7 7 74.121.140.14 30419 (MEDIAMATH...)
1 3 213.19.162.80 26667 (RUBICONPR...)
1 3 199.187.193.177 47043 (SMARTADSE...)
6 8 8.28.7.82 62713 (AS-PUBMATIC)
4 4 23.32.172.185 16625 (AKAMAI-AS)
4 4 52.41.85.220 16509 (AMAZON-02)
2 2 132.226.63.138 31898 (ORACLE-BM...)
1 5 199.187.193.199 47043 (SMARTADSE...)
23 3.229.193.235 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 8.28.7.109 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2 3.222.96.203 14618 (AMAZON-AES)
1 52.95.118.179 16509 (AMAZON-02)
2 2 173.231.178.81 32475 (SINGLEHOP...)
1 2 52.1.62.93 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.214.223.115 15169 (GOOGLE)
1 1 172.105.203.31 63949 (AKAMAI-AP...)
1 5.161.54.172 213230 (HETZNER-C...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 184.86.146.172 16625 (AKAMAI-AS)
1 1 34.225.197.151 14618 (AMAZON-AES)
1 3.210.134.189 14618 (AMAZON-AES)
1 2 4.78.226.233 3356 (LEVEL3)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 52.73.201.215 14618 (AMAZON-AES)
2 3 199.187.193.202 47043 (SMARTADSE...)
1 2600:9000:21d... 16509 (AMAZON-02)
1 1 69.175.41.2 32475 (SINGLEHOP...)
1 1 198.24.162.123 19437 (SS-ASH)
1 5 192.40.39.223 27381 (CASALE-MEDIA)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 24 54.87.127.173 14618 (AMAZON-AES)
1 47.252.78.131 45102 (ALIBABA-C...)
2 3 70.42.32.127 22075 (AS-OUTBRAIN)
2 2 96.46.183.20 7979 (SERVERS-COM)
1 2 8.2.111.13 ()
1 1 67.202.105.24 32748 (STEADFAST)
2 2 52.21.44.152 14618 (AMAZON-AES)
2 3 80.77.87.162 46636 (NATCOWEB)
1 1 35.172.92.2 14618 (AMAZON-AES)
2 2 8.43.72.98 26667 (RUBICONPR...)
745 116
Apex Domain
Subdomains
Transfer
222 thehackernews.com
thehackernews.com — Cisco Umbrella Rank: 137454
4 MB
76 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 192
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
245 KB
59 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 444
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 702
simage2.pubmatic.com — Cisco Umbrella Rank: 654
image2.pubmatic.com — Cisco Umbrella Rank: 862
simage4.pubmatic.com — Cisco Umbrella Rank: 1186
image8.pubmatic.com — Cisco Umbrella Rank: 616
image4.pubmatic.com — Cisco Umbrella Rank: 898
aud.pubmatic.com — Cisco Umbrella Rank: 4371
66 KB
49 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.us.criteo.net — Cisco Umbrella Rank: 2475
csm.us.criteo.net — Cisco Umbrella Rank: 2416
521 KB
38 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 876
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
eus.rubiconproject.com — Cisco Umbrella Rank: 532
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2039
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1031
69 KB
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
394 KB
30 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
13 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960
66 KB
25 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1318
usersync.gumgum.com — Cisco Umbrella Rank: 1725
8 KB
24 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3121
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 2867
11 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
secure.adnxs.com — Cisco Umbrella Rank: 413
acdn.adnxs.com — Cisco Umbrella Rank: 550
39 KB
22 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 276
9 KB
22 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 698
rtb.va.us.criteo.com — Cisco Umbrella Rank: 5111
ads.us.criteo.com — Cisco Umbrella Rank: 2354
cat.va.us.criteo.com — Cisco Umbrella Rank: 2726
dis.criteo.com — Cisco Umbrella Rank: 703
gum.criteo.com — Cisco Umbrella Rank: 385
mug.criteo.com — Cisco Umbrella Rank: 2848
156 KB
21 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 794
cs.emxdgt.com — Cisco Umbrella Rank: 1048
5 KB
20 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 15239
us-u.openx.net — Cisco Umbrella Rank: 420
rtb.openx.net — Cisco Umbrella Rank: 1592
u.openx.net — Cisco Umbrella Rank: 630
4 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
10 KB
18 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1645
public.servenobid.com — Cisco Umbrella Rank: 3061
10 KB
17 media.net
prebid.media.net — Cisco Umbrella Rank: 1038
cs.media.net — Cisco Umbrella Rank: 1323
contextual.media.net — Cisco Umbrella Rank: 543
c21lg-d.media.net — Cisco Umbrella Rank: 1778
20 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417
5 KB
14 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1320
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1297
10 KB
13 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 521
9 KB
13 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
displayf-tm.everesttech.net — Cisco Umbrella Rank: 5209
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net — Cisco Umbrella Rank: 6327
statsf-tm.everesttech.net — Cisco Umbrella Rank: 4394
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2548
7 KB
13 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 911
match.sharethrough.com — Cisco Umbrella Rank: 507
4 KB
12 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 4991
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1811
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
ssbsync.smartadserver.com — Cisco Umbrella Rank: 780
4 KB
11 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 838
3 KB
10 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 949
pixel.quantserve.com — Cisco Umbrella Rank: 662
cms.quantserve.com — Cisco Umbrella Rank: 636
13 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 431
1 KB
9 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16218
e3.adpushup.com — Cisco Umbrella Rank: 17792
204 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
3 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 515
5 KB
8 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 525
6 KB
8 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2114
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4714
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5560
emx-match.dotomi.com — Cisco Umbrella Rank: 8468
prebid-match.dotomi.com — Cisco Umbrella Rank: 2311
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2837
2 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
4 KB
7 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1028
1 KB
7 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1128
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3213
4 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 954
4 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
cm.adform.net — Cisco Umbrella Rank: 1425
3 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 721
r.turn.com — Cisco Umbrella Rank: 3102
3 KB
6 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 803
6 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 887
1 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 611
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
238 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 393
7 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 595
ce.lijit.com — Cisco Umbrella Rank: 850
2 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1039
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
sync.crwdcntrl.net — Cisco Umbrella Rank: 747
11 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 689
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 584
3 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
2 KB
4 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2911
p.rfihub.com — Cisco Umbrella Rank: 726
3 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2206
ad.360yield.com — Cisco Umbrella Rank: 648
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 345
id.rlcdn.com — Cisco Umbrella Rank: 593
1 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 650
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 333
1 KB
3 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 931
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 712
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 469
2 KB
3 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 773
cdn.flashtalking.com — Cisco Umbrella Rank: 1023
49 KB
3 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3662
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 533
947 B
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 516
2 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 835
936 B
3 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1134
103 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 788
2 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1291
942 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1595
1 KB
2 iqzone.com
cs.iqzone.com Failed
871 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4454
965 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 885
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 728
s.tribalfusion.com — Cisco Umbrella Rank: 1773
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1331
833 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1327
1011 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 3542
643 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1159
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3812
1 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1224
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 935
2 KB
2 dyntrk.com
c.us1.dyntrk.com — Cisco Umbrella Rank: 10773
1 KB
2 tubemogul.com
playtime.tubemogul.com — Cisco Umbrella Rank: 5746
11 KB
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3561
ipac.ctnsnet.com — Cisco Umbrella Rank: 5102
717 B
2 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1790
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2999
mwzeom.zeotap.com — Cisco Umbrella Rank: 2491
823 B
2 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 8898
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 679
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 625
620 B
2 districtm.io
dmx.districtm.io Failed
cdn.districtm.io — Cisco Umbrella Rank: 11309
4 KB
1 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2078
654 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 798
501 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 1923
106 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1488
350 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3915
606 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2052
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3576
464 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1505
109 B
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1289
552 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5405
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5849
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2122
395 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 826
226 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2217
292 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1206
674 B
1 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 3241
15 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5281
416 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1808
172 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2968
400 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 716
633 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 11919
577 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 813
701 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1406
506 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
28 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 870
616 B
1 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10200
234 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 672
31 KB
1 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 541
162 B
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 13508
38 KB
0 krushmedia.com Failed
cs.krushmedia.com Failed
745 118
Domain Requested by
222 thehackernews.com thehackernews.com
58 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
us-u.openx.net
onetag-sys.com
g2.gumgum.com
30 onetag-sys.com 5 redirects cdn.adpushup.com
s.amazon-adsystem.com
onetag-sys.com
ads.pubmatic.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
24 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
23 cs.minutemedia-prebid.com ads.pubmatic.com
cs-rtb.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
23 static.criteo.net ads.us.criteo.com
cdn.adpushup.com
static.criteo.net
23 simage2.pubmatic.com 3 redirects ads.pubmatic.com
contextual.media.net
22 x.bidswitch.net 19 redirects onetag-sys.com
ads.pubmatic.com
21 pix.us.criteo.net ads.us.criteo.com
21 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
bh.contextweb.com
ads.pubmatic.com
e1.emxdgt.com
us-u.openx.net
onetag-sys.com
ssum-sec.casalemedia.com
20 e1.emxdgt.com 1 redirects s.amazon-adsystem.com
e1.emxdgt.com
19 match.adsrvr.org 18 redirects cdn.adpushup.com
17 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
17 ib.adnxs.com 13 redirects cdn.adpushup.com
acdn.adnxs.com
17 ads.servenobid.com cdn.adpushup.com
ads.pubmatic.com
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
eus.rubiconproject.com
15 us-u.openx.net 4 redirects 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
us-u.openx.net
cdn.adpushup.com
15 pagead2.googlesyndication.com thehackernews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
www.googletagservices.com
13 sync.1rx.io 13 redirects
12 contextual.media.net cdn.adpushup.com
contextual.media.net
ads.pubmatic.com
eus.rubiconproject.com
12 pixel.rubiconproject.com 6 redirects onetag-sys.com
11 match.sharethrough.com 6 redirects s.amazon-adsystem.com
match.sharethrough.com
11 prebid.a-mo.net 7 redirects cdn.adpushup.com
10 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 ups.analytics.yahoo.com 7 redirects us-u.openx.net
onetag-sys.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 pixel.tapad.com 7 redirects us-u.openx.net
ads.pubmatic.com
9 image2.pubmatic.com 2 redirects ads.pubmatic.com
8 image8.pubmatic.com 6 redirects onetag-sys.com
8 match.prod.bidr.io 7 redirects e1.emxdgt.com
8 b1sync.zemanta.com 8 redirects
8 bh.contextweb.com 5 redirects s.amazon-adsystem.com
bh.contextweb.com
7 sync.mathtag.com 7 redirects
7 odr.mookie1.com 7 redirects
6 sync.targeting.unrulymedia.com 6 redirects
6 cms.quantserve.com 5 redirects 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
6 sync-tm.everesttech.net 6 redirects
6 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
6 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
cdn.adpushup.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
6 sync.inmobi.com 6 redirects
6 sync.go.sonobi.com 5 redirects s.amazon-adsystem.com
6 e3.adpushup.com thehackernews.com
6 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
thehackernews.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 gum.criteo.com 2 redirects static.criteo.net
contextual.media.net
5 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
ssum-sec.casalemedia.com
5 csm.us.criteo.net ads.us.criteo.com
5 secure.adnxs.com 5 redirects
5 rtb.mfadsrvr.com 4 redirects e1.emxdgt.com
5 pixel-sync.sitescout.com 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 ad.turn.com 5 redirects
5 www.googletagservices.com googleads.g.doubleclick.net
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 id5-sync.com 5 redirects
4 token.rubiconproject.com 4 redirects
4 pm.w55c.net 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
ads.pubmatic.com
4 i.liadm.com 4 redirects
4 sync.ipredictive.com 4 redirects
4 dis.criteo.com 4 redirects
4 statsf-tm.everesttech.net 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
4 px.ads.linkedin.com 2 redirects ads.pubmatic.com
4 sync.srv.stackadapt.com 4 redirects
4 eb2.3lift.com 3 redirects public.servenobid.com
4 ap.lijit.com 2 redirects cdn.adpushup.com
3 cs.admanmedia.com 2 redirects cs-rtb.minutemedia-prebid.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 image4.pubmatic.com 2 redirects ads.pubmatic.com
3 prebid-match.dotomi.com 3 redirects
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 aa.agkn.com 2 redirects ads.pubmatic.com
3 mug.criteo.com
3 simage4.pubmatic.com ads.pubmatic.com
3 rtb.openx.net 2 redirects us-u.openx.net
3 a.clickcertain.com 3 redirects
3 p.rfihub.com 3 redirects
3 creativecdn.com 3 redirects
3 sync.crwdcntrl.net 1 redirects 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
ads.pubmatic.com
3 stags.bluekai.com 3 redirects
3 match.deepintent.com 2 redirects e1.emxdgt.com
3 cat.va.us.criteo.com ads.us.criteo.com
3 rtb.adentifi.com 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
3 idsync.rlcdn.com 2 redirects us-u.openx.net
3 ads.us.criteo.com googleads.g.doubleclick.net
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
3 rtb.va.us.criteo.com googleads.g.doubleclick.net
thehackernews.com
3 ssum.casalemedia.com 3 redirects
3 um.simpli.fi 3 redirects
3 cs.media.net 1 redirects contextual.media.net
3 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pixel.quantserve.com 1 redirects thehackernews.com
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
3 c.amazon-adsystem.com cdn.adpushup.com
c.amazon-adsystem.com
3 cdn.adpushup.com thehackernews.com
cdn.adpushup.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 ssp.disqus.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ad.360yield.com 2 redirects
2 cs.iqzone.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 io.narrative.io 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 cdn.districtm.io cdn.adpushup.com
cdn.districtm.io
2 cdn.flashtalking.com servedby.flashtalking.com
blank
2 tg.socdm.com 2 redirects
2 c.us1.dyntrk.com 2 redirects
2 playtime.tubemogul.com displayf-tm.everesttech.net
playtime.tubemogul.com
2 aorta.clickagy.com 2 redirects
2 match.360yield.com 2 redirects
2 google.partners.tremorhub.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 ads.yieldmo.com 1 redirects cdn.adpushup.com
2 btlr.sharethrough.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 ad.doubleclick.net 1 redirects thehackernews.com
1 cs.emxdgt.com 1 redirects
1 a.audrte.com 1 redirects
1 u.openx.net 1 redirects
1 ssc-cms.33across.com 1 redirects
1 event.clientgear.com g2.gumgum.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 server.cpmstar.com 1 redirects
1 ce.lijit.com 1 redirects
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 bpi.rtactivate.com ads.pubmatic.com
1 mid.rkdms.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 csync.loopme.me 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 aax-eu.amazon-adsystem.com
1 c21lg-d.media.net contextual.media.net
1 pubmatic-match.dotomi.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 cm.adform.net 1 redirects
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 rtd-tm.everesttech.net 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
1 servedby.flashtalking.com thehackernews.com
1 sync-dmp.mobtrakk.com 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
1 id.rlcdn.com 1 redirects
1 cc.adingo.jp 1 redirects
1 cm.ctnsnet.com 1 redirects
1 emx-match.dotomi.com 1 redirects
1 tr.blismedia.com e1.emxdgt.com
1 a.rfihub.com 1 redirects
1 rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
1 displayf-tm.everesttech.net 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 pippio.com 1 redirects
1 im.bluevoox.com 1 redirects
1 r.turn.com googleads.g.doubleclick.net
1 pulsepoint-match.dotomi.com 1 redirects
1 amazon-tam-match.dotomi.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 hbopenbid.pubmatic.com cdn.adpushup.com
1 web.hb.ad.cpe.dotomi.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdnjs.cloudflare.com thehackernews.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 rules.quantcount.com secure.quantserve.com
1 tags.crwdcntrl.net thehackernews.com
1 secure.quantserve.com cdn.adpushup.com
1 http-intake.logs.datadoghq.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
1 tps.doubleverify.com thehackernews.com
1 blogger.googleusercontent.com thehackernews.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 dmx.districtm.io Failed cdn.adpushup.com
cdn.districtm.io
745 196
Subject Issuer Validity Valid
thehackernews.com
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
cdn.adpushup.com
R3
2022-11-16 -
2023-02-14
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.logs.datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-26 -
2023-04-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-02 -
2023-09-02
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
quantserve.com
R3
2023-01-10 -
2023-04-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-04 -
2023-03-31
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
teads.tv
R3
2023-01-20 -
2023-04-20
3 months crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
*.sharethrough.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-10 -
2023-08-11
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.a-mo.net
R3
2022-12-04 -
2023-03-04
3 months crt.sh
*.yieldmo.com
Amazon
2022-09-12 -
2023-10-12
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-05-31 -
2023-07-02
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-05-08
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2022-05-18 -
2023-06-19
a year crt.sh
www.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-18 -
2023-03-15
3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-12 -
2023-03-10
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
*.tmogul.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-10 -
2023-07-11
a year crt.sh
adentifi.com
Amazon
2022-08-05 -
2023-09-03
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-15
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-12-14 -
2023-03-14
3 months crt.sh
rtb.mfadsrvr.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-11 -
2023-12-11
a year crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-16 -
2023-04-19
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.tubemogul.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-20 -
2023-06-20
a year crt.sh
sync-dmp.mobtrakk.com
R3
2022-12-13 -
2023-03-13
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-11 -
2023-11-12
a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-27 -
2023-02-25
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
cdn.districtm.io
Amazon
2022-08-08 -
2023-09-06
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
*.servenobid.com
Amazon
2023-01-07 -
2024-02-05
a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-09-27 -
2023-03-22
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
cs.minutemedia-prebid.com
Amazon
2023-01-04 -
2024-02-03
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA
2022-09-27 -
2023-03-08
5 months crt.sh
truffle.bid
R3
2022-12-21 -
2023-03-21
3 months crt.sh
*.iprom.net
R3
2022-12-05 -
2023-03-05
3 months crt.sh
rtactivate.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
gumgum.com
Amazon
2022-07-07 -
2023-08-05
a year crt.sh
*.minutemedia-prebid.com
Amazon
2022-05-31 -
2023-06-29
a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2
2022-04-05 -
2023-05-07
a year crt.sh
*.ad-server.k8s.ggops.com
Amazon
2023-01-10 -
2024-02-09
a year crt.sh

This page contains 98 frames:

Primary Page: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Frame ID: AE74FE7CC870BB591301F324B70BEAFA
Requests: 293 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Frame ID: C1228F86AA61D69844478F92C731AFEE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
Frame ID: 0D803CB1591415C3D588651153FBBFDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1674476095&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x540_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335791&bpp=5&bdt=1689&idt=206&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7090965524977&frm=20&pv=2&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234
Frame ID: F204ECD6C5856598E95EBBC2872FAC55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Frame ID: FFC657299FD8B5533A61040FE534C974
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Frame ID: EBD54F7C9ABC96919F962567B06FE3F8
Requests: 9 HTTP requests in this frame

Frame: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B55F0DC1EE9D2A017EBA81E1990385B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Frame ID: A315A8376AA3AD9DE71DE4C04A211C73
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 7889F4BADB7B645297EB9F822E83CA90
Requests: 5 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Frame ID: 464DC1140B78EC0FABFB2035F7CA690A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8681080202229734004&gdpr=0&gdpr_consent=
Frame ID: 6A57A8004709EB533A510CF4EFFBCB26
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736
Frame ID: E1A15791F1F3AACF4B6DD6F1285C2893
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
Frame ID: 1C85C54062FFBDBDD456059BFBE6C849
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 048E8B868C75CF1FB524089F38117433
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 1F434A49FBDA221BF72E0F7E12B47380
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: B8C55F61E6B22CFB30607D91863AC2BA
Requests: 4 HTTP requests in this frame

Frame: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Frame ID: 28519AC8A93DEC3711919D280714F4F1
Requests: 24 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6733065173710718434&ex=appnexus.com
Frame ID: F0C2772BFD72CC3C420A5B50805E6D3E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1233109657613021960210
Frame ID: E775AC231D9AA6781DDB2C1471B448F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B8E646F7D4371C268C44B9519D19C63
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7854B66A8CA414AB8053E0E4649D8BA
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Frame ID: 3402C3993853DF26E42EE8E74A9F2415
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B25D3BC369343DEBE484FCE133499A70
Requests: 9 HTTP requests in this frame

Frame: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5B8C6BC7EAB825465B352B6461E0625
Requests: 12 HTTP requests in this frame

Frame: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B1ED4CD30D057D6C4AF65E39C10811F
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
Frame ID: 6D91C3ECC9DB3D3A0E9A9A8BA0AB9E27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y86mKQABeG-JIQAb&gdpr=1&gdpr_consent=&_test=Y86mKQABeG-JIQAb
Frame ID: 3FEDD04ED1075FF2D5C9634F6B460538
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID23E78CAF-EA8D-4216-AA92-89883064497A
Frame ID: 044F8608B01B49C417F4FABDFE85EF5A
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 58338814B5A4DF7B3A2481DAF01BFD57
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9AFB20907660AF826DDEB1C8953BEF0C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A6D36010884EBCAD2A6F57A2C67F32E8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A876A8CBC4CAD9379EC713C86AED5077
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Frame ID: 84E9B39A3B91EE6A9F7FDAC3A7A7D7E4
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0D9EFB7D2EA1BE29C1B00E00CF9F96C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 38A246C46ED72EF8A3148F4A45165FAA
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Frame ID: C8A3D37A7C6720E3212FC44C68474C7B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D68CEAAD76DF92F3EFA366F8FD26EC0B
Requests: 9 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=25281410-33e2-4100-8b97-320e2caf2f9d.1
Frame ID: C8752D684373DCDE5955F4E158F46ECB
Requests: 8 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/199363;7080797;201;js;AdobeAdCloud;TR247057101B300x250jpg90634477014O0000016pwoQAA/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20230123102217%3Ad%26s_kwcid%3DAC!y6TJDFcZjBmQhPtEbWYr!wwtdkr6dGPC03raBDObn&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=25281410-33e2-4100-8b97-320e2caf2f9d.1&cachebuster=208057.62770185422
Frame ID: 6F3BB46841592A2997EF4D74F3ADE9D3
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thehackernews.com
Frame ID: C150D685631920203652AD7291F36BE2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 2D1573599ECFD461700761F3375A573D
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: B128341A6BDD06BDC4B86863520DD938
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B22B3E688609A90FC300502009B50CE3
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1674487335917
Frame ID: 4276CE457046F4FB7DC248AF93CB6AB7
Requests: 14 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Frame ID: 561B21E99807D325832A653F3FA61415
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AB84D31B241454A6E337BAAF98694863
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7AFFF11994C622F904894B390A3E7A7F
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Frame ID: 48EE8123E3E25BF07293265599294E64
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 68804E2B93B2B1B64A6C7778F124D1F0
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=rkt&refUrl=&vid=44873393623174889366419408000V10&ovsid=851333241415277361
Frame ID: 128205667C76C9DEB7EBCD5182D86E93
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Frame ID: 51C8B83329E0E42686257B0D16FFA6A8
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=23E78CAF-EA8D-4216-AA92-89883064497A&redir=true&gdpr=0&gdpr_consent=
Frame ID: B38B9A7AD33653F2D2D853C6598C9F76
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
Frame ID: EE60FDB1EF6966CB1E9F4FD04BF66A6B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Frame ID: C429989751E16441C43B4C702D7F23C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 04127B679D8F398C10367DB02DD42142
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7
Frame ID: F4BB6281AE518584B6FAAEAD254CE6F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6733065173710718434&gdpr=0&gdpr_consent=
Frame ID: C2F43D9677679449DBF599B3F6ABEB04
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2f962032988a4842baa98
Frame ID: 58AD4019F6467A4246ABDE854C6E6831
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba37cc44-9b31-11ed-9559-2c64530b0a35
Frame ID: 6DA5393EE8ABD33CF35E5A60C095B78D
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23E78CAF-EA8D-4216-AA92-89883064497A
Frame ID: 4C4B6DC9971703F00E22B20E92D998D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FS9LiMPt1PjYEj5&gdpr=0&gdpr_consent=
Frame ID: 96D39730FAE297A1A0DBC0C1780BD6FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=735127523027
Frame ID: 3918F93CBD58A587E77736B35AE27B45
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AF1AAED519A3344DDB937901B176C222
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GZRzl4UwQCNEuHuzO6M4yKdYB6I
Frame ID: 7FA25C58928932103E91D370E01F5C88
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BAO_P5htM
Frame ID: 229EB29F1D8998C8BC3043D0146554B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9E6D8C3331CE244A798414DCD998D7AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Frame ID: 16EF948E00D9BD6D665A23AAC2C4E7AB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Frame ID: E6EC1FA4D768D30152FF7E8191116799
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3ACC4CBD5E5F305D686EC5C97D1E78EE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 07D5AD5023C7EB6EE33F5FEFFD401065
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e9742f81-43dd-4213-8350-fc1f2346c4fd
Frame ID: C949E7B4890E51B9924739DD40EED0A9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CD4F8A58404F3CC2C68DFCBC614F8831
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1&gdpr=0&gdpr_consent=
Frame ID: E0C1F6EB6ED7241A126CB7D9C2DFED1F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7277737392085258416
Frame ID: B230CD998B877312C9B18E50AA4613E2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=pba&refUrl=&vid=44873393623174889366419408000V10&ovsid=23E78CAF-EA8D-4216-AA92-89883064497A
Frame ID: 946746EB61E208F0FD3426FA6BCA10EF
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B8FEAA6E57D5BDF21C864D61D3CE1534
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 326C193CAC036CCC0EBFD039917CFF81
Requests: 13 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8A438323E430A7A9A1D8A6DDC01FA0AF
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 72B6AB2619587BF53AF6577661FE7CD4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: CF75A0AD9C82716ED4E5FFB4B83B59FD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 6A19CCBC4105FCA5EB72FA88E2346FAF
Requests: 2 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: BD923F05AAC839E983CB2455584CCB84
Requests: 25 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
Frame ID: A69519CAFFDAF26BE99CEAF1E9859C75
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 3D6888F7C41734DAEF392C7865EC2C7C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
Frame ID: 9B64BE7B625AB4A0965E7E77926ED47B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Frame ID: AF4BAF926E0536E0616337D52AF50C9F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y86mKQABeG-JIQAb&gdpr=0&gdpr_consent=
Frame ID: FCD7A0B7947367D7BC584B394C6308F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hNzlkZTYyZC1iZDM3LTRlNWYtYTk5ZS1mOWZmNmI2ZDI2YjY=&gdpr=0&gdpr_consent=
Frame ID: D780329A090B1F9D76587924655E6B23
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=6733065173710718434brt56831674487336491320b5
Frame ID: 28F632325ADF88739865BE89577D5C62
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y86mKsCo5tAAAAaHFiMAAAAA
Frame ID: 452227378C7E929D20F259423789124F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Frame ID: B0A5FACF89E15F34214F990709968416
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Frame ID: 9018F3E2DC37C30611E949F1FAF02622
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=8oolc2dejhzYX9zHqr4C&pi=gumgum
Frame ID: 6859751FCAD678140B46693E6D5BEE43
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 224A6ADD45CA65D6F699AD5837BE96EE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 3E7E290AF5ABE820CD9A81CEACD05435
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 78F74C499D2E2C81080667F5BEDA2C8C
Requests: 13 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Frame ID: F6E1B9C22FB154BFF1420451580B948B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=23E78CAF-EA8D-4216-AA92-89883064497A
Frame ID: 10EBA52E0633859A5CE2636B23DF1A30
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

745
Requests

72 %
HTTPS

22 %
IPv6

118
Domains

196
Subdomains

116
IPs

10
Countries

6035 kB
Transfer

9123 kB
Size

265
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/B29108100.354800350;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;ord=1674487334049;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/B29108100.354800350;dc_pre=COSh9rX_3fwCFUdlcgodYy0LVA;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;ord=1674487334049;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 72
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
Request Chain 94
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3174889366419408000V10
Request Chain 95
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=5f484d19
Request Chain 97
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=FCDE7643AF4548A79DEE48D8B397BDF1&ex=simpli.fi&status=ok
Request Chain 99
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8681080202229734004&gdpr=0&gdpr_consent=
Request Chain 100
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736
Request Chain 101
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
Request Chain 104
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 105
  • https://e1.emxdgt.com/um?if=true&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/umcheck?&if=true&apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
  • https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Request Chain 106
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6733065173710718434&ex=appnexus.com
Request Chain 107
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1233109657613021960210
Request Chain 118
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Request Chain 119
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Request Chain 120
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d88897d5-c1d3-4ad9-4946-9422b7a8642d$ip$167.88.7.162
Request Chain 121
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__&s=186046&C=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=YUNKbTBoZmN0VWM1ZDNIVHkwRldpUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESECgjTrnE6Q7vEkn6bo1adN0&google_cver=1
Request Chain 124
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736&nuid=
Request Chain 139
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELmfUG-f3qxwYoQGc4WWfqw&google_cver=1&google_push=Aa02lx-GahcTRKQiDUBRnAGPKtINd0bAgGviO7SSThpq8P1sqI1zLetzEn8CgJgaRjMsTVnG3bv_Nus49tyqSF6970p7u0Mz5P2slbiI1higBGd68_QfwKM_dikCFb4rHinGfq3HfAQTFFVzktKlp894Zs4RGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyNjcyMDQ0MTQzMTA5MjA3Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFIgvV6Rz2qbIbrSk7MLlIM&google_cver=1
Request Chain 140
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECSaEk_306gIjd7Nc5Ny0q4&google_cver=1&google_push=Aa02lx8m1ulAtc6dGjiGF3pUYrasKmNtVeeZJb0xmUrOOvkIc23c0DyPq4MpLLjyE2FqXBihLtKvEST-yKwNWIvBvZjVd-Ae-SZ58omrfzPihCSeBwZMNYaVsaLddOW90vpVt7FQ8osK0PpwtYwak7OiRSDXW00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx8m1ulAtc6dGjiGF3pUYrasKmNtVeeZJb0xmUrOOvkIc23c0DyPq4MpLLjyE2FqXBihLtKvEST-yKwNWIvBvZjVd-Ae-SZ58omrfzPihCSeBwZMNYaVsaLddOW90vpVt7FQ8osK0PpwtYwak7OiRSDXW00
Request Chain 141
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAE5BYaQ9XXgEMuq0nyEYZU&google_cver=1&google_push=Aa02lx95YgViGdN5oIj0rFMBbIqpYHmpReGP6Elatpfh1wpPbklCt1TLFAdB_c0OBp-7W-ix5OHhxzsz_snjdaOcmj0S1cIqkIQF5GVJJcRaEf9zd_jQ89kNyPUsD129_4q9n2F5gj6GWcIdokXfeP3hnEhDrjE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx95YgViGdN5oIj0rFMBbIqpYHmpReGP6Elatpfh1wpPbklCt1TLFAdB_c0OBp-7W-ix5OHhxzsz_snjdaOcmj0S1cIqkIQF5GVJJcRaEf9zd_jQ89kNyPUsD129_4q9n2F5gj6GWcIdokXfeP3hnEhDrjE
Request Chain 142
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx-0mwiXmeRy2H54tvQl2mTrU1zs_OkwqwAa4UOb-DZ9QekAgVUaZ_xCPTPZ5N_9G1pHZn8UjzZ1T3FQlMlyNoUKZJHnhhGwgwTo778_MpX_Iwj3-qpZxjiJjC6aPv45sGWOJNOM-0_ULJyyb4dMqL3BQVg%26google_hm%3D%5BUID%5D&google_gid=CAESEKwMYFVWyDEcCnVD4tSaj70&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx-0mwiXmeRy2H54tvQl2mTrU1zs_OkwqwAa4UOb-DZ9QekAgVUaZ_xCPTPZ5N_9G1pHZn8UjzZ1T3FQlMlyNoUKZJHnhhGwgwTo778_MpX_Iwj3-qpZxjiJjC6aPv45sGWOJNOM-0_ULJyyb4dMqL3BQVg&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Request Chain 143
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEAR4GBF6qOVOxq96yHesPXo&google_cver=1&google_push=Aa02lx-H1M9buAW4JWVuSniE3ZHV4gmfLGIay_2fD81ZdIcaRGu8JZPD7IXrDE0krwxBjNOtqxIjiU0h8wPo_LX1RjdVC3Utk_3TDfS80TCe66sc-_mjlqt4LFxpWV1xHhKBpDsfsHzP53qFDRy1CsoHT64qKvE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEAR4GBF6qOVOxq96yHesPXo&google_cver=1&google_push=Aa02lx-H1M9buAW4JWVuSniE3ZHV4gmfLGIay_2fD81ZdIcaRGu8JZPD7IXrDE0krwxBjNOtqxIjiU0h8wPo_LX1RjdVC3Utk_3TDfS80TCe66sc-_mjlqt4LFxpWV1xHhKBpDsfsHzP53qFDRy1CsoHT64qKvE
Request Chain 144
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAHAT8ZrlVA2yjdWtP-DJ1Y&google_cver=1&google_push=Aa02lx8K0VoWZG_rUDov6DKB5l1YZen2VauTFQlyE9RML9MSDiCocht8xgIMvqFdRR11RBw_kw9CddqypnVszJ93elRUh-O3E2W53Y-5UdmfgqeGMbkZwTAj_njcSnOmIs4XMM_AyTGsi-JB_9D5nGuNnQbhg1eD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8K0VoWZG_rUDov6DKB5l1YZen2VauTFQlyE9RML9MSDiCocht8xgIMvqFdRR11RBw_kw9CddqypnVszJ93elRUh-O3E2W53Y-5UdmfgqeGMbkZwTAj_njcSnOmIs4XMM_AyTGsi-JB_9D5nGuNnQbhg1eD&google_hm=QlMuMzJhMS1lZGNhLTRlYmItYjYyMw==
Request Chain 145
  • https://sync.inmobi.com/gob?google_gid=CAESEF5zeE9RMXoaHeGMbNVXnZg&google_cver=1&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16DTuddabNMg3XxoKlEGtG4HURnpvoizjqtD8dZqeeE HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16DTuddabNMg3XxoKlEGtG4HURnpvoizjqtD8dZqeeE HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16DTuddabNMg3XxoKlEGtG4HURnpvoizjqtD8dZqeeE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16DTuddabNMg3XxoKlEGtG4HURnpvoizjqtD8dZqeeE&google_nid=inmobi_new_eb
Request Chain 161
  • https://c1.adform.net/serving/cookie/match?party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
Request Chain 162
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y86mKQABeG-JIQAb HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y86mKQABeG-JIQAb&gdpr=1&gdpr_consent=&_test=Y86mKQABeG-JIQAb
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I-eMr-qNQhaqkomIMGRJeg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 165
  • https://idsync.rlcdn.com/420486.gif?partner_uid=23E78CAF-EA8D-4216-AA92-89883064497A HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDIzRTc4Q0FGLUVBOEQtNDIxNi1BQTkyLTg5ODgzMDY0NDk3QRAAGg0Iqcy6ngYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&rand=07985862 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&rand=07985862&expected_cookie=e90b159f-8c12-4ae7-a745-e94f471fca75
Request Chain 166
  • https://pixel.onaudience.com/?partner=214&mapped=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=35bcdf5f3c7d20c9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e3233cf9-0634-40b9-4537-55f22d950997&reqId=538a2b23-a5bc-4ac1-7633-5c10fecee774&zcluid=35bcdf5f3c7d20c9&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELUd1h37KuZCct1mXJaotYE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e3233cf9-0634-40b9-4537-55f22d950997&reqId=538a2b23-a5bc-4ac1-7633-5c10fecee774&zcluid=35bcdf5f3c7d20c9&zdid=1332
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjNFNzhDQUYtRUE4RC00MjE2LUFBOTItODk4ODMwNjQ0OTdB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEplLbJ_NtStTTQGD8bQIyg&google_cver=1
Request Chain 169
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1
Request Chain 170
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 171
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d4647c7-bb63-4ba0-9c6c-cee5ed34b200&gdpr=0&gdpr_consent=
Request Chain 197
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJllfGXe0MqHJxSVfAwMJkc&google_cver=1&google_push=AavPq0POqgIe5zkQ9IgMDe4mYWTD5A7aMsXXI5bDsjR5rTt8JbdF9NHeBnBz92ib65kh2gKBayo48D_W9boQzcvZlO0tyXIH9Ivr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GZRzl4UwQCNEuHuzO6M4yKdYB6I&google_push=AavPq0POqgIe5zkQ9IgMDe4mYWTD5A7aMsXXI5bDsjR5rTt8JbdF9NHeBnBz92ib65kh2gKBayo48D_W9boQzcvZlO0tyXIH9Ivr
Request Chain 198
  • https://match.360yield.com/match/ebda?google_gid=CAESEDyHx4kk6w6NpaFa7L56UNA&google_cver=1&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0FHFMo1ukPPQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDyHx4kk6w6NpaFa7L56UNA&google_cver=1&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0FHFMo1ukPPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MkJmCvw4QEavtweEZMw4DQ&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0FHFMo1ukPPQ
Request Chain 199
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOS3XNz899wHqL3qkjP2l0U&google_cver=1&google_push=AavPq0OZgGg76T14s7o6D90nu0eMvcTLqUmQ3bbwuMrw_sZjIsJDiCV9SNj2x4pDSSiwl58ELW3qtw332VhjjJpbrlvZFUeDzeBI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0OZgGg76T14s7o6D90nu0eMvcTLqUmQ3bbwuMrw_sZjIsJDiCV9SNj2x4pDSSiwl58ELW3qtw332VhjjJpbrlvZFUeDzeBI&google_hm=ODUxMzMzMjQxNDE1Mjc3MzYx
Request Chain 200
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEH0LhlZNrN6g7EH8jF-_Kuk&google_cver=1&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRhahGU8Vhg1_H0TSWj2pu-iIUKg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEH0LhlZNrN6g7EH8jF-_Kuk&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRhahGU8Vhg1_H0TSWj2pu-iIUKg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRhahGU8Vhg1_H0TSWj2pu-iIUKg&google_hm=NUFmcjI5X3FkV3VXaDZLQVNZeDM=
Request Chain 201
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfUCwoa9JM46uqaYJ_fYto&google_cver=1&google_push=AavPq0P_-hJfzrSeOnAF29ahMDxUyULQKjklhv7HuZjdWqM6ZkYr1LXKdEXrHHbEhoU1fql7DL_B9ev6R6ORhWqCzskZCYr7aeur HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfUCwoa9JM46uqaYJ_fYto&google_cver=1&google_push=AavPq0P_-hJfzrSeOnAF29ahMDxUyULQKjklhv7HuZjdWqM6ZkYr1LXKdEXrHHbEhoU1fql7DL_B9ev6R6ORhWqCzskZCYr7aeur HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
Request Chain 210
  • https://b1sync.zemanta.com/usersync/emx/?puid=56831674487336491320b5&cb=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd57%26uid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=5Afr29_qdWuWh6KASYx3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DDNBQW4Z3FHVSW26BGOVUWIPJVIFTHEMRZL5YWIV3VK5UDMS2BKNMXQMY HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DDNBQW4Z3FHVSW26BGOVUWIPJVIFTHEMRZL5YWIV3VK5UDMS2BKNMXQMY HTTP 302
  • https://e1.emxdgt.com/put?d=d57&uid=5Afr29_qdWuWh6KASYx3
Request Chain 212
  • https://dis.criteo.com/dis/usersync.aspx?r=149&p=324&cp=emx&cu=1&url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd53%26uid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://e1.emxdgt.com/put?d=d53&uid=e094fbfc-98bf-447b-9823-36915e8ebe8d
Request Chain 213
  • https://c1.adform.net/serving/cookie/match?party=1276 HTTP 302
  • https://e1.emxdgt.com/put?d=d52&uid=1163824315312156669
Request Chain 214
  • https://emx-match.dotomi.com/match/bounce/current?networkId=46227&version=1&nuid=56831674487336491320b5 HTTP 302
  • https://e1.emxdgt.com/put?d=d48&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573737&nuid=56831674487336491320b5
Request Chain 215
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=emx&cspid=19&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd46%26uid%3D%24%7BADELPHIC_CUID%7D HTTP 302
  • https://e1.emxdgt.com/put?d=d46&uid=1b20469e-74a0-4047-8826-1c3df17e1cb2
Request Chain 216
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=114 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=114 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553%26partner_url%3Dhttps%253A%252F%252Fe1.emxdgt.com%252Fput%253Fd%253Dd38%2526uid%253Dd7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3Dd7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3Dd7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://e1.emxdgt.com/put?d=d38&uid=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
Request Chain 218
  • https://aorta.clickagy.com/pixel.gif?ch=177&cm=56831674487336491320b5&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd34%26uid%3D{visitor_id} HTTP 302
  • https://e1.emxdgt.com/put?d=d34&uid=Y86mKQElmgIw2Q7XHrSOPRzp
Request Chain 219
  • https://sync-tm.everesttech.net/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://e1.emxdgt.com/put?d=d32&uid=Y86mKQABeG-JIQAb
Request Chain 220
  • https://sync.1rx.io/usersync2/emx HTTP 302
  • https://sync.1rx.io/usersync2/emx?zcc=1&cb=1674487337260 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1528165120 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f105d891-05e9-4d32-aa2b-e9a4bfdd0784 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd31%26uid%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005 HTTP 302
  • https://e1.emxdgt.com/put?d=d31&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Request Chain 221
  • https://match.prod.bidr.io/cookie-sync/emx HTTP 303
  • https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Request Chain 222
  • https://cm.ctnsnet.com/int/cm?exc=22&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd25%26uid%3D%5Buser_id%5D HTTP 302
  • https://e1.emxdgt.com/put?d=d25&uid=a086ace933374a9eb30b13f087c64532
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=emxdigital HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=emxdigital&bsw_user_id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=emxdigital&bsw_user_id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=70bc7c92-7e4a-4877-be0e-b545f77053dc&ssp=emxdigital HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=
Request Chain 224
  • https://cms.quantserve.com/pixel/p-9zQtGV7AscK_-.gif?idmatch=0 HTTP 302
  • https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=0PAcoIf1TfLL9Eny3vpS_NbwSfbL-0z11fB7H35H
Request Chain 225
  • https://creativecdn.com/cm-notify?pi=emx HTTP 302
  • https://creativecdn.com/cm-notify?pi=emx&tc=1 HTTP 302
  • https://e1.emxdgt.com/put?d=d19&uid=8oolc2dejhzYX9zHqr4C&pi=emx&tc=1
Request Chain 226
  • https://p.rfihub.com/cm?pub=35927&in=1 HTTP 302
  • https://e1.emxdgt.com/put?d=d16&uid=851333241415277361
Request Chain 227
  • https://ad.turn.com/r/cs?pid=51 HTTP 302
  • https://e1.emxdgt.com/put?d=d15&uid=3567392977657129836
Request Chain 228
  • https://bh.contextweb.com/bh/rtset?pid=561594&ev=1&rurl=https://e1.emxdgt.com/put?d=d8&uid=%%VGUID%% HTTP 302
  • https://e1.emxdgt.com/put?d=d8&ev=1&uid=ocnaw3qIK5Iq&pid=561594
Request Chain 229
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=uk8nbff&ttd_tpi=1 HTTP 302
  • https://e1.emxdgt.com/put/?uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
Request Chain 230
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/put/?uid=$UID&d=d1 HTTP 302
  • https://e1.emxdgt.com/put/?uid=6733065173710718434&d=d1
Request Chain 232
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEO1I_BukTLK_p25gD7oWxdQ&google_cver=1&google_push=Aa02lx8JjCTh28jSQF9YodyXtpLLzOpG891Lj7TRkpqNuTOnY_lH6FGal5oFmE9OntSHhJrQ4oRLN9kpiSnT31mimg8VucEB87Et6J8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTg2bUtRQUJlRy1KSVFBYg==&google_gid=CAESEO1I_BukTLK_p25gD7oWxdQ&google_cver=1&google_push=Aa02lx8JjCTh28jSQF9YodyXtpLLzOpG891Lj7TRkpqNuTOnY_lH6FGal5oFmE9OntSHhJrQ4oRLN9kpiSnT31mimg8VucEB87Et6J8
Request Chain 233
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEP7yjFE3uhrCVxc9JrGD-mY&google_cver=1&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=63fbbc2a-72a4-4058-851c-af35c566bd25&ccid=63fbbc2a-72a4-4058-851c-af35c566bd25&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEP7yjFE3uhrCVxc9JrGD%252dmY%2526google_cver%253d1%2526google_push%253dAa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq%252dlMElTjV6ahZ%252dX5AhEdZE8RCgexvi%252d6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC%252dBg%2526anx_uId%253d%2524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEP7yjFE3uhrCVxc9JrGD%252dmY%2526google_cver%253d1%2526google_push%253dAa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq%252dlMElTjV6ahZ%252dX5AhEdZE8RCgexvi%252d6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC%252dBg%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=63fbbc2a-72a4-4058-851c-af35c566bd25&_li_chk=true&ccid=63fbbc2a-72a4-4058-851c-af35c566bd25&previous_uuid=ed71f341d7c14fba8c92153a64ac3d60 HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEP7yjFE3uhrCVxc9JrGD%2dmY%26google_cver%3d1%26google_push%3dAa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq%2dlMElTjV6ahZ%2dX5AhEdZE8RCgexvi%2d6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC%2dBg%26anx_uId%3d%24UID&ccid=63fbbc2a-72a4-4058-851c-af35c566bd25 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP7yjFE3uhrCVxc9JrGD-mY&google_cver=1&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP7yjFE3uhrCVxc9JrGD-mY&google_cver=1&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg&anx_uId=6733065173710718434 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg&google_hm=NjNmYmJjMmEtNzJhNC00MDU4LTg1MWMtYWYzNWM1NjZiZDI1
Request Chain 234
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx_yviJigppG5wPvDh5UdxoORYQ4ICUDHiSMyDPAFHjyEh9xAJbsIpEe1fk_MUhEBUtTTsNqUqigKb1MHJkYwyLAWHQ8474VssE%26google_hm%3D%5BUID%5D&google_gid=CAESENfxVlzR1nqZKS_WhsCPNWs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx_yviJigppG5wPvDh5UdxoORYQ4ICUDHiSMyDPAFHjyEh9xAJbsIpEe1fk_MUhEBUtTTsNqUqigKb1MHJkYwyLAWHQ8474VssE&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Request Chain 235
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAYP81nK4zkoqs1yA17jULo&google_cver=1&google_push=Aa02lx8363D4_lRiJfTsqnxXToIjNnd395eDWXikWU1kpykjemdNcNpDVAMOCXyzm8pr0f2EsazHoiD6pxnZyHTEhFkDZDqvj_TaPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5f484d19&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=Aa02lx8363D4_lRiJfTsqnxXToIjNnd395eDWXikWU1kpykjemdNcNpDVAMOCXyzm8pr0f2EsazHoiD6pxnZyHTEhFkDZDqvj_TaPg
Request Chain 236
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFzzhd_WP-H3HvLU9VGOO74&google_cver=1&google_push=Aa02lx_qqeGKXFUxTgnZvuWEbMI4e3OO_PzQG1AssArR8tMOU876RtK38GJt8M-tkxn0XkCM-XAOmPPYVyif2KXhx6oarPBBHfdfxnA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85EM79fu42uM_mOLQP8EYcFlXxJvTTqg&google_push=Aa02lx_qqeGKXFUxTgnZvuWEbMI4e3OO_PzQG1AssArR8tMOU876RtK38GJt8M-tkxn0XkCM-XAOmPPYVyif2KXhx6oarPBBHfdfxnA
Request Chain 237
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEItyr5YczpqvQbuYo7IsksY&google_cver=1&google_push=Aa02lx8gFfeMalqGoejR9NbCvuQo3ubFUv9VCNioKgb_ql5HqPfg-srjXq5AdOy7ivVZtnlsIm7fxla4LMrxUQNjxC7yyIRLVsfOJKU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEItyr5YczpqvQbuYo7IsksY&google_cver=1&google_push=Aa02lx8gFfeMalqGoejR9NbCvuQo3ubFUv9VCNioKgb_ql5HqPfg-srjXq5AdOy7ivVZtnlsIm7fxla4LMrxUQNjxC7yyIRLVsfOJKU
Request Chain 238
  • https://sync.inmobi.com/gob?google_gid=CAESEF0KI1hU0cAMRcnSi17GVmo&google_cver=1&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL&google_nid=inmobi_new_eb
Request Chain 240
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 287
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEET0xe3zIf7NToy37BmBwWE&google_cver=1&google_push=Aa02lx9Gv9KsgBvgES3I1paOz0F3wSHY8Eag0Y9Ip22rRNjZEL8zMagoDvOvpA-gbpijB7NL-F9xttSp6O0Gfve4Mr_tKEMqRN0y HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx9Gv9KsgBvgES3I1paOz0F3wSHY8Eag0Y9Ip22rRNjZEL8zMagoDvOvpA-gbpijB7NL-F9xttSp6O0Gfve4Mr_tKEMqRN0y&google_hm=5BcKv9VMaU2UE9DupGb5-Q
Request Chain 288
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEKMhTlTpfSU_K3D2S6_NTIQ&google_cver=1&google_push=Aa02lx_ppKyRSpZOxf8FgJVc_fZPqElSogKmEJBffaR-O-Y_1eGH0cBPSB9ytdQOTq1iokyT0RHeQgN7L9d_TGVuXPwX0dtT0FA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=Aa02lx_ppKyRSpZOxf8FgJVc_fZPqElSogKmEJBffaR-O-Y_1eGH0cBPSB9ytdQOTq1iokyT0RHeQgN7L9d_TGVuXPwX0dtT0FA&google_hm=MTA1OTgwOTU4MjY5NTc5NDgwMzU
Request Chain 289
  • https://rtb.openx.net/sync/dds?google_gid=CAESEAznM0PCSgQwEaAEPgdkzJU&google_cver=1&google_push=Aa02lx_zZZqM2Rw5WLkSD_cX68qABeV85OQ2Lb0Hgj5YaesM3F-u2jg20MpX9e8Lcp12bBY_Ufg_6X1an6iF2Gvq75PhhQyH1lya HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx_zZZqM2Rw5WLkSD_cX68qABeV85OQ2Lb0Hgj5YaesM3F-u2jg20MpX9e8Lcp12bBY_Ufg_6X1an6iF2Gvq75PhhQyH1lya&google_hm=3CS64jPOxz8Q4RqusEUgaQ==
Request Chain 290
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBfWk-E8Z17SM-t5fL6bai4&google_cver=1&google_push=Aa02lx_ek62MhmqU9z7YvqEK8AzzNphmUq87U5o5jsmV55qvY3bNZzAi7mW2s5FcnVP_NgkwclFRyOBcI5-N8nJ7Cj41AdgTO5U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I-eMr-qNQhaqkomIMGRJeg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_ek62MhmqU9z7YvqEK8AzzNphmUq87U5o5jsmV55qvY3bNZzAi7mW2s5FcnVP_NgkwclFRyOBcI5-N8nJ7Cj41AdgTO5U
Request Chain 291
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENWxHU_Dn7L6SX8WNWb5-_E&google_cver=1&google_push=Aa02lx_TqSE3L55w-MU-I9PV2COQITvg2VSttAtVHjkC-oV1ksCz7NRvdFHXRyy1_fE-rj7vXMwQh3aDhPlzqayrrg_t-h3Xrv8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx_TqSE3L55w-MU-I9PV2COQITvg2VSttAtVHjkC-oV1ksCz7NRvdFHXRyy1_fE-rj7vXMwQh3aDhPlzqayrrg_t-h3Xrv8
Request Chain 292
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_cver=1&google_push=Aa02lx9prPfWaZwaKTc8gq5Z6L_MP4GDJM0X88GKZwpjEOtflN4E1QxyNLtAH0t07U6mvqUrVTI1nGvqL_jMvufnalO0PKpJkRu6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_hm=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB&google_nid=index&google_push=Aa02lx9prPfWaZwaKTc8gq5Z6L_MP4GDJM0X88GKZwpjEOtflN4E1QxyNLtAH0t07U6mvqUrVTI1nGvqL_jMvufnalO0PKpJkRu6
Request Chain 293
  • https://cc.adingo.jp/adx/push/?google_gid=CAESELN0QXvsEtKRobfPff7tTM0&google_cver=1&google_push=Aa02lx9e1BSkHD5HtEd9vNKlmi98Surm7L_k9czKEJzKRcP0g1a7y0yv5m3LCfsnkGJhgVKC4bjFw3_rB6m981-gZGE7rn80ZqlB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9e1BSkHD5HtEd9vNKlmi98Surm7L_k9czKEJzKRcP0g1a7y0yv5m3LCfsnkGJhgVKC4bjFw3_rB6m981-gZGE7rn80ZqlB&google_hm=c0224675c33c469137e06bfad8ed225c
Request Chain 298
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2db6b357-4222-4458-a5b2-9713f4ffeeba HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2db6b357-4222-4458-a5b2-9713f4ffeeba&verify=true
Request Chain 299
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=56b44fb8-570f-4871-a9ec-d6ea5ac77b0b HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56b44fb8-570f-4871-a9ec-d6ea5ac77b0b
Request Chain 300
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6733065173710718434
Request Chain 302
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 303
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y86mKQABeG-JIQAb
Request Chain 305
  • https://match.adsrvr.org/track/cmf/openx?oxid=037230de-9a48-7e11-f695-5619635c1ad3&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=037230de-9a48-7e11-f695-5619635c1ad3&gdpr=0&gdpr_consent=
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHH-feWajy-MVtleo6ZxSZM&google_cver=1
Request Chain 316
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKsnrrEXXnM6fqQJcbNKTWg&google_cver=1&google_push=AavPq0P6fdhSOA4eXFOl4V-GfdCwOobkAGCOq7XCfXcRS6HPYfUPJoumd-A36VWv0IFwQWL4BeIZQHJ3FK-ANXE8GKPHmrmhvaXl HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AavPq0P6fdhSOA4eXFOl4V-GfdCwOobkAGCOq7XCfXcRS6HPYfUPJoumd-A36VWv0IFwQWL4BeIZQHJ3FK-ANXE8GKPHmrmhvaXl&google_hm=5BcKv9VMaU2UE9DupGb5-Q
Request Chain 317
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELC38NxMV2kxKFevVi-T4Pg&google_cver=1&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0H5xiIlY0l46BgWyl_uqdgtKw5h6evSLK1PL9RdsNbVqO9q0Kwo HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELC38NxMV2kxKFevVi-T4Pg&google_cver=1&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0H5xiIlY0l46BgWyl_uqdgtKw5h6evSLK1PL9RdsNbVqO9q0Kwo&prevuid=06030001_63cea629eb2cf&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0H5xiIlY0l46BgWyl_uqdgtKw5h6evSLK1PL9RdsNbVqO9q0Kwo&google_hm=MDYwMzAwMDFfNjNjZWE2MjllYjJjZg%3D%3D
Request Chain 318
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAavPq0Oj4NHaIvxaSnahUK-B3BNOhAGdnxSMeZEz5mxhmo7Ag8Tm9DDdgSQ1LvXgWAn8xXlooDwtxtKy_gwV-mhDJFxESihMmB6c%26google_hm%3D%5BUID%5D&google_gid=CAESEBsjSIw47QqmxEL75w8d4sA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Oj4NHaIvxaSnahUK-B3BNOhAGdnxSMeZEz5mxhmo7Ag8Tm9DDdgSQ1LvXgWAn8xXlooDwtxtKy_gwV-mhDJFxESihMmB6c&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Request Chain 319
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOh7JyYkKB2dS7LrL5zDSxw&google_cver=1&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJSwz3P-aPdyil6xArt1F1PjP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJSwz3P-aPdyil6xArt1F1PjP&google_hm=WTg2bUtzQ281dEFBQUFhSEZpTUFBQUFB
Request Chain 320
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGWz5KmEG6VNT3Qa1rQHBAo&google_cver=1&google_push=AavPq0Pq6WlIWYTIuUHvsiNl82PCZzBZGFEUGfhK-7bgtKNaY30eGQhlQn1PBXOiodhdgZZgXNfid5MrKhP5XWz7YIHan9EoVsXVhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjEzMWEyYTUtMmQzYi00YmMzLTg2YzEtZjlkYWUzOTRiNmE4&google_push=AavPq0Pq6WlIWYTIuUHvsiNl82PCZzBZGFEUGfhK-7bgtKNaY30eGQhlQn1PBXOiodhdgZZgXNfid5MrKhP5XWz7YIHan9EoVsXVhQ
Request Chain 322
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfUCwoa9JM46uqaYJ_fYto&google_cver=1&google_push=AavPq0MAOZEC_FaHwoFyVW5zg20-KZA5cUcUMfguL0abzrNAgjvM0NcvCOmV-NPdaYKCTLZb92PcvGHZGeSV-f6Mka5GXDgnaxEVsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
Request Chain 336
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-1120770146280281808;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs HTTP 302
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Request Chain 388
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=jmREzHxLdUQvbWozSkQ1VCtMcGFmNExHZW4vOWJnTWpGM3hTREZGMTc2bitzTkU5TkxuVTRMNkt1SE1OVlQ4bStXNXU3ajM2ZFJUZXdQcEEzb2NpTzlXRlpYRmRlTVJadDV4WmFmQTAzbDBobnpTWW42cnpRV1ZYU3EzbGgvVFNMM0pqZU0wS1JHaWlMa2loSG5rMHd1RVhNb2FKcHlOcGJoTkpVQUpud083cmVNS28yRzlxLzNXNjBmUys5RFRrMkNIdHNuZkxrdkQ1cmo1RmpwN1RSVVJ1SzQ3dU5IRmpLSldFMHl3OTAzYlBSTWYwdXdhMTFvd1poZ0lyMXo0cUxwd0hBeGMzT1RheVU3YUpSR2FGajM3QW4wM0xBTGlxR21IalR3dm1VRDQ2L1JJUT18&cppv=2
Request Chain 398
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2f23c37f-e745-416e-ab61-c7085374172e HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
Request Chain 399
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D2f23c37f-e745-416e-ab61-c7085374172e&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/2133?gdpr=0&gdpr_consent=&us_privacy=1---&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%3D&uid=Y86mKFrdnGmrRqZjg9GGuAAA%26172 HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/1/2133?gdpr=0&gdpr_consent=&us_privacy=1---&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=adform&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%3D&uid=1163824315312156669 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%253D%26uid%3D%24UID
Request Chain 400
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10598095826957948035&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ec218740-9b51-4fc4-80b0-fd499abe1b88&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10598095826957948035&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213920604405008989220&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598095826957948035&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 401
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LD8YIXD5-R-H02B&gdpr=0&us_privacy=1---
Request Chain 403
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thehackernews.com&sn=ChromeSyncframe&so=0&topUrl=thehackernews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=M_RI3nxnZzRCWmx5NW01bUlYQkNSS1dpRyt2WkNlSEYrNWR1WUlJZzFQTFBWMDV1R2x2YkZqSHk3UVE5ZE5SLzNjQ1I0ZWJsNlNkZHo5ZFZtcWNNcDNMbFZURzVOUDZMa2hFR0tUOVRkVGJpSG45T09sSS8zZmhiaFdXQW9SazFYL0ZwM1F3VGZWdG0yUVhwMUI3RjVGVitzekdxSUs5V2t2dEw4VlRvY1dFUDgzYUxxaVZZWGl0V21Yd3o2bXlUS0FXZ3BXbHRDaU5ya1NnOFl6OW4zU3FiSHlNWmQya2ZhelRXampKQVB3eU00ZzdrM2o4VzVCTXlzcWttOTh5bEdHcFowSE4vNllOcHQ0RnNTRFh4SkVPNTdtZz09fA&cppv=2
Request Chain 405
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=1cfc043b-c832-425f-8000-cd58876e14e2&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y86mKQElmgIw2Q7XHrSOPRzp
Request Chain 406
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3CS64jPOxz8Q4RqusEUgaQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 407
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=f14363ce-a62b-4b00-8384-262673057fcf
Request Chain 408
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1b20469e-74a0-4047-8826-1c3df17e1cb2
Request Chain 409
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
Request Chain 411
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=bf2863ce-a62b-4d00-adc7-ff74e18bd83a&gdpr=1&gdpr_consent=
Request Chain 413
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
Request Chain 415
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85GNvMpmtFBnKaEt34R335PZIZQJWEqw
Request Chain 417
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECiC8xhGGnfIfo8z-7UlX6M&google_cver=1
Request Chain 420
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739
Request Chain 422
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Request Chain 431
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 432
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Drkt%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=rkt&refUrl=&vid=44873393623174889366419408000V10&ovsid=851333241415277361
Request Chain 434
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dapx%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=apx&refUrl=&vid=44873393623174889366419408000V10&ovsid=6733065173710718434
Request Chain 435
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dopx%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=opx&refUrl=&vid=44873393623174889366419408000V10&ovsid=cb5e5941-3148-44f1-95da-2877d1b3880f
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dmma%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=mma&refUrl=&vid=44873393623174889366419408000V10&ovsid=f14363ce-a62b-4b00-8384-262673057fcf
Request Chain 437
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dr1%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005&rndcb=5741704055 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&google_hm=NWY3ZmY2YTEtYzFkOS00NjE3LWE5YjEtZDY2ZTAxY2JmYjYz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFopXyrkIor6MJhZ8hCInHU&google_cver=1&ssp=adconductor&bsw_param=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE3NDg4OTM2NjQxOTQwODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOF0ZAomU418VTX88aut1mU&google_cver=1
Request Chain 439
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Ddxu%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Ddxu%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=dxu&refUrl=&vid=44873393623174889366419408000V10&ovsid=688nsmJw1PjYEj5
Request Chain 440
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e094fbfc-98bf-447b-9823-36915e8ebe8d
Request Chain 441
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10598095826957948035&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ec218740-9b51-4fc4-80b0-fd499abe1b88&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10598095826957948035&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=215000604405008989504&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598095826957948035&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 442
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dzem%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=5Afr29_qdWuWh6KASYx3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJVIFTHEMRZL5YWIV3VK5UDMS2BKNMXQMZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DIOBXGMZTSMZWGIZTCNZUHA4DSMZWGY2DCOJUGA4DAMBQKYYTAJTWONUWIPJTGE3TIOBYHEZTMNRUGE4TIMBYGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJVIFTHEMRZL5YWIV3VK5UDMS2BKNMXQMZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DIOBXGMZTSMZWGIZTCNZUHA4DSMZWGY2DCOJUGA4DAMBQKYYTAJTWONUWIPJTGE3TIOBYHEZTMNRUGE4TIMBYGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=5Afr29_qdWuWh6KASYx3&refUrl=&type=zem&vid=44873393623174889366419408000V10&vsid=3174889366419408000V10
Request Chain 443
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3174889366419408000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=70bc7c92-7e4a-4877-be0e-b545f77053dc&cs=1
Request Chain 444
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
Request Chain 446
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGZUNVN0huVXdBQUI5ZmF1SXY4UQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFeCU7HnUwAAB9fauIv8Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeCU7HnUwAAB9fauIv8Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8681080202229734004&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFeCU7HnUwAAB9fauIv8Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8681080202229734004%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8681080202229734004&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFeCU7HnUwAAB9fauIv8Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFeCU7HnUwAAB9fauIv8Q&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1012%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D23E78CAF-EA8D-4216-AA92-89883064497A HTTP 302
  • https://prebid.a-mo.net/cchain/1/1012?gdpr=&gdpr_consent=&us_privacy=&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=23E78CAF-EA8D-4216-AA92-89883064497A HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 447
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Request Chain 448
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 449
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7
Request Chain 450
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6733065173710718434&gdpr=0&gdpr_consent=
Request Chain 451
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=23E78CAF-EA8D-4216-AA92-89883064497A&addseg=10,33,39
Request Chain 452
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=23E78CAF-EA8D-4216-AA92-89883064497A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=23E78CAF-EA8D-4216-AA92-89883064497A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 454
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:23E78CAF-EA8D-4216-AA92-89883064497A HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=ba17fb30-9b31-11ed-b2a4-02b03d742aa1&companyId=673&id=pubmatic_id:23E78CAF-EA8D-4216-AA92-89883064497A
Request Chain 456
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=23E78CAF-EA8D-4216-AA92-89883064497A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zO1B_5pE2uWiDxMEy1CgoaIh2nvD3u0-~A&gdpr=0
Request Chain 457
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739&nuid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr_consent=&gdpr=0
Request Chain 458
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1b20469e-74a0-4047-8826-1c3df17e1cb2&gdpr=0&gdpr_consent=
Request Chain 460
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dpubmatic%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=pubmatic&user_id=k-T4j7cCiBaMAfDC5YT25ggUsITnMO2ZGtj4Rt9A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIFikI7dJAa09CHKxkxaPCU&google_cver=1
Request Chain 472
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGEwZTVhMTZmODMzZTcxMTBjMDFkYTJkMjg2MjlmN2I5MTcwMmQ5Mg
Request Chain 473
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD8YIXD5-R-H02B
Request Chain 474
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tjKAxn9MwGRV1mDMOG_Arg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MIIftilE2oJ53oiIg2WnJRXOvWHiZaOzsb4ozw--~A
Request Chain 475
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=&expires=30
Request Chain 476
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC
Request Chain 477
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=43j5-a_HTTmmKldJSz95rg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=43j5-a_HTTmmKldJSz95rg
Request Chain 478
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2f962032988a4842baa98
Request Chain 479
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba37cc44-9b31-11ed-9559-2c64530b0a35
Request Chain 480
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0fd454b4-cc14-4f60-8c3c-438bb2bf5352&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23E78CAF-EA8D-4216-AA92-89883064497A
Request Chain 481
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FS9LiMPt1PjYEj5&gdpr=0&gdpr_consent=
Request Chain 482
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=735127523027
Request Chain 483
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 484
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GZRzl4UwQCNEuHuzO6M4yKdYB6I
Request Chain 485
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BAO_P5htM
Request Chain 486
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 487
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005&rndcb=8382039606 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadconductor%26user_id%3D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%252526ssp%25253Dadconductor%252526user_id%25253D%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dadconductor%2526user_id%253D%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=adconductor&user_id= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Request Chain 488
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=7qqgB5qHCJ-x2aqaLKbOYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Request Chain 491
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e9742f81-43dd-4213-8350-fc1f2346c4fd
Request Chain 493
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1&gdpr=0&gdpr_consent=
Request Chain 494
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7277737392085258416&uid=Q7277737392085258416&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7277737392085258416
Request Chain 497
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=23E78CAF-EA8D-4216-AA92-89883064497A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%2C%2C
Request Chain 498
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=23E78CAF-EA8D-4216-AA92-89883064497A HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=ed71f341-d7c1-4fba-8c92-153a64ac3d60&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=e1fe7722b1e75b1e96d88d014e9a3063 HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 500
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
Request Chain 501
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_FCF2C310_6B820E01&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 502
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1163824315312156669
Request Chain 503
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6733065173710718434
Request Chain 504
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c2d2e1aa-92b2-4f61-93df-caf63b5593f2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Request Chain 508
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LD8YIXD5-R-H02B HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LD8YIXD5-R-H02B
Request Chain 515
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 518
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6733065173710718434
Request Chain 519
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
Request Chain 520
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
Request Chain 521
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.26%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5760239520 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.26/d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553?zcc=0&sspret=1&rndcb=5760239520 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Request Chain 522
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=851333241415277361
Request Chain 523
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
Request Chain 524
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3446%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 525
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
Request Chain 526
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAgYaOAE=%26buyeruid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F5035%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpWW1aak9USXdOaTA1TldSbUxUTXpNMkl0T1RRMFpDMWxaRGcxWVdNM01qSTVORFVRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMWlZbVpqT1RJd05pMDVOV1JtTFRNek0ySXRPVFEwWkMxbFpEZzFZV00zTWpJNU5EVXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/4/5035?gdpr=&gdpr_consent=&us_privacy=&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpWW1aak9USXdOaTA1TldSbUxUTXpNMkl0T1RRMFpDMWxaRGcxWVdNM01qSTVORFVRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMWlZbVpqT1RJd05pMDVOV1JtTFRNek0ySXRPVFEwWkMxbFpEZzFZV00zTWpJNU5EVXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=6733065173710718434 HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAgYaOAE=&buyeruid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAgYaOAI=
Request Chain 527
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
Request Chain 530
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd84_MdzQwYtWaGH5Yk3vBLmozXxieOv-w
Request Chain 531
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Request Chain 532
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LD8YIXD5-R-H02B&gdpr=0
Request Chain 533
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6733065173710718434
Request Chain 535
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=8681080202229734004
Request Chain 536
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Request Chain 537
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
Request Chain 538
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
Request Chain 539
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Request Chain 540
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Donetag%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=onetag&user_id=P83sXq5qLii8eMjsU7jo0 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=&us_privacy=
Request Chain 542
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&expiration=1677079340&gdpr=0&gdpr_consent=
Request Chain 543
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y86mKFrdnGmrRqZjg9GGuAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDHmzgagCuTPHTYcl-eE7x4&google_cver=1
Request Chain 545
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_cver=1
Request Chain 546
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iG4IHN9rWU6Tal1OhmRGQI5uXUqTZVhJjW7srEgq
Request Chain 548
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6ffdf29f-22dc-f0e3-d943f179
Request Chain 549
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3567392977657129836
Request Chain 554
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6733065173710718434
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
Request Chain 556
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-19947397-8530-4023-44b8-7bb33ba338c8$ip$167.88.7.162
Request Chain 557
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=5Afr29_qdWuWh6KASYx3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NKBMZZDEOK7OFSFO5KXNA3EWQKTLF4DGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NKBMZZDEOK7OFSFO5KXNA3EWQKTLF4DGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=5Afr29_qdWuWh6KASYx3&us_privacy=1---
Request Chain 558
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1506%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=6695119181 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1506/6733065173710718434?zcc=0&sspret=1&rndcb=6695119181 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Request Chain 559
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ocnaw3qIK5Iq&ev=1&pid=558355
Request Chain 560
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KSeY0RdU_RZOWWg11gsm11y4Yjtn4SMS1zlq9uHSyV4J6H3YCfrbnNthyOTbv30A%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28KSeY0RdU_RZOWWg11gsm11y4Yjtn4SMS1zlq9uHSyV4J6H3YCfrbnNthyOTbv30A%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&obuid=ENC(KSeY0RdU_RZOWWg11gsm11y4Yjtn4SMS1zlq9uHSyV4J6H3YCfrbnNthyOTbv30A) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 561
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f44f94ae-b25d-4647-91ee-46f4ab0c1b95
Request Chain 562
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8ykkOzNE2pfPp3yFiN2X67OBxDiGIcwtz5Ge~A
Request Chain 563
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1b20469e-74a0-4047-8826-1c3df17e1cb2
Request Chain 564
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=F88BA36B265E4FFEAEB75BDBA6F0F08F
Request Chain 565
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_2f962032988a4842baa98
Request Chain 566
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=3242660a-fc38-4046-afb7-078464cc380d
Request Chain 567
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8681080202229734004
Request Chain 569
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
Request Chain 570
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
Request Chain 571
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=ocnaw3qIK5Iq&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 572
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=d4c92408-fa4a-5317-9d84-b30afe4a1520
Request Chain 573
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=70bc7c92-7e4a-4877-be0e-b545f77053dc
Request Chain 574
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gc26512b2917400273e2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 575
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=8681080202229734004&gdpr=0&gdpr_consent=
Request Chain 576
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.46%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2055851728 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.46/6733065173710718434?zcc=0&sspret=1&rndcb=2055851728 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Request Chain 577
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=GCPaUBZHlJi9exKKRLGQ2_G6
Request Chain 578
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=3242660a-fc38-4046-afb7-078464cc380d
Request Chain 579
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=2131a2a5-2d3b-4bc3-86c1-f9dae394b6a8&gdpr=0
Request Chain 580
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F1012%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D2f23c37f-e745-416e-ab61-c7085374172e%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1012%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D23E78CAF-EA8D-4216-AA92-89883064497A HTTP 302
  • https://prebid.a-mo.net/cchain/1/1012?gdpr=&gdpr_consent=&us_privacy=&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=23E78CAF-EA8D-4216-AA92-89883064497A HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 582
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Request Chain 583
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=23E78CAF-EA8D-4216-AA92-89883064497A
Request Chain 584
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212085163492328
Request Chain 585
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=9a2bd2da-e5da-4145-8e0d-4fee235f9036
Request Chain 586
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
Request Chain 587
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAhoYOAE= HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=7d6e3bd3-1c69-46a6-a032-f2b0d07f4cf5&r=Cid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAhoYOAE= HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAhoYOAI=&gdpr=&gdpr_consent=
Request Chain 588
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=6733065173710718434
Request Chain 589
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Request Chain 590
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1233109657613021960210
Request Chain 594
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=cbbD8ikVXEiRLWDoWJf8eRjVw
Request Chain 595
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1163824315312156669&gdpr=0&gdpr_consent=
Request Chain 596
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeCU7HnUwAAB9fauIv8Q&gdpr=0
Request Chain 597
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6733065173710718434&gdpr=0&gdpr_consent=
Request Chain 598
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
Request Chain 600
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
Request Chain 601
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Request Chain 602
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y86mKQABeG-JIQAb&gdpr=0&gdpr_consent=
Request Chain 604
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=6733065173710718434brt56831674487336491320b5
Request Chain 605
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y86mKsCo5tAAAAaHFiMAAAAA
Request Chain 606
  • https://cs.admanmedia.com/sync/gumgum?puid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Request Chain 607
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Request Chain 608
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=8oolc2dejhzYX9zHqr4C&pi=gumgum
Request Chain 609
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 612
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 614
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LD8YIXD5-R-H02B HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LD8YIXD5-R-H02B
Request Chain 615
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85HnZOISco2McGCNz8RW8vKIEJwPRaEg
Request Chain 617
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=1&gdpr_consent=
Request Chain 619
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
Request Chain 623
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
Request Chain 625
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Request Chain 634
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LD8YIXD5-R-H02B HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LD8YIXD5-R-H02B
Request Chain 637
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LD8YIXD5-R-H02B HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LD8YIXD5-R-H02B

745 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request massive-ad-fraud-scheme-targeted-over.html
thehackernews.com/2023/01/
192 KB
99 KB
Document
General
Full URL
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP
Resource Hash
abdaf94b1404de4cf0cc866e988716a201a00b85e23786b5e080944b37beb629
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
65
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, s-maxage=604800, max-age=0
cf-cache-status
HIT
cf-ray
78e1860daa2b2913-ORD
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 15:22:14 GMT
expires
Mon, 23 Jan 2023 15:21:09 GMT
last-modified
Mon, 23 Jan 2023 12:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g83Z%2B4dh9urnJU5qrf%2Bei7Hn%2FwpDXgUZWwiSgahHsOFOfXduxKDbAhNzrqJooJn3Q0Hk%2FOA%2F1VK1jTtlePAET1eJpwglF%2BHT3gYCkkCoZmqqMO8T6jisfr883v0nWHJkXIY%2By2JmluJFvUeqzyd0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-forwarded-for
2602:ffc8:1:1::3
x-frame-options
DENY
x-powered-by
WordPress VIP
x-xss-protection
1; mode=block
adpushup.js
cdn.adpushup.com/37020/
472 KB
107 KB
Script
General
Full URL
https://cdn.adpushup.com/37020/adpushup.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5cd0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a2758971acc37a9a7924626bd2c7861ffdb97b4f510c64442208bef5c5838869

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-akamai-country
US
date
Mon, 23 Jan 2023 15:22:14 GMT
content-encoding
br
last-modified
Sat, 21 Jan 2023 17:16:38 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
US
content-length
108963
expires
Mon, 23 Jan 2023 16:22:14 GMT
truncated
/
7 KB
7 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Referer
Origin
https://thehackernews.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2de33ca2d2cfb7f437aa190ecdd4b3991ff2879604c0e24aaf02849ae1f360b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
ATT-728.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja1E2gBFw50Zjfv62gH4ykraetSoAfM1iiWzGSH2CT1FJRPnE-dU_NlUjETBTfVUSN_6jApFFuyXM2RrPu_4GFV0FCfin6J8o6NongCf89cLvO-MRDD3qgmTsznoOLU_y7msruL59TY5367F8m...
38 KB
38 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja1E2gBFw50Zjfv62gH4ykraetSoAfM1iiWzGSH2CT1FJRPnE-dU_NlUjETBTfVUSN_6jApFFuyXM2RrPu_4GFV0FCfin6J8o6NongCf89cLvO-MRDD3qgmTsznoOLU_y7msruL59TY5367F8msCO4KyUqZioTWh-EUtmRlh9CHaYOAjSMISkg6YK26Q/s728-rj-e365/ATT-728.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
313f97e05a986b4cc42231b229bf3f69aa35f1ba6dd24d723cb525b391691506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
x-content-type-options
nosniff
server
fife
etag
"ve5ec"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, no-transform
content-disposition
inline;filename="ATT-728.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38784
x-xss-protection
0
expires
Tue, 23 Jan 2024 15:22:14 GMT
B29108100.354800350;dc_pre=COSh9rX_3fwCFUdlcgodYy0LVA;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;ord=1674487334049;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/B29108100.354800350;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;ord=1674487334049;dc_lat=;dc_rdid=;t...
  • https://ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/B29108100.354800350;dc_pre=COSh9rX_3fwCFUdlcgodYy0LVA;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;or...
42 B
220 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/B29108100.354800350;dc_pre=COSh9rX_3fwCFUdlcgodYy0LVA;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;ord=1674487334049;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Server
142.250.65.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N424004.3381407THEHACKERNEWS/B29108100.354800350;dc_pre=COSh9rX_3fwCFUdlcgodYy0LVA;dc_trk_aid=546578571;dc_trk_cid=184256579;u=__AP1_np_dv_ftdvpvkcdtuPA__;ord=1674487334049;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.jpg
tps.doubleverify.com/
0
162 B
Image
General
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=607671&cmp=29108100&sid=5936378&plc=354800911&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:14 GMT
Cache-Control
max-age=0
Connection
keep-alive
Expires
01/22/2023 15:22:14
truncated
/
442 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
288 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbf4fa73ce4f2bd113dde31b7f7eff7bfd3a1271f30ababad320f07033408f06

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
296 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6c51dafc8bdf4ef6841da2faf4d5d7555393739fd7577d931b0268fe3060a9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
rocket-loader.min.js
thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 13 Jan 2023 23:34:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"63c1ea70-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGlWkttIa%2FmP1vMr21lI%2BZli83n5iZFFAxTh07DL%2Bkf1Hzr0a5fWQC4fbpJVqHLzlqEnsVgqS%2BBOy9QaU8h7q9RGv8rms7oE2V%2Fkg%2BOr4A3r0jdT5pyo%2B4ELTsCAzaPi2XKFn1fyAa4JGrbrwf2p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
78e1860ecbc12913-ORD
expires
Wed, 25 Jan 2023 15:22:14 GMT
truncated
/
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11195
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94OJcFC566sjH7La8OQEy9hfruzbU8uzuTE3y8rF86z5q3SD520JYlDuJBp7q0gRevFcgj33ItRkgIHhmLheH55L8xzsLLjwJVL%2BmI%2BkJqkCjN%2FsBlBxO7RctewN4QonnwTRc%2FcjYWi33j%2F5KO%2Fl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1860eebde2913-ORD
expires
Thu, 20 Jan 2033 12:15:39 GMT
fraud.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi3vBSHguCOrts-f7Ir4rX7gWOHaLYkNxeeB9hpgjgaSV2YVcXJwblAOrzCXtu8Y_L1L_zSw9_LLbqyxhHIm9WdAF7Jae6ILMB-LiiqzNYWSB7pQwrXQ4NHMd6C3OuJgoQfjtSxkKcaCTslN_5Eh...
59 KB
59 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi3vBSHguCOrts-f7Ir4rX7gWOHaLYkNxeeB9hpgjgaSV2YVcXJwblAOrzCXtu8Y_L1L_zSw9_LLbqyxhHIm9WdAF7Jae6ILMB-LiiqzNYWSB7pQwrXQ4NHMd6C3OuJgoQfjtSxkKcaCTslN_5EhZppdm649XKZDlkddn7GPJkGEmxA8E07XQ2Yv_j8/s728-rj-e3650/fraud.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841c247221ca9d6cb6bfe54dc42d452edc616872c4ea1ff14488a2d6db0002d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10771
cf-polished
origFmt=jpeg, origSize=69572
content-disposition
inline; filename="fraud.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60262
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e4"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeIQryOs8YLuL%2FStZwSoiw1Bo2g8MorHXMa48P%2BQFhoQJTlnz6K6vTFj2i7JXi7jimVAui%2FGim0ZSoOlbJCqKQW%2F8fBtCCcAR5YG%2BrBC39y8O6EkjH4AG4JbHe6640IIfscgR03W6cF3Yqd0QSh8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1860eebe12913-ORD
expires
Thu, 20 Jan 2033 12:22:43 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11100
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYCTDJLF9RLZbeiUaafZVnEwQqy%2BPJMl8GDndsFDJd3AB4Q0phkGUpzu9gzz7IXSK4H8W8JgHNjr0I8MEZ7H1CnEHNFf7%2F9AOAYQJihcbrzH4w7w%2BDqRNQM7ATgWbLsV4Mj1ns%2FumtMGiIM%2FWg1T"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1860eebe32913-ORD
expires
Tue, 24 Jan 2023 12:17:14 GMT
s.js
thehackernews.com/cdn-cgi/zaraz/
6 KB
3 KB
Script
General
Full URL
https://thehackernews.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTWFzc2l2ZSUyMEFkJTIwRnJhdWQlMjBTY2hlbWUlMjBUYXJnZXRlZCUyME92ZXIlMjAxMSUyME1pbGxpb24lMjBEZXZpY2VzJTIwd2l0aCUyMDElMkM3MDAlMjBTcG9vZmVkJTIwQXBwcyUyMiUyQyUyMnglMjIlM0EwLjU4ODIxNjg3NzM1MjM0ODIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnRoZWhhY2tlcm5ld3MuY29tJTJGMjAyMyUyRjAxJTJGbWFzc2l2ZS1hZC1mcmF1ZC1zY2hlbWUtdGFyZ2V0ZWQtb3Zlci5odG1sJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ed9f404d83e3318e75e3d27ce24885d27873b87914981c9fc10c87c974c600
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://thehackernews.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcMp3%2BpHsFmJEYvL%2FBN6F8BhEcQvnPrz1mTphTSJt1k%2Fkz2%2FATmXTzFJbqxCuobr1YTBldjGkqCtLfE9oixbSokWxwnrpajL5HAHkubDvepesCzPOC8iisLYn6md0Covg88lZjQqR4XoOzwu93zS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-credentials
true
cf-ray
78e1860f1df7c514-ORD
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:14 GMT
content-encoding
gzip
x-sp-metadata
HS256.CLboup4GEosBCiRlNzkzYTgwMy1lZDMyLTRiMjUtODAxNS05Yjc5Y2NiNDg1YzIQ+OiCoKvU+wIaBgimzLqeBiIQMjYwMjpmZmM4OjE6MTo6Myj2lgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDU2MGMwNTEwLWY1NzQtNDBmNy1hYjY0LTA1MWU2NzAxNThhORib8QEiGAgCEhRjZHMxODguY2g0Lmh3Y2RuLm5ldA==.fiOLzPDXhKjL84KrB3/fjtyZmxa1l4LMvDHh1ae6zN0=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1674487334.dop060.ch4.t,1674487334.cds221.ch4.hn,1674487334.cds188.ch4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
234 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:e9b7:f48b:1f4b:38e5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.37020.1664558804419.js
cdn.adpushup.com/prebid/
355 KB
95 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5cd0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d5ef141c8649172cc921e50e9b28d5deb2cabfeda102a9c40ef5cf39daf2aaa1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-akamai-country
US
date
Mon, 23 Jan 2023 15:22:14 GMT
content-encoding
br
last-modified
Fri, 30 Sep 2022 17:26:56 GMT
server
nginx/1.18.0
etag
W/"633726e0-58d15"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
96224
expires
Tue, 23 Jan 2024 15:22:14 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
618 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5cd0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-akamai-country
US
date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
317
expires
Tue, 23 Jan 2024 15:22:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a893c28a33579110bb075cf2fdba9a887a76f047821bcd85f37c86fc87964b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27753
x-xss-protection
0
server
sffe
etag
"1460 / 405 of 1000 / last-modified: 1674475787"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 15:22:15 GMT
apstag.js
c.amazon-adsystem.com/aax2/
179 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-22.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c15904403ee1666afdcb0f4df49e8b219fb1e149dc05abcd415a37832551de54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 14:28:05 GMT
content-encoding
gzip
via
1.1 adb1632aa800f446f3f4e7b45c9dfd3e.cloudfront.net (CloudFront), 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 20:39:28 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
3251
x-amz-server-side-encryption
AES256
etag
W/"82ba66ad1a339d2375e1fbac8da251b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
wZN0oE8CUJfMc1Yw6fMvZRUUASWHdVEc7nSVjt0iBn6jQ9wdg9pmNQ==
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
544 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
137.116.89.182 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
321 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzQ0ODczMzQ5NjIsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMWZmMjUtYmVkYS00OTQ3LWJhYTgtOTE3ZWVkYWE3ZTNjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIzLzAxL21hc3NpdmUtYWQtZnJhdWQtc2NoZW1lLXRhcmdldGVkLW92ZXIuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJQT1NUIn0%3D&c_b=1168.3999996185303
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
137.116.89.182 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
321 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzQ0ODczMzQ5NjMsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMWZmMjUtYmVkYS00OTQ3LWJhYTgtOTE3ZWVkYWE3ZTNjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIzLzAxL21hc3NpdmUtYWQtZnJhdWQtc2NoZW1lLXRhcmdldGVkLW92ZXIuaHRtbCIsIm1vZGUiOjIsImVycm9yQ29kZSI6NywicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJQT1NUIn0%3D&c_b=1168.8999996185303
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
137.116.89.182 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/
25 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
etag
"OVi4z6W4qM+KoQEZlRgh5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 30 Jan 2023 15:22:15 GMT
config
c.amazon-adsystem.com/cdn/prod/
699 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthehackernews.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-22.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
6d54aecd2bd9fef0d74763ef48135aded46f2a190546075cf9466b9e5296c8a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:38:26 GMT
via
1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
9829
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
699
x-amz-cf-id
784Ga42W_9JunxDzdCoW0exmknxwam3AQtOU8Te-8YqKXsix6iLAlA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-22.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
date
Mon, 23 Jan 2023 14:10:15 GMT
x-amz-cf-pop
JFK50-P3
age
4321
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gP3WYiQopZDTMr2XstmLH-VccHxkfYpsj8mWrbufiIbojT9vXeYoiQ==
pubads_impl_2023011201.js
securepubads.g.doubleclick.net/gpt/
383 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeaba9fbcc1297735946d95f4d571102722a6064abb2e95ed5fd45261812033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 13:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132462
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 09:35:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 13:27:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
175 B
127 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3ccc531deff659f0317e224db114ea2352e9cfd36c3472bdf5e4186ee57c8c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
expires
Mon, 23 Jan 2023 15:22:15 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
32 KB
10 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 14:56:26 GMT
content-encoding
gzip
via
1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 20:07:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
1550
x-amz-server-side-encryption
AES256
etag
W/"322a4a4dadec5839e9040f77edf9282d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
tPyjIKVxanBzvq40kZ2IIJ4cCl9gc-yGl0iZuuT1AWDOb5PaOmnFeQ==
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
616 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:f800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 14:50:28 GMT
via
1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1908
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
j1a9SxaGsc8UUCshFfL-jCwQ6XlVW4rwm4qpf1qW9zcpSfhXt3sEWQ==
map
bcp.crwdcntrl.net/6/
156 B
614 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.250.6 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-250-6.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
31b210dea1a0be1a38c2d55d5048323f0d0857f1980b4974fe73efe202ed2b1d

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache
x-server
10.40.35.44
access-control-allow-credentials
true
content-length
156
expires
0
pixel;r=1039133200;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1039133200;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-82214107-1674487335286;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;ref=;d=thehackernews.com;dst=0;et=1674487335445;tzo=0;ogl=site_name.The%20Hacker%20News%2Clocale.en_US%2Ctype.article%2Ctitle.Massive%20Ad%20Fraud%20Scheme%20Targeted%20Over%2011%20Million%20Devices%20with%201%252C700%20Spoofed%20Apps%2Cimage.https%3A%2F%2Fthehackernews%252Ecom%2Fnew-images%2Fimg%2Fb%2FR29vZ2xl%2FAVvXsEg-aXXZ4ZhMnxWjWAK1ON1h%2Cdescription.Researchers%20have%20successfully%20shut%20down%20a%20large-scale%20ad%20fraud%20scheme%20known%20as%20V%2Curl.https%3A%2F%2Fthehackernews%252Ecom%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over%252Ehtml;ses=5cb81de5-7dad-43d9-84cd-58e0d336c885
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/
88 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
269477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27990
last-modified
Fri, 26 Aug 2022 18:34:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63091225-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f61EW65CtVG77RR%2BzE02NFl0UtMw1u%2F27n71NdAfNZmuiWz4wPLssIcKBE8YUn2PLzQfMDiY8U3ZS3sGJNU0wwP1%2BvD6eGLdScXEG1ADgtp9%2BXau9aqWzzO4MdLwzrwkyRZUIVSBHnMFY%2FN%2F1Qfi2z4R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78e186177d2361e0-ORD
expires
Sat, 13 Jan 2024 15:22:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7983783048239650
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d741808632113967a3db63c724f0f8fca09d0688b31573c0921fc76dbc611e71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49847
x-xss-protection
0
server
cafe
etag
15210968791072388241
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 15:22:15 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
321 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzQ0ODczMzU1MTcsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMWZmMjUtYmVkYS00OTQ3LWJhYTgtOTE3ZWVkYWE3ZTNjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIzLzAxL21hc3NpdmUtYWQtZnJhdWQtc2NoZW1lLXRhcmdldGVkLW92ZXIuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=1723.6000003814697
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
137.116.89.182 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
321 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzQ0ODczMzU1MTcsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMWZmMjUtYmVkYS00OTQ3LWJhYTgtOTE3ZWVkYWE3ZTNjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIzLzAxL21hc3NpdmUtYWQtZnJhdWQtc2NoZW1lLXRhcmdldGVkLW92ZXIuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI0Yzc2YmIwNS1iOTU5LTRmOGEtOWU5MC1mOGMxMjhkMWRkZDYiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfNGM3NmIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV80Yzc2YmIwNS1iOTU5LTRmOGEtOWU5MC1mOGMxMjhkMWRkZDYiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=1723.8999996185303
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
137.116.89.182 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
321 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzQ0ODczMzU1MzAsInBhY2tldElkIjoiMDAwMDkwOUMtYjhjMWZmMjUtYmVkYS00OTQ3LWJhYTgtOTE3ZWVkYWE3ZTNjIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIzLzAxL21hc3NpdmUtYWQtZnJhdWQtc2NoZW1lLXRhcmdldGVkLW92ZXIuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJlODU4OWZlNS1kZDU0LTQ1ZTgtYjEzNy1hYzdmYjEwYTYxMzAiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfZTg1ODkiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV9lODU4OWZlNS1kZDU0LTQ1ZTgtYjEzNy1hYzdmYjEwYTYxMzAiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=1735.5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
137.116.89.182 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11128
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6K1SffnodC3h4w7mSFH1lxI4xONIYF93Nhrsco3gDgeumFLQgxN%2F97YGjcB78duXIrlyiCUkk9%2FuAEHEpQbMLsOqmwictFMgO9eBd9CmaBwcHd9ehg0wg2RnRWAdSsNgSn858eIoJsjAdh0MaZI1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186173e1bc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11065
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJjw0LEz13DOAvcmxaBnd0yYbFK2KT2kTXoqX9ptTafEYWrdcrK6PNXxvgUoiMJg7BWiWxPzJLmk%2B4%2FjqNBEw6Ve1Q9LIf5jFynQaw6JNsKueZAWELeJAc8F6H2Mc8DgJMggCW5P5pny9bduernL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186173e1ec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
202 B
644 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&pid=RvIvGKKSt2iMn&cb=0&ws=1600x1200&v=23.112.1442&t=3000&slots=%5B%7B%22sd%22%3A%22ADP_37020_responsivexresponsive_00000001-713c5d5f-99e7-40b1-ab33-9d7021d59ef1%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889224%22%7D%2C%7B%22sd%22%3A%22ADP_37020_responsivexresponsive_00000001-2006c7fe-2a15-4318-b2e6-66d0850d3895%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889209%22%7D%5D&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
68f2fd508ac5838a5f1cac32ff96420dcc62bf6e2448beef79b0bf9c9e8ffc4d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
P7M3BNS7KN4ZYBRY1H19
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
202
x-amz-cf-id
MHXq976NsOgL80qBfllGPazuCnHmcXeiTvHEMbC5ghduRnAuaI6tYQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230123
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
393c2f8f6b5e30d8754d66e09c1222241a5470fc60f201b1c4e926690b306c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Jan 2023 15:22:15 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
40885
x-jsd-version
1.0.1595
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
841
x-served-by
cache-fra-eddf8230021-FRA, cache-chi-klot8100146-CHI
x-jsd-version-type
version
etag
W/"63a-ZyzQRqMAGb3cyB/02hb+c8Yc7is"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
01193b75b4546de5817de2ae5c104c0cfc83874668d3203ecde75dd449eb199b

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 23 Jan 2023 15:22:15 GMT
cdb
bidder.criteo.com/
0
219 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=59112077507
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
410 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.128.108 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-128-108.compute-1.amazonaws.com
Software
/
Resource Hash
c57eab762f19c8bdcad2151bfa117bd6e144db5f0dd4026131db64314960b3d9

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
x-prebid
pbs-java/1.108.0
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
410 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.128.108 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-128-108.compute-1.amazonaws.com
Software
/
Resource Hash
f2586e53a14f8f55029c35f251d690e0e5e5bac6beeda32d493dfb4e424c86b9

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
x-prebid
pbs-java/1.108.0
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
350 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=332834&zone_id=1745264&size_id=15&alt_size_ids=13%2C14%2C19%2C44&rp_schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&eid_quantcast.com=P0-82214107-1674487335286%5E1&eid_pubcid.org=d0de0f87-33cf-41e6-ac43-9ef1077b292e%5E1&rf=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=6c8771a3-075f-40f2-811e-e68402ec3600%3B8dfd5bed-ca62-4852-995a-a4bd6e612df3&l_pb_bid_id=8e710f003d3466%3B968e705eef32f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.011020361098269538
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
576c774cca9411a6a129ae9f19ab8fffc1a0583b9e2603b832ce652b5cad869f

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehackernews.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpushup-d.openx.net/w/1.0/
174 B
591 B
XHR
General
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3c50d152-b4ab-4e90-a129-661ed17a1911%2C208f041c-7eaa-4a46-bb74-a0a8172dee7c&nocache=1674487335624&quantcastid=P0-82214107-1674487335286&pubcid=d0de0f87-33cf-41e6-ac43-9ef1077b292e&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&aus=300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200&divids=ADP_37020_responsivexresponsive_00000001-713c5d5f-99e7-40b1-ab33-9d7021d59ef1%2CADP_37020_responsivexresponsive_00000001-2006c7fe-2a15-4318-b2e6-66d0850d3895&aucs=%2C&auid=541218336%2C541218336
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5c6def1fa51cab473af29cab6fee7b5ff9f97c50104b46c77d5aa3f0a45a616a

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thehackernews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/
16 B
506 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.73 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 23 Jan 2023 15:22:15 GMT
adreq
ads.servenobid.com/
844 B
773 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=10887
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
b737f20bfdd06fbb629ce7024ac34732e62d05b141ab734e0ada978ca4d4d95b

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehackernews.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
dmx.districtm.io/b/
0
0

v1
btlr.sharethrough.com/universal/
0
235 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Mon, 23 Jan 2023 15:22:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
235 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Mon, 23 Jan 2023 15:22:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/
50 B
856 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:15 GMT
AN-X-Request-Uuid
c3a7addf-1902-49b3-8780-d4b1c98a2899
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
584 B
865 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
db7b82eea8b15bab512f5cafed459adffdcbd2870e0bf80f4705bc897531e68c

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
216
content-length
301
prebid
ib.adnxs.com/ut/v3/
19 B
825 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:15 GMT
AN-X-Request-Uuid
9e498912-078f-49a2-808b-d94ea5f38cc2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/
0
226 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.19.0&p=%5B%7B%22placement_id%22%3A%22ADP_37020_responsivexresponsive_00000001-713c5d5f-99e7-40b1-ab33-9d7021d59ef1%22%2C%22callback_id%22%3A%2245da660d94192d9%22%2C%22sizes%22%3A%5B%5B300%2C50%5D%2C%5B300%2C100%5D%2C%5B300%2C75%5D%2C%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B200%2C200%5D%5D%2C%22ym_placement_id%22%3A%222743550009650651584%22%7D%2C%7B%22placement_id%22%3A%22ADP_37020_responsivexresponsive_00000001-2006c7fe-2a15-4318-b2e6-66d0850d3895%22%2C%22callback_id%22%3A%22463a7fa8cfc6f14%22%2C%22sizes%22%3A%5B%5B300%2C50%5D%2C%5B300%2C100%5D%2C%5B300%2C75%5D%2C%5B300%2C250%5D%2C%5B250%2C250%5D%2C%5B200%2C200%5D%5D%2C%22ym_placement_id%22%3A%222743550009650651584%22%7D%5D&page_url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&bust=1674487335637&dnt=false&description=Researchers%20have%20successfully%20shut%20down%20a%20large-scale%20ad%20fraud%20scheme%20known%20as%20VASTFLUX%2C%20which%20impacted%20a%20total%20of%2011%20million%20devices.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Massive%20Ad%20Fraud%20Scheme%20Targeted%20Over%2011%20Million%20Devices%20with%201%2C700%20Spoofed%20Apps&w=1600&h=1200&pubcid=d0de0f87-33cf-41e6-ac43-9ef1077b292e&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22aeb138a66c47c1d438a8907993e81712%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-82214107-1674487335286%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d0de0f87-33cf-41e6-ac43-9ef1077b292e%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.172.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-172-42.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
300 B
598 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:22::820 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
37cce515bd5df4b16be6501104866128f762a73bd610dfdfe2e56b47527add13

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:15 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
prebid-request
onetag-sys.com/
15 B
505 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thehackernews.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/
24 B
528 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.19.0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.44 Brunswick, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
bafdffaeb107f68f4555e076f29926f4c791869abe13237c9b6254b978548cde

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 23 Jan 2023 15:22:15 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehackernews.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/
0
117 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Mon, 23 Jan 2023 15:22:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11128
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2TrFZCCnpJd2Dgw2Ax2ec8Px0YZFvUP1dj61uhRT5DjiimiYiYHKB2WNL0t2CWWHWfVEIQfD6HjEjm5fNDdD2H4FHxqqyaVcuoJOlF7rPAYrxgdmuHGCaYo2mNVaOmclZkBi%2BOr7TgzrH%2F%2B3PA2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18617eee1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11065
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L09iDnE9%2F8%2FT3WBrnQvZ7pvJzmlDvFj3TV7918kTzt02X852e8sDYUeQ3ox5ltYUb4ZtulR3URKnETTdS7bCV9eTrSXhReBlvMelxotBK%2BAs8csQAVRgE241UEDtvhn%2FAEyglkCtGiEn%2FhL5yN1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18617eee2c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11128
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFoR5P2VpAXtVFucXKU0kZri6Y4RJgntZsWcLlHWd%2FSmKxxB6LcileFU5f7QcOPeoJ6aJJWDHottpDh1SeaVX4J7RVQhQzU1QpSt1nmcPXjI9SZ2CwV98CknbjmNfDyKTgBWLzmDzgUY%2FnaDob5d"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186187f5ac514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11065
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ML%2ByL5A2djOHg1egNCEdhRBM%2FxA04bQCktSAWt9ygN0YANM4V9Rom3fkqxdzATDLWmeP9AWIHDBBj1v%2F7h%2BXjrBv%2FmDKkCpYjWWDOe3rbQYmk%2B0FZcWmp66ozcqhmvsiL01%2FCRAOHaKO7fVuFj7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186187f5bc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/
360 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7983783048239650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ef1e5091415bb8d67f2729f4e30741e9c28775a8b61a840f99467a9d1e3e1cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121032
x-xss-protection
0
server
cafe
etag
1318548903634260647
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 15:22:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/ Frame C122
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7983783048239650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:38:01 GMT
etag
10353107486223812946
expires
Mon, 06 Feb 2023 11:38:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11128
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZb0iahVaIT3noeJsygOi%2Fkb0uDL8x9AzroWA4AO2osBO9PG5z7RogV%2FJM35mnjNZMnWPe3J60PIVzyzWOOSNl1vgGMlJC%2Bs1pyfNaCdEDfjCyKca4HoQsv4KgvTv9UVk4VC3FZyQ40kX%2FzTfQ33"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18618ffedc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11065
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwlu8hMMD6EWlIJdN%2Bd0uTLY44o5ru%2FzbxgEgV6b%2B1o9uV68gYjrCZFiGBDS6czVwgvJqJD4XEIfH6Sdk3QdAMNkHkeHY%2FPX8OpbmfD2d6Kuek8os7gTGpcHI6Yyu59PQAKl5O%2FkLFhNSUb2KA2T"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18618ffeec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11128
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oyWWZDOFReP%2BlAwG9PfkKPGaPgwUdQ3tym2leHn6wClDFu%2BVGg4FW5p22WII77NA63SBxR7eXjClNweyQbahhUL6lPEwxaRZiHEDhbkqHofLZ6wWcZBY63EexPWcrPjJB%2FQNl4jIQrL8%2BTJ%2F9zt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186194840c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11065
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9ykwpQfer11IM3ISYK6FDbd1NmsUeSmzA4cJ1Fecq9Y%2Fgncfbtb0GkR3VwZHWh8JOy0UflCFdvPUrLK7cu70wPydJlQeVvBi7wUabDRQhNFu%2B7%2BWAD1PBm%2F6PyqWSi1gkYh7JUyUTlxpz%2FKdliO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186194842c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
iu3
s.amazon-adsystem.com/ Frame 0D80
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
372 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9f6bf549663035f716917eed6abb75ce1663a75961b9977cc802d59bf5bce99d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
372
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0QBHR6958J1PN59SVABA

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SZ50H9WCDVHK81QS61T0
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11065
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR00huvpb3np4hO6Tja0ht7u1qgRD9HRM99LnGgRCMiVNqCaHfNwlEdb3SAjHBRBJCzmOmcLP72QrLcOFKIdDnz8KovjAD3EF%2BcP%2BqU298Hnh9HWwxtrU9ZrCRXUtdXRoIQUdGAAU2xGy0ByPIOW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861998a0c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11128
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmlMkygnGpL2b4RatcHIu056hY%2B3dkvM9MTIiESBg7QbbcLx3cPWbamPOdqqnoPQxIRhVQPlbPXBTEIycltnLxLy%2FLSkMA9BJTrVlyS79YnoXwS31SArCZpiyWn%2FdsgmdVbKWoEPEUmHWcdbBc0P"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18619d8e6c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLu6LaWXYLaRHlrfNeuk06wT4%2FT7vAj8xuNZwA%2Bu92lFqKJyyjXmX11V%2FqSijpz9WLvyjMHg22fbf1Ka0pZ6nj7aXTLkZfBI5mxk51D1cGz3P1fqpmzLUdSUXvmLmc8EUulbVVNWPmzEty9mbuuR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18619e8eec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
cookie.js
partner.googleadservices.com/gampad/
401 B
701 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=thehackernews.com&callback=_gfp_s_&client=ca-pub-7983783048239650
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20861a67c9d3f8694f1d9cc9fa0146fc0726ef04eb47017ca7efd5b9054be6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F204
0
306 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1674476095&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x540_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335791&bpp=5&bdt=1689&idt=206&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7090965524977&frm=20&pv=2&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=234
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 23 Jan 2023 15:22:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f966aa5a01d4ff4394b40843a787ff7025e3baa7a39631bf4d52ebe670be59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11157
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FFC6
26 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1577c01c806caa32d876be1a72079c05ad447b28038d6c97d4ac08c83a5b3303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12094
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 23 Jan 2023 15:22:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYjb6g1d%2FADkpjrNnPQipKSEEofa2r%2Fd8NWcnxS3T5HktdI%2BQDxeQ7QOSVVE8orx%2B007abu1MtUFLqlf7CqGNSAnN3AMu4vjPONHaerUS6dZvjWAlLh0dkDw9pIg01kKw42rjdI4Vog895Kvp%2FEv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861a695cc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EBD5
26 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13687f2dc869c2b7f8ba74253fc909fc86110e7f8a5805d98a077b3ac724f57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11902
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 23 Jan 2023 15:22:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
60 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1380390476623251&correlator=2758060291088686&eid=31071678%2C31071680%2C31071602&output=ldjh&gdfp_req=1&vrg=2023011201&ptt=17&impl=fifs&iu_parts=103512698%3A22548988896%2C22055889224%2C22055889209&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height%2Cheight&ifi=5&adks=2065311470%2C2597538798&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%7Camznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1674487336084&lmt=1674476095&dlt=1674487334102&idt=1240&adxs=1035%2C1035&adys=731%2C1940&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&frm=20&vis=1&psz=300x0%7C300x0&msz=300x0%7C300x0&fws=0%2C0&ohw=0%2C0&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1378192a3f06eebb903577e1a201d948372b78534e557c33ea5b7fcf7e3c842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
330395
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18302
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
520290
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B55
6 KB
3 KB
Document
General
Full URL
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Tue, 23 Jan 2024 15:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tumMoiABJpqCZiErrp6jlx7UBpqJjK7RifktVHSpHPQUWw4gUSVzLebqvuiKObwDEktOWqQhM6ZR6xPdwkkl8BTPsWsrBeogtmnk3q2FKtTyRA4DqSwZlfSwbsUN5m14KaQARbsxPNBjQur%2B7oM7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861ab9a5c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A315
75 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad0335e42b76a2f56864e0bb2310e567b96dde3f8b0f7dae25e918e0252164b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31602
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 23 Jan 2023 15:22:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqWhFNoMXwyi93QHBk5SEmQfZU78VZwHJ25BuV8tEUYH2ctapFoKMtwVv7GVoLJzJYDgNd7Q4atFmr93PUUNrWt0YzsF9K5VcM2vMirxunSimRDUNKi31hZSlaOGOXJa5qv8eKXVlcaSBKl%2FW3h2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861ad9bcc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d544LIQIBRIHEQhHEnK8q%2BvaxC7x7%2B9oxDd6Zg4TAzUl9o7oW%2FJPEJc%2B1tDhvCTvRNt702WQbBcwBNN0Jgfd77QcSrIy1DtKMH1IFiFa1Z6SxxTE1lPFd0d1tkSJXUQnelVvD%2Fn%2FbseR5JsL6TU5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861b19edc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
pr
s.amazon-adsystem.com/v3/ Frame 7889
3 KB
4 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b5eb7f9692024874b4dbebd153c78e7f4051142c7fc4eaf197b5ebf1ac8b75
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3332
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6SP7G5WR2SY46JD0TYE0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoeVFKaS9kqq9HbIs8EoCre7jxAzdK16F%2Fu6ZwS%2BQysHI9gmh45%2BU06g6McwrLwAR11Ax7t%2FCTgVMdd%2F1xdN9lrBw140LbQbw%2B%2BSLXba642V1WK3M6cbLPwqP8JRtVzinf4%2Fw5S5sVQKBD4HElOY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861b4a2cc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_fy2021.js?bust=31071766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:16 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywkmiWe7MX4nokHDHnRqeMlmfYP6xqKuIJRBwnkQ%2BPWK%2FU%2F9sdhThLkfMg59Y0LIplUSa%2Bdm6qSLDmbu2XD4WFLUSCuV78p8iXRx7DCF7%2FbppaNlpv%2BOffyRBamGvc70ruwzWqIGqKE7UmaRuRJL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861b7a4fc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53RlqTLju%2F9J9Y%2Bw2rgVg5xOkjSO%2Fc%2BeVwW7wPjXsrAAdLMMMXMCmXHvTFvK2p%2FMS4Gs%2FC%2BwJ2l1YPTvQpTGbHK0rC0ha%2F%2Bb8NjtkNaoGeHXxDEVK6MX2Qq1qX%2BceDMGImBS6wRCz9T8j5QOr9k0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861b9a69c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
ecm3
s.amazon-adsystem.com/ Frame 7889
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3174889366419408000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3174889366419408000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z3M5BNTF5NWDCR7KCWH8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3174889366419408000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 23 Jan 2023 15:22:16 GMT
ecm3
s.amazon-adsystem.com/ Frame 7889
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=5f484d19
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=5f484d19
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZZR0WKRH6P4X6QKJR3D9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:16 GMT
via
1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=5f484d19
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
waEBxXM-fDVfQ2cPacfn6eCn2ayHXEbLCRYeGuvhXdM8yz5ke5XINg==
/
onetag-sys.com/match/ Frame 7889
0
0
Image
General
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

ecm3
s.amazon-adsystem.com/ Frame 7889
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=FCDE7643AF4548A79DEE48D8B397BDF1&ex=simpli.fi&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=FCDE7643AF4548A79DEE48D8B397BDF1&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WYPC2QEPPH75GPS713SD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=FCDE7643AF4548A79DEE48D8B397BDF1&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 22 Jan 2023 15:22:16 GMT
uc.html
sync.go.sonobi.com/ Frame 464D
682 B
2 KB
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8a30036501a6d3e268b557ca30bf90d31b5296da03398d0375c520f22d049b6f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, private
Content-Length
682
Content-Type
text/plain; charset=utf8
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Server
sonobi-go
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-136
X-Xss-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 6A57
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8681080202229734004&gdpr=0&gdpr_consent=
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8681080202229734004&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
44N11XXRDPM9HREF4GJV

Redirect headers

content-length
0
date
Mon, 23 Jan 2023 15:22:15 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8681080202229734004&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame E1A1
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FBNDDMTKM00ZFQZ01WMK

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 1C85
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
A6NAJ3E794K6QWQ6H1CQ

Redirect headers

date
Mon, 23 Jan 2023 15:22:16 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
match.sharethrough.com/jwumXNuB/v1/ Frame 048E
427 B
612 B
Document
General
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.91.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-91-56.compute-1.amazonaws.com
Software
/
Resource Hash
8aa693a7aa0b3dc24b2855ea89caed906f8cdfbd640e25250b4c08210b3ccf14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Mon, 23 Jan 2023 15:22:16 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F43
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50381
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Tue, 24 Jan 2023 05:21:57 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame B8C5
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB
Document
General
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
6c46c1b6dab1453bf35ce6d9ed062a8ca0a371d892e33446da9d8bc291633288
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
umcheck
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://e1.emxdgt.com/um?if=true&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/umcheck?&if=true&apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmF...
  • https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz...
3 KB
3 KB
Document
General
Full URL
https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
19d1c8b843bef3862523918c900e01d1ec90d82de41c159e20cf9fb00c574a53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
2684
content-type
text/html
date
Mon, 23 Jan 2023 15:22:16 GMT
pragma
no-cache

Redirect headers

AN-X-Request-Uuid
9f49352d-f9ce-4560-bf1d-9a08ce3c9b46
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame F0C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6733065173710718434&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=6733065173710718434&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QMBMJDTP8GBR2MVQHHKX

Redirect headers

AN-X-Request-Uuid
922a8cc7-080f-4692-bd7e-627b923c6de5
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6733065173710718434&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame E775
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1233109657613021960210
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1233109657613021960210
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=snb_n-MediaNet_smrt_cnv_n-inmobi_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ppt_n-emx_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XWZDZ0NQWE07C4NVYVHR

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 23 Jan 2023 15:22:16 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1233109657613021960210
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6h5%2Bd3rBW7YvAfe1vO%2FyookipgXaglM6%2ByKuMiAf7W7Slzi2xnMl0kPudwbGtnpEqtUHmyRzLHjzz8zLkB2djArvL8hMgH1H%2FWUkdLQ1lWmWAKDhURBCs8tjjslPsf3qLSqR%2FLFo9qKoGCnahgK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861beac4c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekC5h2TBu6pz1RPn6aJZ4X7U4uu1qXGDPGo38UcWLkwr2kObSjp5exoYzT2IiP0H55zHsaXAQ94J40H9dqCug%2BXgs39opkdle39%2FHqwiRgodBNuK88LLnMAkJnZgb0eZT%2BAHDkTVhaLMSosV71Ka"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861c1af0c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRHxPjQvoeTWKxOj028gfLVHjrtAzY3MNbOYGjiyQmFtpsrz%2FC9WhSK2AwrfqgqEsE5dPGtPU%2B9uR77%2Fj1WDJmaHRU5FbLVx6DYVgXmQRtkV5zKEyZ44v7C1Lc7fxJ9mxtPx2cWibP4ZGNp7blBB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861c3b0ac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B8E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
5683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:47:33 GMT
expires
Tue, 23 Jan 2024 13:47:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C785
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb0ba7fd78c5aaebe6e77ba9ba93964751d49a4a3af2b52f699fed8f6dfcf80b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-StvIlQ7B-11w2ezXsphB2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-StvIlQ7B-11w2ezXsphB2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 23 Jan 2023 15:22:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGBliJJwxQ13GtKynHRod9srtmvhYy8mqGpgSxdRrZPU97mEynGZfsvafAet4%2F%2BbKogIsvtol4VPd2vuvDK7%2BskP0tV4uLLkyC3Hic%2BaF6jjDfP%2FwPE6sgFh5Y9sIu6sQXRCFmmVVxBXb69LF51O"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861c8b48c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO1Ntmkhr0kTmXp%2FyFMOqJtaSc%2BEKIj63%2F8utZh4G%2F1npillG9V2qO%2BbbAWWWjzvEIogXewgWoif8wSiUB7MdSJ5xRzXZ%2FAshOBUp8MnE79DrNywBHZGV%2FSX9ZgqZZnq%2BeZMr9gwqTxLB4cbsVDG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861c9b65c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F43
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23042674&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
69e2bc285ae0e092f074e10ba38692e1d2b4176c7db6dce6d18a4f182a4e6a1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
1547
content-type
text/html; charset=UTF-8
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 2B8E
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 15:16:57 GMT
ecm3
s.amazon-adsystem.com/ Frame 048E
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2131a2a5-2d3b-4bc3-86c1-f9dae394b6a8
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YH8ESWVC5KYC1DMHGFP6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 048E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.91.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-91-56.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 048E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.91.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-91-56.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 048E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d88897d5-c1d3-4ad9-4946-9422b7a8642d$ip$167.88.7.162
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d88897d5-c1d3-4ad9-4946-9422b7a8642d$ip$167.88.7.162
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.91.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-91-56.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d88897d5-c1d3-4ad9-4946-9422b7a8642d$ip$167.88.7.162
Date
Mon, 23 Jan 2023 15:22:17 GMT
Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 048E
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__&s=186046&C=1
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
44.209.91.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-91-56.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0Y9AKubEJPAA6TIzRUMPP46DBU5fJncFzj%2FyVzpYoAz9vxwZW5AHTzNQDyGAOjKqpPfF5r1ipOJlkqPd8%2Bg4fBIhPMa3IO7GpPsS%2FJ4wlFYfPhWmU2%2FSefBxH1Ae2PtQLJeOQBb"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
cache-control
no-cache
cf-ray
78e18622b8466302-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN62yrjdTYVKK7AxevajMMkjMxDbpKaWS%2BeEon3UxeWzU5IawZAuXgJ7F3I9rUXTF5Uh1bWmPFrVZVGM3sUECeM81yLXBhI9CabRwEQBh5O6y1yWpbtFQAF%2BR%2FKTbgLhNJ1Nyo3OOwtWlizwggaI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861cfbacc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
rtset
bh.contextweb.com/bh/ Frame B8C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=YUNKbTBoZmN0VWM1ZDNIVHkwRldpUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESECgjTrnE6Q7vEkn6bo1adN0&google_cver=1
49 B
651 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESECgjTrnE6Q7vEkn6bo1adN0&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESECgjTrnE6Q7vEkn6bo1adN0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame B8C5
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736&nuid=
49 B
679 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736&nuid=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573736&nuid=
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame B8C5
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=ocnaw3qIK5Iq&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V4HCW25G839J6VY1H1C2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owsxjmF6UC%2FKWBzIQuhb3CgPLXnxcVTFdzVgicapa%2BENRPoQ5pUtxRfzcK89%2BQmMC1M%2FpVPwnsEhsgZy1SryeYzHJqOLQ4zIORHcnPSnisKXuU28eHnpXlKF8TdG4Xu2YAsxvqNZUa8MCHJCo8yY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861d4bf3c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcyD8hcPX6m7bkdMxMLhZPXCVkH6QAnci8mt2zIi1uK9W%2B1Qe%2BGfJfPgX%2F%2FsWxKsa9IG6HJVNGvm898V%2BCINu3Q96OjfGiPqycAkJf0NdGGHsMKfutOQVWyaAtks1Mk05asukbz7saE8dzXmQo8R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861dfcc6c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame FFC6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
5682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame FFC6
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:33 GMT
l
www.google.com/ads/measurement/ Frame FFC6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkq1zM0UPecEwNkukVRLcpm32Domf9cNJndfgyw-f9wjkC2YutK-IHxSZPuxZgbASxoRzav83dwfaBp3oVI8EVLFW23w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFC6
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FFC6
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CynFzKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT2AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMHO__I-Zn4g-e29esty9iv4H5GnO1QxMfiKpb3FeT0qX9lj8oqIAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc5ODM3ODMwNDgyMzk2NTAYAA&sigh=g1GaJhm76UQ&uach_m=[UACH]&cid=CAQSKQDq26N9FzqpQupKiYdTLFmb45O3hpX77jRU7fPbrvyHT2xCMZo6MlRlGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 15:22:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame FFC6
0
0
Fetch
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK2lE9eCMNgFWuIinRcCAAAA3qVfUqA6s90QJ6bOY4HptgIE_wdqjcHGABIAAA&wp=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
279193
content-length
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 3402
139 KB
45 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
58d13248ebe406010cf0f669b960ad791cb146fc6fb3d2fd52755e39a05371d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=z0vzvOt5F5xFsYhrEPg36Yj9z6VnqYOAx91LNTeH1bNno8PYJhEzcmtHEuLT8D_uStBjfShCOsKA_f7m_iBuaNhBFMkiTL6CPODghYqnS5WqqssY-Sd_zzOdfd3ILVorBYtlUBgSav5jqmHpi9FkAHm8KaU-elDr9AQtJ6XZsNJxkkVE_SH7DM-a5RRR4uPefMA0MOxWu2pOomsxwEvfMYj5TGND0xQuu2Ojjs_8K8sOxlpUR1vguuPLTrMuK6D3tK2I7Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
78817663
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B25D
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 17:31:33 GMT
etag
48472445140208031
expires
Mon, 23 Jan 2023 17:31:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3L1T3SbviPN7K0ShG6t%2Fuk4B6002t4xgstNQi11r2GWYyShbgEmvDVgn8ZtGFdcpQRPWQ244jFHyNcum%2B4eIsx%2FML%2F%2Bufe3CmqCVYhZJcMdIuvBKU1EdHucM9UNnPtyAQswtMfEcDt3Yr9SiyT7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861e1cfcc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C785
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=1380390476623251&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

truncated
/ Frame FFC6
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0b8d6cdf052a2b7b4649e1521ab3e7d2577df71021455ff3c2d4c084fd0bb6c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B25D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELmfUG-f3qxwYoQGc4WWfqw&google_cver=1&google_push=Aa02lx-GahcTRKQiDUBRnAGPKtINd0bAgGviO7SSThpq8P1sqI1zLetzEn8CgJgaRjMsTVnG3bv_Nus49tyqSF6970p7u0Mz5P2sl...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyNjcyMDQ0MTQzMTA5MjA3Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFIgvV6Rz2qbIbrSk7MLlIM&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFIgvV6Rz2qbIbrSk7MLlIM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFIgvV6Rz2qbIbrSk7MLlIM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B25D
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECSaEk_306gIjd7Nc5Ny0q4&google_cver=1&google_push=Aa02lx8m1ulAtc6dGjiGF3pUYrasKmNtVeeZJb0xmUrOOvkIc23c0DyPq4MpLLjyE2FqXBihLtKvE...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx8m1ulAtc6dGjiGF3pUYrasKmNtVeeZJb0xmUrOOvkIc23c0DyPq4MpLLjyE2FqXBihLtKvEST-yKwNWIvBvZjVd-Ae-SZ58omrfzPihCSeBwZMNYaVsaLddOW90v...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx8m1ulAtc6dGjiGF3pUYrasKmNtVeeZJb0xmUrOOvkIc23c0DyPq4MpLLjyE2FqXBihLtKvEST-yKwNWIvBvZjVd-Ae-SZ58omrfzPihCSeBwZMNYaVsaLddOW90vpVt7FQ8osK0PpwtYwak7OiRSDXW00
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C8FE621987F44761B1ECCB33291C85BB Ref B: CHGEDGE0912 Ref C: 2023-01-23T15:22:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx8m1ulAtc6dGjiGF3pUYrasKmNtVeeZJb0xmUrOOvkIc23c0DyPq4MpLLjyE2FqXBihLtKvEST-yKwNWIvBvZjVd-Ae-SZ58omrfzPihCSeBwZMNYaVsaLddOW90vpVt7FQ8osK0PpwtYwak7OiRSDXW00
x-li-proto
http/2
content-length
0
x-li-uuid
AAXy7/bkwEXVzT4zBXP7FA==
pixel
cm.g.doubleclick.net/ Frame B25D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAE5BYaQ9XXgEMuq0nyEYZU&google_cver=1&google_push=Aa02lx95YgViGdN5oIj0rFMBbIqpYHmpReGP6Elatpfh1wpPbklCt1TLFAdB_c0OBp-7W-ix5OH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx95YgViGdN5oIj0rFMBbIqpYHmpReGP6Elatpfh1wpPbklCt1TLFAdB_c0OBp-7W-ix5OHhxzsz_snjdaOcmj0S1cIqkIQF5GVJJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx95YgViGdN5oIj0rFMBbIqpYHmpReGP6Elatpfh1wpPbklCt1TLFAdB_c0OBp-7W-ix5OHhxzsz_snjdaOcmj0S1cIqkIQF5GVJJcRaEf9zd_jQ89kNyPUsD129_4q9n2F5gj6GWcIdokXfeP3hnEhDrjE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx95YgViGdN5oIj0rFMBbIqpYHmpReGP6Elatpfh1wpPbklCt1TLFAdB_c0OBp-7W-ix5OHhxzsz_snjdaOcmj0S1cIqkIQF5GVJJcRaEf9zd_jQ89kNyPUsD129_4q9n2F5gj6GWcIdokXfeP3hnEhDrjE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
pixel
cm.g.doubleclick.net/ Frame B25D
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx-0mwiXmeRy2H54tvQl2mTrU1zs_OkwqwAa4UOb-DZ9QekAgVUaZ_xCPTPZ5N_9G1pHZn8UjzZ1T3...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx-0mwiXmeRy2H54tvQl2mTrU1zs_OkwqwAa4UOb-DZ9QekAgVUaZ_xCPTPZ5N_9G1pHZn8UjzZ1T3FQlMlyNoUKZJHnhhGwgwTo778_MpX_Iwj3-qpZxjiJjC6aPv45...
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx-0mwiXmeRy2H54tvQl2mTrU1zs_OkwqwAa4UOb-DZ9QekAgVUaZ_xCPTPZ5N_9G1pHZn8UjzZ1T3FQlMlyNoUKZJHnhhGwgwTo778_MpX_Iwj3-qpZxjiJjC6aPv45sGWOJNOM-0_ULJyyb4dMqL3BQVg&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-136
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx-0mwiXmeRy2H54tvQl2mTrU1zs_OkwqwAa4UOb-DZ9QekAgVUaZ_xCPTPZ5N_9G1pHZn8UjzZ1T3FQlMlyNoUKZJHnhhGwgwTo778_MpX_Iwj3-qpZxjiJjC6aPv45sGWOJNOM-0_ULJyyb4dMqL3BQVg&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B25D
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEAR4GBF6qOVOxq96yHesPXo&google_cver=1&google_push=Aa02lx-H1M9buAW4JWVuSniE3ZHV4gmfLGIay_2fD81ZdIcaRGu8JZPD7IXrDE0krwxBjNOtqxIjiU0h8wPo_LX1RjdVC3U...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEAR4GBF6qOVOxq96yHesPXo&google_cver=1&google_push=Aa02lx-H1M9buAW4JWVuSniE3ZHV...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEAR4GBF6qOVOxq96yHesPXo&google_cver=1&google_push=Aa02lx-H1M9buAW4JWVuSniE3ZHV4gmfLGIay_2fD81ZdIcaRGu8JZPD7IXrDE0krwxBjNOtqxIjiU0h8wPo_LX1RjdVC3Utk_3TDfS80TCe66sc-_mjlqt4LFxpWV1xHhKBpDsfsHzP53qFDRy1CsoHT64qKvE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEAR4GBF6qOVOxq96yHesPXo&google_cver=1&google_push=Aa02lx-H1M9buAW4JWVuSniE3ZHV4gmfLGIay_2fD81ZdIcaRGu8JZPD7IXrDE0krwxBjNOtqxIjiU0h8wPo_LX1RjdVC3Utk_3TDfS80TCe66sc-_mjlqt4LFxpWV1xHhKBpDsfsHzP53qFDRy1CsoHT64qKvE
date
Mon, 23 Jan 2023 15:22:16 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame B25D
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAHAT8ZrlVA2yjdWtP-DJ1Y&google_cver=1&google_push=Aa02lx8K0VoWZG_rUDov6DKB5l1YZen2VauTFQlyE9RML9MSDiCocht8x...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8K0VoWZG_rUDov6DKB5l1YZen2VauTFQlyE9RML9MSDiCocht8xgIMvqFdRR11RBw_kw9CddqypnVszJ93elRUh-O3E2W53Y-5UdmfgqeGMbkZwTAj_njcSnOmI...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8K0VoWZG_rUDov6DKB5l1YZen2VauTFQlyE9RML9MSDiCocht8xgIMvqFdRR11RBw_kw9CddqypnVszJ93elRUh-O3E2W53Y-5UdmfgqeGMbkZwTAj_njcSnOmIs4XMM_AyTGsi-JB_9D5nGuNnQbhg1eD&google_hm=QlMuMzJhMS1lZGNhLTRlYmItYjYyMw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8K0VoWZG_rUDov6DKB5l1YZen2VauTFQlyE9RML9MSDiCocht8xgIMvqFdRR11RBw_kw9CddqypnVszJ93elRUh-O3E2W53Y-5UdmfgqeGMbkZwTAj_njcSnOmIs4XMM_AyTGsi-JB_9D5nGuNnQbhg1eD&google_hm=QlMuMzJhMS1lZGNhLTRlYmItYjYyMw==
Date
Mon, 23 Jan 2023 15:22:16 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame B25D
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEF5zeE9RMXoaHeGMbNVXnZg&google_cver=1&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0u...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrn...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ...
  • https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16DTuddabNMg3XxoKlEGtG4HURnpvoizjqtD8dZqeeE&google_nid=inmobi_new_eb
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:18 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx8aanBNftphdWvB36apu3f-a-_6EI6oPXYI8DOYfIrnLJSaCm-kvLRuwqFBqlIE3iDOVm-ePNEpGE4Mth6zZcmZ5LIvCZlaYG0uQ7H67YZuIksLG16DTuddabNMg3XxoKlEGtG4HURnpvoizjqtD8dZqeeE&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
285
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame B25D
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsrOoBF58H0kAXc3Yt7egBWDZxDrfyCwAG7_thvXFzTEyl6KjzMU-R62lLu2PsbNqmAsTpglc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwft5KvrHXEoFHXOPYPs1ZZEqhyDjEV2jbQrJKpW6zJ%2FydKspeAJoo0Pj06VLuz%2FmvGgOTJSqKs%2BThcTjIIm%2BL%2Fh1OGKLiDSpEJSy%2F1GdqCSCVLCaPzZ3ZGJtowEIBbP%2B%2B4XvithKTSMqKbj%2BC1f"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861e9d92c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
container.html
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5B8
6 KB
3 KB
Document
General
Full URL
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Tue, 23 Jan 2024 15:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B1E
6 KB
3 KB
Document
General
Full URL
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Tue, 23 Jan 2024 15:22:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
17607788540214274142
tpc.googlesyndication.com/simgad/ Frame A315
83 KB
83 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17607788540214274142?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql7nRDvrK9yB8sBDGqWk-8rHZGXpw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
657522cf56d3621346ae7f0e6038b36d39cacee09795e95887e1b00850752bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 12:17:54 GMT
x-content-type-options
nosniff
age
270262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84551
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 12:44:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 12:17:54 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07ddHOatP%2BC6eQb%2FM2w73Yu18Eo4hsKP1QvCeHk7XJFkfyWGzUjurYMahdhDVpHtJ5pY%2BngAZv0yvDpvl2JvamsOwcxtY7eTGoj018%2BPx0Hh571Uk0s9c3Rw5rR%2FEKukKqiKfmOrK7C%2FYiFk%2Bv2h"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861f1e2bc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lg5QNIn6e4lYO6dDKT6AvvhGx1zh4VmII%2BSDXuI0IOgEh%2Fh%2Bipv6JtfKUYPh6x8XJZyVZSqSrCPhKzgUEzHLUcuzdSi8CsIJ7z4mtXESHkS376w%2B%2FnDT7MHtJKqh3al3ArZpzQbi7clGWyxtEx6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861f1e2ec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A315
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ca-PWKKbOY7K4CYGmhAaY1ICgBdXlxK9ukOLGz5ER-KPpmPATEAEg5_vlG2DJtqOI8KPsEqABoZXy7QLIAQKpAlNuIrwJT7I-qAMByAPJBKoEiwJP0I6CIzi_A7SGripN_FSR5x4M1pmm7YCDiUyR8Mllz0p0lXY_hZ-vaCnCb291FFgwMy0dQRwt4tCoVrcEiD0dVMXyXtr4ggOQUslq0Tj65fsvUakxVo8_NinNONHo20tOBRFWn_gDqZ4m39noe0fy1pVtXS7CTytdlBn41b1qmuAzl3U8gmbSbx2aWp51twIfH3CpCnXWE3OYGh_y1fdedS_kNiwQqG7MTTOVYDe4bQLpBFRDOjGYLBSl3v03OtmcWfFohTH2cUK2JaL77mbuFRxl_IkNxclU7YbPbw_dxTUyEOXKLoosL6c27qUNnHZg-8CEaRK-pbwlAK30yOMMa-kqQmBJq025vAfABNXZnaOXBJIFBAgEGAGSBQQIBRgEoAYCgAfH6o2SAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPrBBNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi03OTgzNzgzMDQ4MjM5NjUwGAA&sigh=AL0jekKv9As&uach_m=[UACH]&cid=CAQSKQDq26N9-8JP-d3-SGqgz_QfrXCC_itj5jzDiO2BU17jnlKKT8YJ99PwGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 15:22:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame A315
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 20:30:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
67914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 20:30:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A315
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
5682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A315
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A315
155 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A315
33 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 16:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
81342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13507
x-xss-protection
0
server
cafe
etag
2920471824528828230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 16:46:34 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EBD5
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRbB3KKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE9wFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vdg7eDHvH2SoHMU1LDnmTfyVdBZGZKRP2Bvh0HC_kZbq-flKI4GgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzk4Mzc4MzA0ODIzOTY1MBgA&sigh=hlf2LBqw7mQ&uach_m=[UACH]&cid=CAQSKQDq26N9CW_soKM0gjoT_GVvpbcehu2JLHy2l7jSjbOZ-TTrmm8OGlS_GAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 15:22:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame EBD5
0
0
Fetch
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK2lE9WCMKwC-gHiIp0XAgAAAAW0llNek0JSECemzmMaRMAbBxQjxiPbPAASAAA&wp=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
146986
content-length
0
match
c1.adform.net/serving/cookie/ Frame 6D91
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 23 Jan 2023 15:22:17 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 23 Jan 2023 15:22:17 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3FED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y86mKQABeG-JIQAb&gdpr=1&gdpr_consent=&_test=Y86mKQABeG-JIQAb
0
225 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y86mKQABeG-JIQAb&gdpr=1&gdpr_consent=&_test=Y86mKQABeG-JIQAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 23 Jan 2023 15:22:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y86mKQABeG-JIQAb&gdpr=1&gdpr_consent=&_test=Y86mKQABeG-JIQAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-chi-kigq8000099-CHI
x-timer
S1674487337.088401,VS0,VE0
ecm3
s.amazon-adsystem.com/ Frame 044F
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SZVZQR0J39MAWQQCWKPM
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I-eMr-qNQhaqkomIMGRJeg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50380
accept-ranges
bytes
content-length
5554
expires
Tue, 24 Jan 2023 05:21:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame 1F43
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=23E78CAF-EA8D-4216-AA92-89883064497A
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDIzRTc4Q0FGLUVBOEQtNDIxNi1BQTkyLTg5ODgzMDY0NDk3QRAAGg0Iqcy6ngYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&rand=07985862
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&rand=07985862&expected_cookie=e90b159f-8c12-4ae7-a745-e94f471fca75
0
145 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&rand=07985862&expected_cookie=e90b159f-8c12-4ae7-a745-e94f471fca75
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A159BBBD61234CB9B4655618B0097AF4 Ref B: CHGEDGE0912 Ref C: 2023-01-23T15:22:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXy7/byOPCYGCIX/qlNxw==

Redirect headers

date
Mon, 23 Jan 2023 15:22:17 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 780AB9A017844B0586E7C812AF25CDBA Ref B: CHGEDGE0912 Ref C: 2023-01-23T15:22:17Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=55aeb6e4fce97273ddea39eceadb8160bbee9b33d1a4ea0a3a8e5dbef1e9e3b3791426b5417dce21&rand=07985862&expected_cookie=e90b159f-8c12-4ae7-a745-e94f471fca75
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXy7/bwk+oN8zN4FieoVA==
mw
mwzeom.zeotap.com/ Frame 1F43
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=35bcdf5f3c7d20c9
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e3233cf9-0634-40b9-4537-55f22d950997&reqId=538a2b23-a5bc-4ac1-7633-5c10fecee774&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELUd1h37KuZCct1mXJaotYE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e3233cf9-0634-40b9-4537-55f22d950997&reqId=538a2b23-a5bc-4ac1-7633-5c1...
95 B
163 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELUd1h37KuZCct1mXJaotYE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e3233cf9-0634-40b9-4537-55f22d950997&reqId=538a2b23-a5bc-4ac1-7633-5c10fecee774&zcluid=35bcdf5f3c7d20c9&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
78e186251f50871a-ORD
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELUd1h37KuZCct1mXJaotYE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e3233cf9-0634-40b9-4537-55f22d950997&reqId=538a2b23-a5bc-4ac1-7633-5c10fecee774&zcluid=35bcdf5f3c7d20c9&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjNFNzhDQUYtRUE4RC00MjE2LUFBOTItODk4ODMwNjQ0OTdB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEplLbJ_NtStTTQGD8bQIyg&google_cver=1
42 B
300 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEplLbJ_NtStTTQGD8bQIyg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEplLbJ_NtStTTQGD8bQIyg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F43
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1
42 B
439 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 22 Jan 2023 15:22:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1F43
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d4647c7-bb63-4ba0-9c6c-cee5ed34b200&gdpr=0&gdpr_consent=
42 B
375 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d4647c7-bb63-4ba0-9c6c-cee5ed34b200&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0d4647c7-bb63-4ba0-9c6c-cee5ed34b200&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
adview
securepubads.g.doubleclick.net/pagead/ Frame 2B1E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjHaJKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSoAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WcjmDPtoP3oBNiMRPivjF-zeLHoMIS3hAmRR7xqpeWPmR_s7xHC4AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjWACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=Ci8Q6DAHxeA&uach_m=[UACH]&cid=CAQSPADq26N9__YGlq0NzlsMz6pLXtgR_DPaiaKB33nnTPCZ2-uMrvgF8qickVWdoD9QSOtOa9E2ZsMk5s4ZBhgBIBM
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

notify
rtb.va.us.criteo.com/google/auction/ Frame 2B1E
0
0
Fetch
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK2lE5DMXKwC-gHiIp0XAgAAAPjjWbRbbk3DECemzmNeIZOucDXMo_EctwASAAAKDkFRVURDZ1lCQ2dFUENn&wp=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
116097800
content-length
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 5833
163 KB
48 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d16dd84c274dee7062a0dc26fb8adc436e86e183f750a2a7c9cd8503606fe21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:16 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=QSUpnut5F5xFsYhrJX7UVgOijSiaCgOqUzE5lnpcyp_J1Vf_I-WUVrq7QTtgoOB8uspbR14ovbn3mg9zBsCOoWf2kcid6fS_JSboUmksT13A69qJtqLgecomD9C_e13zozb-k48lgflAONSj8pf5UaU9VkRMGL19cp952fSenS2I-waoCDHSG91YshhDlpsS-GSghNCX-QxV8xq6Mxh7GPtMqgCm3rYL1bqtpsrOgspzeyzZYf-KU_KD3CY-fk3-hhRWJcU8r1JrcA1N"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
116331495
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2B1E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
5682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9AFB
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 17:31:33 GMT
etag
48472445140208031
expires
Mon, 23 Jan 2023 17:31:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2B1E
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:33 GMT
l
www.google.com/ads/measurement/ Frame 2B1E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTU2wvbfNTjJbu87XICd9Ra7g_jtyWojgeqbQ9p4XfnVzNuhmQZmo_w7P1rfByzHBp_nCsbCym6aJCI67fChmouRw195g
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2B1E
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 13:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
438507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Jan 2024 13:33:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B1E
155 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:16 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11129
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4x6VmdvF851dgZwMUd10cPjMX6EaWLQQgBhqNaPkLiUabnqfklt%2BQTxfHo2ZMHztCIcek8GuhmYqwbK%2Fna7pwhlOAWe%2BhdVTP87N3d41AOPmUnzlNWZqo3nHmyTuBOe517qbCkhxcK2%2BIggzMog"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861fff01c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11066
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDKpBbNkU9ws4%2BWYIPBT6GwviDEBzkdirzcoXM%2FYXhNc%2BBozyZ4pfHrQ6WpTVORhh9rkwHiEynXRmBvcEaN8gReIM9eS5ssltW5m%2FS9vaEaoXqBYqgJSEtcNkYlAK1xcBiafbKNhHCuqxkeYr9Bi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1861fff03c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F5B8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1T6yKKbOY4KTCpLAzgW4-6egBobK5Z5chIHg9s4CwI23ARABIABgybajiPCj7BKCARdjYS1wdWItODkzMzMyOTk5OTM5MTEwNMgBCeACAKgDAaoEoAJP0NJ_VGUqXn0kF694eBaoxqre_yzm3qaVgNIiM7bMqSr41y6OBnki5ae163hjel3nTK4uhK0pEHQmH4oNfFf66L6EVJlAZBGc7K8kOUXTj8DU4ufuAeI7Bf5lVrgOCB9Sf9VuPJAijSSK7LTxkDd0DN3L7HNiDYaQ_r_7aieURrOPrWdGdKbpNTvtCXaxCYPzORINrn4__p1gUIQWEVTsI_20gxAzGB5YPcFJ59dN8lGsXH6WMT4eX0EXfUI70Br0n09EUVFIzeARxMexslnr9GevPiZwBu1XDaZMc1_O4-ZmJAAKhO_EEHVAqNCWTCIGum8yjyYfkpA1nDHARLZp4Bs9ENDsrsQfN6auBa0G2uY_6Ep7MFTk782Wagg7V1bgBAGABsLKu_TS0v79TqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MDE0NTY5OTAxMzY2MTY1gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=aUoWK8H4H60&uach_m=[UACH]&cid=CAQSPADq26N9__YGlq0NzlsMz6pLXtgR_DPaiaKB33nnTPCZ2-uMrvgF8qickVWdoD9QSOtOa9E2ZsMk5s4ZBhgBIBM&tpd=AGWhJmtNKqOQ4VSdpzw0xceJJeFYgQ2xCl44ppHhrS8WjNMjqHNfh5jGqLrgHB4TCevSIZvcCpnZ9yP5zmKO5QZ9sKUyKo1oGVho6yBCiJH1Ci7xQCc9N9CIIETMa0W0G9ZBPlC4joBgSwpc02SN_Qhbtm0jsmNKzcWyEtHJTTPm6M-KKfZOGJ1BpV3tTnfO8LgneV678co7FRyZPJr3-qzjH0JXWlMhc6YfqbSwLQWykcj_eaQ1lNF40ze2y5I2M7qArU2tOiTJJKs0AQH_JYT8AdluENve3K68EQoyPX-VDoRxgGDIiAaNHPf29dfBUV0uQuPEVaHfUxJlO_gB0iI7shSSXZDdfzLjFDnQJk7KcopqwnY7ZqcM1KlzE0RBvme7oaHguaDEzZD481X14snjDvC00FmyIveld3fDhkhb6KamtgrRYvQQK8V2gOO7NYnKDZhV3bXPZheknpvWOr2eEwRXZRW2o6Qheo_OkXtm76KYqObqNtH-aRImGaKFzFLS2sCi6CowbdArqYTiYGOYKLwlt--pOJcVk8H8BPpZgSVHAEul6iTuOkDf96X24BBiR0m99FGrVxUkmqkItxobYTajq8Fz7Xgv4xJHosH8Jjt_lbZkT160MXRn7kJsn3vNGllNNzO_5PQkYwkdhbre8f83i07-cgCeTSfx4iN8Aoxkft8aeuziQo0WLI19HfQEyoYEnZHfjOFV2QqEhpXOZ_bBWs7VSliXRI0rL7uMN496od1pBsIurPqdnCf_CpHqbWugmuUGA-g6szFrl0sgW59ytfE-I0m9xWSajJrfQHzAml2LLVPsqUbBE3P09tzMYK1ru_LOdciTn3ZX_flwN1POo8YBYzOqicRx0kEGXE4e9s_IjkCNLAcif114z9oNtsb3iF9wAoYZVB7zj1hrUVjmcPTlhkM8nfGDm1FOPzDoz-WUSCqSCD_azvK47l1NpHRwjTFAJmpgQkXZ5A
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

placement.js
displayf-tm.everesttech.net/feed/ Frame F5B8
22 KB
5 KB
Script
General
Full URL
https://displayf-tm.everesttech.net/feed/placement.js?id=Kxj2ilefT2dP544VKFNQ&site_id=8ewbVYJkT5p8wTZLu1GV&rand=1399263213929798958&tm_auction_id=25281410-33e2-4100-8b97-320e2caf2f9d.1&didtype=UNK&bi=B09mKVSJl9QnEef-8_YrtxmEbcfemKH41fVzjtMzRxb7eFVYJ7XG1YetS010o4gMnb-nxDbOH_-iwbw1KHwZxlHv1CovQzDHOBpotsziRJAmRkKXaZclHxfxobfvr3U9ANhXuYL7KA9I4Yxu78E5x1sknJ8wYzuTYbrZ-rcfP5kVOOHKyLHeN-HwfPOlLMMFILcJoSQVaUy0ypNR05uBLYofs5VKnQWc62dBpZt8nfowMU&page_url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&seller_id=540948327&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.74+Safari%2F537.36&q=H4sIAAAAAAAAAGWRO0_bUBSAsU2aElUqjVKpikTlMtCAaufavn4EKrV5ESDkQW2emx_X5BLHNjeGhI6IoWKoKoYODF0qdaBSh478iu6oU6d2qBADA0PVFNqpZzg6OtJ3dM53RsZasPb009mv-29rry7Th7HEVLQXIn4zCDY9ZIa4y9tBJ2thx0GEzzs6IruIvEDbO6gbJc-GH1x8i42nqv0tEXvINUSnKUO4Up2tL2X2T95RYqrXi5w2UZxKswgkYhZKDcvX3n__-vFuIbWnGAulWXtjq9BZajWjsrW6To6obi14iT3PzMo8YDOr2HeCXpetG6wAeDDDDhoKnGH7Cpxk82HooVVkVXGUlSWVlxQ2U50zaotPWA-3EVtBdjuYZIstEnRQVgA5HvAyFCCvQlY3XZPgv9gxxQo2tFwFCI7i2o6MgCVKQHUUybIANE2onlIToixqAhQAJ0lI5AYF4DQrp3KSCJBom67o5hxe-EFptw_ejCVTGupZK-sLbUMOtZ6xsbgjVFbS96IWapl2GxEf9a7lskxu6DrOn11QIzIEOahJonpFpXBZczobVU2H23ljSwequ13Zp0dR1Aq6QOFCEjjcrqkc0aMksribH3EuJt3ohB7u4gh9puM7ftsPev4FnUn8ByZv3TDjdyQecHo939TnGsYVHU_EUD_0yD5TTsSCEPn90S-vp9LMsl4a_5Mm_-07zeBOWHg4O9Bb7keDk0yvSbCNiiGuYZsEjQG71hw5ZIaOmZtBp0wmQS_rSXp-Mc0oQJyKDZRrshivlBvFRqk8Ha_l12rz9dJz6tH6-cTB8eMPP38DUKS1WKQCAAA*&click_url=https%3A%2F%2Fgoogle-bidout-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAaccGAprZk0yVTZZdnlsHBbB6r2ilaDG4JoBFqfsx43O8uqX4wEAHBbtwt2b1O6uipoBFrein4qplPeYsQEAFtCY9bwMFQYALBwVAgAcFQIAHBUCAAAcJu7n8oMEFQQVBCbs5_KDBBbO3fGDBCUCFQKmsgUWsgUWsgUWFBYUFhQWFBbkCgAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABb29qGABBasv7qABBbGqdmGBBbEqdmGBBUYHBT0AxTYBAAVBCbkChbkChbkChE1DibkCgAsLBaAhJK-hoSKqEoWxcGGtbr85ujoAQAW0Jj1vAwGKPb2oYAEFqy_uoAEFsSp2YYEFsap2YYEGAo0MTE4MjQ2NTYzFq6hARbkCiUEFrIFGAY0NjA5MjMVApa6iokDEREYAk9YDHoUJBQkACgDcnRiANwbAogYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQlnb29nbGVfb2IArDgSdGhvbXNvbnJldXRlcnMuY29tAAAA%26r%3D&uoo=0&tm_os_group=windows&tm_device_group=unknown
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash
978cb97b3ce84b408310e2b78160d62af31f6c7d358bd29fea6cbf3e640b7777

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
via
1.1 varnish
x-pt
P=2400 0=0
x-cache
MISS
x-region
US-Central
x-served-by
cache-chi-klot8100136-CHI
server
adobe
x-timer
S1674487337.376784,VS0,VE63
x-failover
none
vary
Accept-Encoding, User-Agent
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame F5B8
85 B
236 B
Image
General
Full URL
https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=25281410-33e2-4100-8b97-320e2caf2f9d.1&cp=2594050&slot=1&x_price=AAABhd85DZXBDXjBYnaM1f9k0xZik4HAdH0TBw&ets=1674487336327&tz=America%2FLos_Angeles&source=openx&country=US&region=IL&mc=48&ap=0&ut=0&vis=UNKNOWN&site=8ewbVYJkT5p8wTZLu1GV&bp=690000&curr=USD&exr=1.0&fid=Kxj2ilefT2dP544VKFNQ&c=4118246563&ccurr=USD&cuxr=1.0&a=460923&ca=724541&st=DISPLAY%7CDISPLAY_AUTOPLAY&sh=250&sw=300&rid=4193&mp=143&psk=8ewbVYJkT5p8wTZLu1GV&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=38&countryid=232&postalid=26898&duration=180&v=1&auth=rXGyKegElZr11DvY2IPI4gFFk9U&x_r=k78rdg
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.147.97.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-97-191.compute-1.amazonaws.com
Software
adobe /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
x-pt
P=275 0=0
server
adobe
content-type
image/png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F5B8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
5682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F5B8
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:33 GMT
l
www.google.com/ads/measurement/ Frame F5B8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQw8wiOwWHmTzwZ3VZY1Sac3zlF5amAwY_iSpjjTTzD-k3VdHrSqWCSjpMr3TJJiJ2ZdyYC9qkpd6MUQIH0kMOCvtLFBA
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F5B8
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 13:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
438507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Jan 2024 13:33:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F5B8
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 GMT
imp
statsf-tm.everesttech.net/stats/1/ Frame F5B8
85 B
362 B
Image
General
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?sessId=25281410-33e2-4100-8b97-320e2caf2f9d.1&cpKey=wwtdkr6dGPC03raBDObn&mpKey=Kxj2ilefT2dP544VKFNQ&adKey=y6TJDFcZjBmQhPtEbWYr&psId=8ewbVYJkT5p8wTZLu1GV&burl=https%3A%2F%2F88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&w=300&h=250&bi=B09mKVSJl9QnEef-8_YrtxmEbcfemKH41fVzjtMzRxb7eFVYJ7XG1YetS010o4gMnb-nxDbOH_-iwbw1KHwZxlHv1CovQzDHOBpotsziRJAmRkKXaZclHxfxobfvr3U9ANhXuYL7KA9I4Yxu78E5x1sknJ8wYzuTYbrZ-rcfP5kVOOHKyLHeN-HwfPOlLMMFILcJoSQVaUy0ypNR05uBLYofs5VKnQWc62dBpZt8nfowMU&price=AAABhd85DZXBDXjBYnaM1f9k0xZik4HAdH0TBw&PG=F&seller_id=540948327&campaignKey=iE8dmZK8S4qATjS07fqG&bidderZone=ethos06-prod-va6&bidderGroup=rtb-bidder-first&env=site&conn=unknown&s=H4sIAAAAAAAAAAGwAE__eaJKYPzkxLDR4WmpgsBegsE2NrgA5erNJPWsXz24Jld7dlKuChHk3LMOss4z4F6jfzyj7OaZRaQ5i6V83XBpXUZYDclkv7Axw5sMpSuni1uRlJwHcujnw1oxQxzsKyqVLYFeOLe-Mydo6jV6LPfacMgYlGKQRksvJEk6H98UoJNrV8eOYEkJ_8beRnWzafjOnoYLvhO2ERcPvYUEnJxaJ3MJfObxKKRoPtwDlzVRkKmW05vnsAAAAA&date=1674487336328&auth=f304cea613aeac62e790725907367b26&vinst=t&rurl=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wd=1
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
x-pt
P=388
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-Central
content-length
85
x-served-by
cache-chi-kigq8000130-CHI
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 UTC
s
googleads.g.doubleclick.net/pagead/drt/ Frame A6D3
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2497
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 14:40:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A876
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 17:31:33 GMT
etag
48472445140208031
expires
Mon, 23 Jan 2023 17:31:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A315
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59e9c6f8d98afc820746f135c9fb9efcfd3d39432fb4bfad87b6e61d4869ac3c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 9AFB
35 B
363 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKsnrrEXXnM6fqQJcbNKTWg&google_cver=1&google_push=AavPq0Oo0FZRxp57ISVJIjIJ_jmKZRT6-ym7GJyvuh2lL4wIq6UJdo5Lo9D-5jKzt5ef6ZA_7UXnAzi7TCoQITV1NWiNY_Z5qeA0
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncAdX
rtb.adentifi.com/ Frame 9AFB
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEGVXDuTW5XLoztfky2OMvdk&google_cver=1&google_push=AavPq0OrDIOkJF8NONqpEao2UnUc9ZuyJVihO_BCQfJE1wAmwtSQ_349OuksiLsujuE6pB9ysIq2zCjX-it4-265XBctjRByFQo4
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.185.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-185-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
pixel
cm.g.doubleclick.net/ Frame 9AFB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJllfGXe0MqHJxSVfAwMJkc&google_cver=1&google_push=AavPq0POqgIe5zkQ9IgMDe4mYWTD5A7aMsXXI5bDsjR5rTt8JbdF9NHeBnBz92ib65kh2gKBayo48D_W9boQzcv...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GZRzl4UwQCNEuHuzO6M4yKdYB6I&google_push=AavPq0POqgIe5zkQ9IgMDe4mYWTD5A7aMsXXI5bDsjR5rTt8JbdF9NHeBnBz92ib65kh2gKBayo48D_W9boQzc...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GZRzl4UwQCNEuHuzO6M4yKdYB6I&google_push=AavPq0POqgIe5zkQ9IgMDe4mYWTD5A7aMsXXI5bDsjR5rTt8JbdF9NHeBnBz92ib65kh2gKBayo48D_W9boQzcvZlO0tyXIH9Ivr
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GZRzl4UwQCNEuHuzO6M4yKdYB6I&google_push=AavPq0POqgIe5zkQ9IgMDe4mYWTD5A7aMsXXI5bDsjR5rTt8JbdF9NHeBnBz92ib65kh2gKBayo48D_W9boQzcvZlO0tyXIH9Ivr
Date
Mon, 23 Jan 2023 15:22:17 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9AFB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDyHx4kk6w6NpaFa7L56UNA&google_cver=1&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0FHFMo1...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDyHx4kk6w6NpaFa7L56UNA&google_cver=1&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MkJmCvw4QEavtweEZMw4DQ&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MkJmCvw4QEavtweEZMw4DQ&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0FHFMo1ukPPQ
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MkJmCvw4QEavtweEZMw4DQ&google_push=AavPq0PQAGa-Y2Q0I7Ut2wqemq0okz55P-gpDQqhhunxwcbuMRRdo0Maky7dY-yInzFypAJ_BzZcitO4dpN8Z2e0FHFMo1ukPPQ
access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:17 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 9AFB
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOS3XNz899wHqL3qkjP2l0U&google_cver=1&google_push=AavPq0OZgGg76T14s7o6D90nu0eMvcTLqUmQ3bbwuMrw_sZjIsJDiCV9SNj2x4pDSSiwl58ELW3qtw332VhjjJpbrlvZFUe...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0OZgGg76T14s7o6D90nu0eMvcTLqUmQ3bbwuMrw_sZjIsJDiCV9SNj2x4pDSSiwl58ELW3qtw332VhjjJpbrlvZFUeDzeBI&google_hm=ODUxMzMzMjQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0OZgGg76T14s7o6D90nu0eMvcTLqUmQ3bbwuMrw_sZjIsJDiCV9SNj2x4pDSSiwl58ELW3qtw332VhjjJpbrlvZFUeDzeBI&google_hm=ODUxMzMzMjQxNDE1Mjc3MzYx
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AavPq0OZgGg76T14s7o6D90nu0eMvcTLqUmQ3bbwuMrw_sZjIsJDiCV9SNj2x4pDSSiwl58ELW3qtw332VhjjJpbrlvZFUeDzeBI&google_hm=ODUxMzMzMjQxNDE1Mjc3MzYx
Date
Mon, 23 Jan 2023 15:22:17 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9AFB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEH0LhlZNrN6g7EH8jF-_Kuk&google_cver=1&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRh...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEH0LhlZNrN6g7EH8jF-_Kuk&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRh...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRhahGU8Vhg1_H0TSWj2pu-iIUKg&google_hm=NUFmcjI5X3FkV3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRhahGU8Vhg1_H0TSWj2pu-iIUKg&google_hm=NUFmcjI5X3FkV3VXaDZLQVNZeDM=
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0Ouv0A0Po4oNlENZKD8sH6OFNuvcSAAr1grH37rCjFnXmZ-UmyHZLURum6KGh1E6ZdtVyjRhahGU8Vhg1_H0TSWj2pu-iIUKg&google_hm=NUFmcjI5X3FkV3VXaDZLQVNZeDM=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9AFB
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfUCwoa9...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIf...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
Date
Mon, 23 Jan 2023 15:22:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9AFB
0
49 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L66WsclZ_7m09YxqEQlZ8kEA9IfHnDZPfHdO4DwtErBwtRA5Q8b00eB-w2qqVAedw2oW51Y3iH
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2B1E
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe74ddb6869386297a0c534cd56484be87d35341921211bad08ccb8074ac7f32

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3402
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3402
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3402
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 18 Jan 2024 15:22:17 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3402
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 18 Jan 2024 15:22:17 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 3402
43 B
348 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=WhBDU9kO2USy2KR459vYYMf9hAMrVIH3jZj3ru5N_L-1bzSDmGTSq1nVta-xsxtcHaNFRw8RAljcbh2y3xfJTzcabZRuRKlrywx2mSHGRyxhrluumnpOnF17D7aCaP-HXwGHo-Vyy8rPJhl8k3gP8U-qWk6B0gQdg9a61WaBldCtTy12Q7CBJJvj2_gVI0q-iqcH0b3elgsi2Y8Vf2rcOoq55HyRjysAOeMPrZXTByzcLc3akURM6-trum1sCS1tnYVIR7yZXClUy-wcbvIcavkMAmWlW5c2XdJazLJE6u5O0PP_im424YFMlNmE7jMTYa8eXX-TCXhRmsYs851iKeCQs4um3u0y_6oxO2KE0VYzMRCPfU44lqrhWHXJHfRe-WDtE9GBJdMT9GykE9NYxwatksweBafjeo8bQdLk352Wsn1t
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3238537
expires
Mon, 26 Jul 1997 05:00:00 GMT
151
match.deepintent.com/usersync/ Frame 2851
0
222 B
Image
General
Full URL
https://match.deepintent.com/usersync/151
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 23 Jan 2023 15:22:16 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://b1sync.zemanta.com/usersync/emx/?puid=56831674487336491320b5&cb=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd57%26uid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=5Afr29_qdWuWh6KASYx3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZJRFZSW26DEM52C4Y3PNUXXA5LUH5SD2ZBVG4TGK6DDNBQW4Z3FHVSW26BGOVUWIPJVIFTHEMRZL5YWIV3VK5UDMS2BKNMXQMY
  • https://e1.emxdgt.com/put?d=d57&uid=5Afr29_qdWuWh6KASYx3
43 B
300 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d57&uid=5Afr29_qdWuWh6KASYx3
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://e1.emxdgt.com/put?d=d57&uid=5Afr29_qdWuWh6KASYx3
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
83
Expires
Thu, 01 Dec 1994 16:00:00 GMT
enginemx
tr.blismedia.com/v1/api/sync/ Frame 2851
0
172 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/enginemx
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=149&p=324&cp=emx&cu=1&url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd53%26uid%3D%40%40CRITEO_USERID%40%40
  • https://e1.emxdgt.com/put?d=d53&uid=e094fbfc-98bf-447b-9823-36915e8ebe8d
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d53&uid=e094fbfc-98bf-447b-9823-36915e8ebe8d
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://e1.emxdgt.com/put?d=d53&uid=e094fbfc-98bf-447b-9823-36915e8ebe8d
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1425547
content-length
0
expires
Mon, 23 Jan 2023 00:00:00 GMT
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1276
  • https://e1.emxdgt.com/put?d=d52&uid=1163824315312156669
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d52&uid=1163824315312156669
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://e1.emxdgt.com/put?d=d52&uid=1163824315312156669
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://emx-match.dotomi.com/match/bounce/current?networkId=46227&version=1&nuid=56831674487336491320b5
  • https://e1.emxdgt.com/put?d=d48&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573737&nuid=56831674487336491320b5
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d48&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573737&nuid=56831674487336491320b5
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://e1.emxdgt.com/put?d=d48&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573737&nuid=56831674487336491320b5
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=emx&cspid=19&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd46%26uid%3D%24%7BADELPHIC_CUID%7D
  • https://e1.emxdgt.com/put?d=d46&uid=1b20469e-74a0-4047-8826-1c3df17e1cb2
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d46&uid=1b20469e-74a0-4047-8826-1c3df17e1cb2
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
https://e1.emxdgt.com/put?d=d46&uid=1b20469e-74a0-4047-8826-1c3df17e1cb2
Date
Mon, 23 Jan 2023 15:22:17 GMT
Connection
keep-alive
X-CI-RTID
5935ac44-a0fc-4e90-83cf-721dddb0522a
Content-Length
99
Content-Type
text/html; charset=utf-8
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=114
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=114
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3Dd7b07b2f-...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&partner_url=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd38%26uid%3Dd7b...
  • https://e1.emxdgt.com/put?d=d38&uid=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d38&uid=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://e1.emxdgt.com/put?d=d38&uid=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 2851
43 B
192 B
Image
General
Full URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=emx
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.24.140 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.24.207.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=177&cm=56831674487336491320b5&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd34%26uid%3D{visitor_id}
  • https://e1.emxdgt.com/put?d=d34&uid=Y86mKQElmgIw2Q7XHrSOPRzp
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d34&uid=Y86mKQElmgIw2Q7XHrSOPRzp
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 23 Jan 2023 15:22:17 GMT
server
Aorta/20230117.cba244d5e
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://e1.emxdgt.com/put?d=d34&uid=Y86mKQElmgIw2Q7XHrSOPRzp
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
ed2483b485ca
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1522?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd32%26uid%3D%24%7BTM_USER_ID%7D
  • https://e1.emxdgt.com/put?d=d32&uid=Y86mKQABeG-JIQAb
43 B
87 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d32&uid=Y86mKQABeG-JIQAb
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

x-served-by
cache-chi-kigq8000099-CHI
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674487337.141256,VS0,VE0
x-cache
HIT
location
https://e1.emxdgt.com/put?d=d32&uid=Y86mKQABeG-JIQAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://sync.1rx.io/usersync2/emx
  • https://sync.1rx.io/usersync2/emx?zcc=1&cb=1674487337260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1528165120
  • https://sync.1rx.io/usersync/tradedesk/f105d891-05e9-4d32-aa2b-e9a4bfdd0784
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd31%26uid%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
  • https://e1.emxdgt.com/put?d=d31&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d31&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 23 Jan 2023 15:22:17 GMT
Server
Tengine
ETag
RXbeb24e83254d490da5d5fb76ab96f7e0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://e1.emxdgt.com/put?d=d31&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Content-Type
text/html
Connection
keep-alive
emx
match.prod.bidr.io/cookie-sync/ Frame 2851
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/emx
  • https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
20 B
20 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
HTTP/1.1
Server
18.214.96.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-96-241.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
2bc3d8cc5be5088cfc77b97d46ee5b3b65ffd906e4fb67bd82966fef4e738841
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=22&redir=https%3A%2F%2Fe1.emxdgt.com%2Fput%3Fd%3Dd25%26uid%3D%5Buser_id%5D
  • https://e1.emxdgt.com/put?d=d25&uid=a086ace933374a9eb30b13f087c64532
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d25&uid=a086ace933374a9eb30b13f087c64532
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://e1.emxdgt.com/put?d=d25&uid=a086ace933374a9eb30b13f087c64532
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=emxdigital
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=emxdigital&bsw_user_id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=emxdigital&bsw_user_id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=70bc7c92-7e4a-4877-be0e-b545f77053dc&ssp=emxdigital
  • https://e1.emxdgt.com/put?d=d21&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d21&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
//e1.emxdgt.com/put?d=d21&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=
Date
Mon, 23 Jan 2023 15:22:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://cms.quantserve.com/pixel/p-9zQtGV7AscK_-.gif?idmatch=0
  • https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=0PAcoIf1TfLL9Eny3vpS_NbwSfbL-0z11fB7H35H
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=0PAcoIf1TfLL9Eny3vpS_NbwSfbL-0z11fB7H35H
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://e1.emxdgt.com/put?gdpr=0&d=d20&uid=0PAcoIf1TfLL9Eny3vpS_NbwSfbL-0z11fB7H35H
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=emx
  • https://creativecdn.com/cm-notify?pi=emx&tc=1
  • https://e1.emxdgt.com/put?d=d19&uid=8oolc2dejhzYX9zHqr4C&pi=emx&tc=1
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d19&uid=8oolc2dejhzYX9zHqr4C&pi=emx&tc=1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://e1.emxdgt.com/put?d=d19&uid=8oolc2dejhzYX9zHqr4C&pi=emx&tc=1
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT, Mon, 23 Jan 2023 15:22:17 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://p.rfihub.com/cm?pub=35927&in=1
  • https://e1.emxdgt.com/put?d=d16&uid=851333241415277361
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d16&uid=851333241415277361
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
https://e1.emxdgt.com/put?d=d16&uid=851333241415277361
Date
Mon, 23 Jan 2023 15:22:17 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://ad.turn.com/r/cs?pid=51
  • https://e1.emxdgt.com/put?d=d15&uid=3567392977657129836
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d15&uid=3567392977657129836
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://e1.emxdgt.com/put?d=d15&uid=3567392977657129836
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
put
e1.emxdgt.com/ Frame 2851
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561594&ev=1&rurl=https://e1.emxdgt.com/put?d=d8&uid=%%VGUID%%
  • https://e1.emxdgt.com/put?d=d8&ev=1&uid=ocnaw3qIK5Iq&pid=561594
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d8&ev=1&uid=ocnaw3qIK5Iq&pid=561594
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://e1.emxdgt.com/put?d=d8&ev=1&uid=ocnaw3qIK5Iq&pid=561594
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1
/
e1.emxdgt.com/put/ Frame 2851
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=uk8nbff&ttd_tpi=1
  • https://e1.emxdgt.com/put/?uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
43 B
76 B
Image
General
Full URL
https://e1.emxdgt.com/put/?uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://e1.emxdgt.com/put/?uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&d=d5&brtid=testcookievalue&s=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
269
/
e1.emxdgt.com/put/ Frame 2851
Redirect Chain
  • https://ib.adnxs.com/getuid?https://e1.emxdgt.com/put/?uid=$UID&d=d1
  • https://e1.emxdgt.com/put/?uid=6733065173710718434&d=d1
43 B
74 B
Image
General
Full URL
https://e1.emxdgt.com/put/?uid=6733065173710718434&d=d1
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
H2
Server
18.214.193.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-193-123.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 23 Jan 2023 15:22:17 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c0f44ba2-3efe-4832-9534-3f54e982c6b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://e1.emxdgt.com/put/?uid=6733065173710718434&d=d1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2851
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=6733065173710718434brt56831674487336491320b5
Requested by
Host: e1.emxdgt.com
URL: https://e1.emxdgt.com/umcheck?&if=true&apnxid=6733065173710718434&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://e1.emxdgt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A4RT75KCNDY7XKJPGDYC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTg2bUtRQUJlRy1KSVFBYg==&google_gid=CAESEO1I_BukTLK_p25gD7oWxdQ&google_cver=1&google_push=Aa02lx8JjCTh28jSQF9YodyXtpLLzOpG89...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTg2bUtRQUJlRy1KSVFBYg==&google_gid=CAESEO1I_BukTLK_p25gD7oWxdQ&google_cver=1&google_push=Aa02lx8JjCTh28jSQF9YodyXtpLLzOpG891Lj7TRkpqNuTOnY_lH6FGal5oFmE9OntSHhJrQ4oRLN9kpiSnT31mimg8VucEB87Et6J8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-chi-kigq8000099-CHI
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674487337.147969,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTg2bUtRQUJlRy1KSVFBYg==&google_gid=CAESEO1I_BukTLK_p25gD7oWxdQ&google_cver=1&google_push=Aa02lx8JjCTh28jSQF9YodyXtpLLzOpG891Lj7TRkpqNuTOnY_lH6FGal5oFmE9OntSHhJrQ4oRLN9kpiSnT31mimg8VucEB87Et6J8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEP7yjFE3uhrCVxc9JrGD-mY&google_cver=1&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd...
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=63fbbc2a-72a4-4058-851c-af35c566bd25&ccid=63fbbc2a-72a4-4058-851c-af35c566bd25&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEP7yjFE3uhrCVxc9JrGD%2...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP7yjFE3uhrCVxc9JrGD-mY&google_cver=1&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ...
  • https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP7yjFE3uhrCVxc9JrGD-mY&google_cver=1&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg&google_hm=NjNmYmJjMmEt...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg&google_hm=NjNmYmJjMmEtNzJhNC00MDU4LTg1MWMtYWYzNWM1NjZiZDI1
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:18 GMT
x-frontend
cc-nginx-7558567dfb-gk8j4:cc-nginx-7558567dfb-gk8j4
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
3f8530ea-b1bf-4ce9-aabd-d541c0a0a449
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bw8aqcARndN6hh0fylI3OlM2p%2FoXMNanr3%2F8%2FlBT7y9dQg2yVK7oj6E3hcLHP8nONbuNbHIJLGDjts4MxzwjcsL1Z3z6ukNvQm9uMnMoDu%2FI4GvDpKYELeqQh66D9o35bHLXCWd7h6EAjY%2F%2FZLybDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx90WRJWXohUPYSG4ie8oeR_v7OUyyHqbiNq-lMElTjV6ahZ-X5AhEdZE8RCgexvi-6OdWmZvCPnMYAV_bUiM3XMSAd5zhCC-Bg&google_hm=NjNmYmJjMmEtNzJhNC00MDU4LTg1MWMtYWYzNWM1NjZiZDI1
cf-ray
78e18626acd5c520-ORD
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx_yviJigppG5wPvDh5UdxoORYQ4ICUDHiSMyDPAFHjyEh9xAJbsIpEe1fk_MUhEBUtTTsNqUqigKb...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx_yviJigppG5wPvDh5UdxoORYQ4ICUDHiSMyDPAFHjyEh9xAJbsIpEe1fk_MUhEBUtTTsNqUqigKb1MHJkYwyLAWHQ8474VssE&google_hm=57d67dd3-e58e-41f1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx_yviJigppG5wPvDh5UdxoORYQ4ICUDHiSMyDPAFHjyEh9xAJbsIpEe1fk_MUhEBUtTTsNqUqigKb1MHJkYwyLAWHQ8474VssE&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:17 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-136
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=Aa02lx_yviJigppG5wPvDh5UdxoORYQ4ICUDHiSMyDPAFHjyEh9xAJbsIpEe1fk_MUhEBUtTTsNqUqigKb1MHJkYwyLAWHQ8474VssE&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAYP81nK4zkoqs1yA17jULo&google_cver=1&google_push=Aa02lx8363D4_lRiJfTsqnxXToIjNnd395eDWXikWU1kpykjemdNcNpDVAMOCXyzm8pr0f2EsazHoiD6pxnZyHTE...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5f484d19&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=Aa02lx8363D4_lRiJfTsqnxXToIjNnd395eDWXikWU1kpykj...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5f484d19&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=Aa02lx8363D4_lRiJfTsqnxXToIjNnd395eDWXikWU1kpykjemdNcNpDVAMOCXyzm8pr0f2EsazHoiD6pxnZyHTEhFkDZDqvj_TaPg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5f484d19&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=Aa02lx8363D4_lRiJfTsqnxXToIjNnd395eDWXikWU1kpykjemdNcNpDVAMOCXyzm8pr0f2EsazHoiD6pxnZyHTEhFkDZDqvj_TaPg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
4R0fdjS6nU5ws2vGoEmxHzKwqTkFoYCP4OJkTJZGh0qVfw1RW_3pQw==
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFzzhd_WP-H3HvLU9VGOO74&google_cver=1&google_push=Aa02lx_qqeGKXFUxTgnZvuWEbMI4e3OO_PzQG1AssArR8tMOU876RtK38GJt8M-tkxn0XkCM-XAOmPPYVyif...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85EM79fu42uM_mOLQP8EYcFlXxJvTTqg&google_push=Aa02lx_qqeGKXFUxTgnZvuWEbMI4e3OO_PzQG1AssArR8tMOU876RtK38GJt8M-tkxn0XkCM-XAOmPPYVy...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85EM79fu42uM_mOLQP8EYcFlXxJvTTqg&google_push=Aa02lx_qqeGKXFUxTgnZvuWEbMI4e3OO_PzQG1AssArR8tMOU876RtK38GJt8M-tkxn0XkCM-XAOmPPYVyif2KXhx6oarPBBHfdfxnA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85EM79fu42uM_mOLQP8EYcFlXxJvTTqg&google_push=Aa02lx_qqeGKXFUxTgnZvuWEbMI4e3OO_PzQG1AssArR8tMOU876RtK38GJt8M-tkxn0XkCM-XAOmPPYVyif2KXhx6oarPBBHfdfxnA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEItyr5YczpqvQbuYo7IsksY&google_cver=1&google_push=Aa02lx8gFfeMalqGoejR9NbCvuQo3ubFUv9VCNioKgb_ql5HqPfg-srjXq5AdOy7ivVZtnlsIm7fxla4LMrxUQNjxC7yyIR...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEItyr5YczpqvQbuYo7IsksY&google_cver=1&google_push=Aa02lx8gFfeMalqGoejR9NbCvuQo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEItyr5YczpqvQbuYo7IsksY&google_cver=1&google_push=Aa02lx8gFfeMalqGoejR9NbCvuQo3ubFUv9VCNioKgb_ql5HqPfg-srjXq5AdOy7ivVZtnlsIm7fxla4LMrxUQNjxC7yyIRLVsfOJKU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Nzc0MGNhNDFjNzc1NGEyY2FmN2UzMzUxMzlmOTZlNzY%3D&UIDF=CAESEItyr5YczpqvQbuYo7IsksY&google_cver=1&google_push=Aa02lx8gFfeMalqGoejR9NbCvuQo3ubFUv9VCNioKgb_ql5HqPfg-srjXq5AdOy7ivVZtnlsIm7fxla4LMrxUQNjxC7yyIRLVsfOJKU
date
Mon, 23 Jan 2023 15:22:17 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEF0KI1hU0cAMRcnSi17GVmo&google_cver=1&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3Ncq...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohH...
  • https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL&google_nid=inm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL&google_nid=inmobi_new_eb
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:18 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=3N3kZUOk04svYWcAOqDE&google_push=Aa02lx-lzVyjvarmgL_KJwrWH_Q7y3bQESj4YrXjpcZh3NcqGZMat4RjdS19n5a-FI3SinSmDWjNcsXjnN3lVJM7tohHsQM6wid_JLfL&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
229
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame A876
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFThCMA8sU4EfAYOygV_YYpg54ODTyRet_p6hZZB4qf8wzSnv66Z6qy01DKubCE5MUg-0avA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame A6D3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:17 GMT
expires
Mon, 23 Jan 2023 15:22:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5833
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5833
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5833
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 18 Jan 2024 15:22:17 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5833
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 18 Jan 2024 15:22:17 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 5833
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=YYyFY9C9NyEN8JHRNsA4g7UDvFwGV8WhF7DclsPUUS0OSE-JCMTmsH59Iqbx_gxB2MLqc5gHg3l-KEcLpToDg18aGt907L0jDxfU-w-QFYtdWisY2ZPR8MbQI3IHfrDb8-BuOQwm4e8QginLrRgJbf_LPLGAYLKtqICeGTWCffDzw83rnKA66WEL59oluAv9G7Xe-fHqreKuG_xb0QL1exM3IUHLh5RPYeWOZ6GSr7Gttg_I1GeDaUzgpPjG8xz0rywruFayvFW-yuA8HCh-EZAxRhrRUc-gdBBz62OKmq_vbYe1c6oP1ThlN2MVoNLO2plBNJo83OoR3Cfr9SvYBJhqKr0xkeAvsH40cgt9wWhtTQXplae_qmDQCMF1vOCevvNDofQ-FMZs1zC75q0g-ZHRkbd0VLe2YwR4_tttcus-HukF
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3599761
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 3402
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
img
pix.us.criteo.net/img/ Frame 3402
23 KB
23 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?h=176&m=0&partner=95176&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F95176%2F220506%2Fe9b72aa2c0704332b31e4ae368aa6000_woody_buick.png&v=3&w=256&s=SJtccIv-cRSwiaQ7NCWvenjI
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
9a8999cf02ff66cbf643c11316d9ee24146e244a01351272fcb27e65e0fc6dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29859658
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23315
expires
Thu, 04 Jan 2024 05:43:16 GMT
img
pix.us.criteo.net/img/ Frame 3402
22 KB
23 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F93a03727b35843a7bba6f107cc72d314.jpg&v=3&w=400&s=EjE71fVrbZcQjD7WsHmtyZ4R&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
c9844e7ce45688f154c3e8e2d0dbdf55f9645b55d3df5ef9321e9f0b0f7a17d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28837405
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22784
expires
Sat, 23 Dec 2023 09:45:43 GMT
img
pix.us.criteo.net/img/ Frame 3402
21 KB
22 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F316548a9e2c44d999e27f208fcce7826.jpg&v=3&w=400&s=BXjzZe4p7VZmMwKY5O24yDnr&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
0eabaf8d54578cebdb01ec141a6604c4edc6203daea0d22366bfa502cafcfe3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28845506
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21984
expires
Sat, 23 Dec 2023 12:00:44 GMT
img
pix.us.criteo.net/img/ Frame 3402
21 KB
21 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fee43727c2bda4a9ab31aa4c87584302a.jpg&v=3&w=400&s=sqkLrQIYJWM6TlBawH2jxFzF&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
85ed30e3c582ca9a38c374f465dfcd068189d67e0ecc45e7ba0aa6e22364f820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31029958
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21206
expires
Wed, 17 Jan 2024 18:48:15 GMT
img
pix.us.criteo.net/img/ Frame 3402
20 KB
20 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F5efae181952a4efb91968b36df009d03.jpg&v=3&w=400&s=tQ8U8djtTF4ZhfV4WMR9uEvx&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2958fa9a25d53bd0517e811f24ba4ffcebd8b5dc9c3c66f4a1bbf3930f7a80b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28955681
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20694
expires
Sun, 24 Dec 2023 18:36:58 GMT
img
pix.us.criteo.net/img/ Frame 3402
21 KB
21 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fb9d8ed58ede245dd8b9bb295d6a68c4d.jpg&v=3&w=400&s=gHqRPYncVvlJ0xhpWwtpKVtW&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2c882bded16fceaa96978791f6a249e68733a879efc354cdf684b6e3f9d29be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29482640
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21096
expires
Sat, 30 Dec 2023 20:59:37 GMT
img
pix.us.criteo.net/img/ Frame 3402
20 KB
21 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F810172071e124a3d902c42fbcd9f6d3c.jpg&v=3&w=400&s=grN_iUpGbiDDZ29MA8vmpVHU&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
72c82e75b2236d4375339ae95e9b4814d872c23e72090249b4cc63096c107bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27719971
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20922
expires
Sun, 10 Dec 2023 11:21:48 GMT
all
csm.us.criteo.net/ Frame 3402
0
128 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=z0vzvOt5F5xFsYhrEPg36Yj9z6VnqYOAx91LNTeH1bNno8PYJhEzcmtHEuLT8D_uStBjfShCOsKA_f7m_iBuaNhBFMkiTL6CPODghYqnS5WqqssY-Sd_zzOdfd3ILVorBYtlUBgSav5jqmHpi9FkAHm8KaU-elDr9AQtJ6XZsNJxkkVE_SH7DM-a5RRR4uPefMA0MOxWu2pOomsxwEvfMYj5TGND0xQuu2Ojjs_8K8sOxlpUR1vguuPLTrMuK6D3tK2I7Q&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3402
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3402
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORmazR74uvz0a1Xdda%2FpRzVqODyYMl3qfnr21UXk7mZaTgM8KGLU0pVqPC%2BI4g3YNs1AUzeQr%2F9ISXZrpRs3oKKE8ZHoS3bPFVZ9jhWbevY1kODIJYqFaVlUKq0Tk3krglkvXEmB%2FMe1gch4REUk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186226925c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buRxY31aNI9khk7yV%2B6v0gKdLIAigr8I1UUKYNo5TpwsZMyCWNXmR0QBnJXwd6PkyJuzSLLCmQhQgBT9HmOZFLNEEcV8bU7wRiS887Huygv7HcCAWfFOu9F0iMez23zDdfNr7egb0T2ZSYKeQZXV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186226926c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 84E9
170 KB
51 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c659f3b7f36374f694dd7f4a862bae2b2c3a0d6718df90fb304b2b3ba2f21bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=fFcUxet5F5xFsYhrkZ2zb4MdEEdoL9QvVB2Ws71mV7A0M1-sow2uEBREA3qfcmay2pnsY15K58nKFd0Z5b67WTZd_OpyTMkr6h1x-f0DHYMledV1AhvMLsNM6Fv5IHv_7ieH8zmg5wm0J9TdeF8PrnuxBo4m5LWLkJGvmwSbAx8rqQ6ita_3q5h4CL7sA0HVjLmsbylNslEZI8lRdV86DAudcy0Nw8_lLGWsJCo8TFgh-SIvugRSVJq4Tt2Tj4LA58_3iisGxrQGon05"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
138415873
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame EBD5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
5683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D0D9
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 17:31:33 GMT
etag
48472445140208031
expires
Mon, 23 Jan 2023 17:31:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame EBD5
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 13:47:33 GMT
l
www.google.com/ads/measurement/ Frame EBD5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqM72xuOs_sWJ3ZuRfcteeOZccdcRQ-qdwgrnxljFLqwC4lnDV4mavHyv0TFodbDTRzh5KLLr2OTqiDyPPQchrt6vgMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBD5
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFnhLB1kDIF28YfVhCcsSVyjO3wL8tONcW2B9r8Vs%2BrWihlkAGT62bbbN3R%2BcvMhnxP%2FPKEGIRw6kp%2FUSeMAJjEIP9zqeRJ7ERW%2BDs4S9XR2yFHN5Re6flTYJMHCK%2B1t5YZ5MRKSjxJp7Bi38INg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186234a11c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
3 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=VjsHAofUySR.8srXJQJ._RfSTsqEslxC5nn9srXfj24-1674487337-0-AcV29u8DuASZbsi0jl7JjulzH0-dm0E3ZSGd40QXKpo-OtlGy3ElWe81GB2GyvpkS_gfncetPtOSHbB-WmYA2uIqwOcUO8msJCbziKzmXKFy; report-to cf-csp-endpoint
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57vGR%2FU90EnnjcTFEVuRrHZNKvELIT4lqZP5e9X7fFQvsjtNJRP4iH2D6Bxhad5vSYpsRxtFl93UZQEf8PFTlr51WcsZQNWDt%2FK0OUU4NqerLK%2FF%2BMFw82I25hqNJyrnT5%2Bk91lX6qQhbAyQbB87"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=VjsHAofUySR.8srXJQJ._RfSTsqEslxC5nn9srXfj24-1674487337-0-AcV29u8DuASZbsi0jl7JjulzH0-dm0E3ZSGd40QXKpo-OtlGy3ElWe81GB2GyvpkS_gfncetPtOSHbB-WmYA2uIqwOcUO8msJCbziKzmXKFy"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186234a12c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=1380390476623251&bg=!OjmlOX3NAAYDMoyoIzI7ACkAdvg8WgzKnsARgDhg6sE97pnx8m1QP16iW2gZJHCAB3LMuVFCIdi_ZAIAAACQUgAAAANoAQcKAKHDW_1LJxKHbqF0imzg1TXWTouHTbXHO5fB_G8gUEJxdDBPmh3TItJ6ozV97Vct1v0YOYvb1mp9sVk4wxx5iPZfUyK3AEHhXSqEpGwah7WHeEmwXOTRG3R8sweCAowJAv1Kg4r9eh-6B65uigUoxn_mAmOYnMQnRq64UNmVPjK3-WA_T81uZ9el1trcjiSBB5h6jBEa_NIYuycb5_jkhxc2LZkCn6jOa0bFFkmdh2AJo6HAGzzGlmyFMr7uWKXeVVNuSA889pn1VfYXP5g36GHTpB01Bl2H-CbjuwnM3Pn9g2YtoWlXN24BHbi7JlqdPLGGlPvuqY8B8kBMBMNhYD8FcIyLmph2SwuF86Nl0pnYl7ojfWkDjJP2fo6m1AwHYE1UqRLRMkqKBydjDfyo3B72N_O-u6m3R2olwVaurAClsNdh7W1I5kqKoXQRw88WER3AMjkzwNRMJNUYqqd8ZmPUDw0d4nYSWUm-Pq49chlakbIGjb72dMZycBW9M_AYekhKZMbP4reXS241wp_j0px3IcGG2yiRKmOXEhjZ26g7qiMSuoyss6_iQwc_6ZoqwnxELXmaVsQzeV-ZXosnKXrK39EifswHbpFF8DyUp1GMpe0SibOvn8YUUNLhCFZyjfnupxWybPD8BONJ_4jts_8ON7BkoFRtGBtk9juW_I6OYbkgm0m0t4UcRFBrQNtakDZFsqi1BhRgca9rV2N6nZbFhTPyS6Z0SFqeMOzRDMKCSIQPIx1LXJf-qaX-WoN5POriE9gdSO22a3Xvd2elfMTK1QfU_LrQ0bLN-6Yjase0_UvUyreFpAtpfD0fd59WFVdMRf-DDVezT6m88vlIyBc418tT1boqX07n8Qz_4Aehj3TTnJY-Sneh8yRSE6g2e5awUZoks1bgbGfjygjN5YJye6yR0dC4YejZrp4JFEl7EbRi91cXmqjtcDlKjGxUuxX0sA188Wcz3F_BAQFfusyhlaIWrC-i_5OOU_kNjKU144w-LauMJ7RxWCk55qnZHcXhRYm9Wwkrek9EU-sySxTkhut2RuOeLgiftAD-7lBuRRLNwWIolVkqQkSZAza2Mxd_poxSg3WmtlXacTdPaYK5ldVB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

animejs.js
static.criteo.net/animejs/ Frame 5833
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
img
pix.us.criteo.net/img/ Frame 5833
21 KB
21 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fb9d8ed58ede245dd8b9bb295d6a68c4d.jpg&v=3&w=400&s=gHqRPYncVvlJ0xhpWwtpKVtW&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2c882bded16fceaa96978791f6a249e68733a879efc354cdf684b6e3f9d29be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29482640
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21096
expires
Sat, 30 Dec 2023 20:59:37 GMT
img
pix.us.criteo.net/img/ Frame 5833
20 KB
20 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F5efae181952a4efb91968b36df009d03.jpg&v=3&w=400&s=tQ8U8djtTF4ZhfV4WMR9uEvx&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2958fa9a25d53bd0517e811f24ba4ffcebd8b5dc9c3c66f4a1bbf3930f7a80b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28955681
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20694
expires
Sun, 24 Dec 2023 18:36:58 GMT
img
pix.us.criteo.net/img/ Frame 5833
13 KB
13 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=95176&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F95176%2F220506%2Fe9b72aa2c0704332b31e4ae368aa6000_woody_buick.png&v=3&w=596&s=bsc8YMQoCas5iMGRcrm_CwgI
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
964f70dc94b7ebde3a80c76d64d7bb0f8ec216e8ee23bdc88856008ee2066bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29859658
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13200
expires
Thu, 04 Jan 2024 05:43:16 GMT
img
pix.us.criteo.net/img/ Frame 5833
21 KB
21 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fc4706e4abb864b72a6cd2a702bdbf220.jpg&v=3&w=400&s=NuYtpiFrSDbSkbijaK1-LTAP&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
c2e159e1f9639d7fd30bd5955e5574291b4c34197c7f59fbab94cf5fee12f4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30791628
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21516
expires
Mon, 15 Jan 2024 00:36:05 GMT
img
pix.us.criteo.net/img/ Frame 5833
21 KB
22 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F1a3c8e52c18b412d8c0c19f2e952412c.jpg&v=3&w=400&s=DRBqlfRk9UoIewL2rYDYOH0W&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
36bfb77d9936f8b91c5fef48dfc82f26fb04fddc3d692d63ce7de692db9d7dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30079632
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21750
expires
Sat, 06 Jan 2024 18:49:29 GMT
img
pix.us.criteo.net/img/ Frame 5833
20 KB
20 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F312adc89c8484da9beb61c6c34940d3d.jpg&v=3&w=400&s=zHQSYqcvZ7ogFv4PmwgBAC45&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
397c3eabdcb77405f8f0e43ecfa1737cbc1e88edec7efd88c35b53288ceb7bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30079992
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20272
expires
Sat, 06 Jan 2024 18:55:29 GMT
img
pix.us.criteo.net/img/ Frame 5833
20 KB
20 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F70e728dde1b74784bf64866f78c27442.jpg&v=3&w=400&s=NutEJJnCMfjvlRwdhqkxEw18&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
d83c385e4d351544a5da39bdd13660d637369e55307e5ef72ad065f076849d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30598946
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20084
expires
Fri, 12 Jan 2024 19:04:43 GMT
all
csm.us.criteo.net/ Frame 5833
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=QSUpnut5F5xFsYhrJX7UVgOijSiaCgOqUzE5lnpcyp_J1Vf_I-WUVrq7QTtgoOB8uspbR14ovbn3mg9zBsCOoWf2kcid6fS_JSboUmksT13A69qJtqLgecomD9C_e13zozb-k48lgflAONSj8pf5UaU9VkRMGL19cp952fSenS2I-waoCDHSG91YshhDlpsS-GSghNCX-QxV8xq6Mxh7GPtMqgCm3rYL1bqtpsrOgspzeyzZYf-KU_KD3CY-fk3-hhRWJcU8r1JrcA1N&sds=2&rev=84230&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5833
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5833
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 38A2
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1674476095&rafmt=12&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335798&bpp=1&bdt=1696&idt=302&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=0OQ1easiWY&p=https%3A//thehackernews.com&dtd=309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 15:16:57 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc%2Fz2ey6KqVqVgbmxzIn5E9M3QOcWAk374wZW7CDEH2FgIqa2i3cAOdl2b7hNwsMskbB7xVJlJqHI2oAJ0rZ%2BYKUmX50tUK2ivXuxilvcb0YGTdwrzZUrGz%2BsXsOY7kMURCTKKvbIKzMAMIT25IX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18623faacc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLpqjOdgd63EkfIFCyTRyGuFGJbcKPhof1qIxqvOt3u%2B%2Bz5qsEwGXwIhiy0hPTOHi7Lasr%2FJiqAP%2F7wKWpMzE1ucgD8AV4fm1V5hdLjtXLXIN7wfUlVobbin%2FT8DIKNblGlFySSxzCxkahJ45FcH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18623faaec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
img
pix.us.criteo.net/img/ Frame 3402
20 KB
20 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F5efae181952a4efb91968b36df009d03.jpg&v=3&w=400&s=tQ8U8djtTF4ZhfV4WMR9uEvx&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2958fa9a25d53bd0517e811f24ba4ffcebd8b5dc9c3c66f4a1bbf3930f7a80b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28955681
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20694
expires
Sun, 24 Dec 2023 18:36:58 GMT
img
pix.us.criteo.net/img/ Frame 3402
21 KB
21 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fb9d8ed58ede245dd8b9bb295d6a68c4d.jpg&v=3&w=400&s=gHqRPYncVvlJ0xhpWwtpKVtW&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2c882bded16fceaa96978791f6a249e68733a879efc354cdf684b6e3f9d29be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29482640
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21096
expires
Sat, 30 Dec 2023 20:59:37 GMT
pd
us-u.openx.net/w/1.0/ Frame C8A3
1 KB
974 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
209d3e9bf535065111a7578eb5d4790d16fb38d2758456cb22a02df5df8fde04

Request headers

Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
655
content-type
text/html
date
Mon, 23 Jan 2023 15:22:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D68C
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 17:31:33 GMT
etag
48472445140208031
expires
Mon, 23 Jan 2023 17:31:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F5B8
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
995d2fd8b7cce3356118cb1757678ad7dd49f4b63d93260c799bb307e310d158

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEET0xe3zIf7NToy37BmBwWE&google_cver=1&google_push=Aa02lx9Gv9KsgBvgES3I1paOz0F3wSHY8Eag0Y9Ip22rRNjZEL8zMagoDv...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx9Gv9KsgBvgES3I1paOz0F3wSHY8Eag0Y9Ip22rRNjZEL8zMagoDvOvpA-gbpijB7NL-F9xttSp6O0Gfve4Mr_tKEMqRN0y&google_hm=5BcKv9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx9Gv9KsgBvgES3I1paOz0F3wSHY8Eag0Y9Ip22rRNjZEL8zMagoDvOvpA-gbpijB7NL-F9xttSp6O0Gfve4Mr_tKEMqRN0y&google_hm=5BcKv9VMaU2UE9DupGb5-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aa02lx9Gv9KsgBvgES3I1paOz0F3wSHY8Eag0Y9Ip22rRNjZEL8zMagoDvOvpA-gbpijB7NL-F9xttSp6O0Gfve4Mr_tKEMqRN0y&google_hm=5BcKv9VMaU2UE9DupGb5-Q
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEKMhTlTpfSU_K3D2S6_NTIQ&google_cver=1&google_push=Aa02lx_ppKyRSpZOxf8FgJVc_fZPqElSogKmEJBffaR-O-Y_1eGH0cBPSB9ytdQOTq1iokyT0RHeQgN7L...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=Aa02lx_ppKyRSpZOxf8FgJVc_fZPqElSogKmEJBffaR-O-Y_1eGH0cBPSB9ytdQOTq1iokyT0RHeQgN7L9d_TGVuXPwX0dtT0FA&google_hm=MTA1OTgwOTU4MjY...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=Aa02lx_ppKyRSpZOxf8FgJVc_fZPqElSogKmEJBffaR-O-Y_1eGH0cBPSB9ytdQOTq1iokyT0RHeQgN7L9d_TGVuXPwX0dtT0FA&google_hm=MTA1OTgwOTU4MjY5NTc5NDgwMzU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=Aa02lx_ppKyRSpZOxf8FgJVc_fZPqElSogKmEJBffaR-O-Y_1eGH0cBPSB9ytdQOTq1iokyT0RHeQgN7L9d_TGVuXPwX0dtT0FA&google_hm=MTA1OTgwOTU4MjY5NTc5NDgwMzU
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEAznM0PCSgQwEaAEPgdkzJU&google_cver=1&google_push=Aa02lx_zZZqM2Rw5WLkSD_cX68qABeV85OQ2Lb0Hgj5YaesM3F-u2jg20MpX9e8Lcp12bBY_Ufg_6X1an6iF2Gvq75PhhQyH1lya
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx_zZZqM2Rw5WLkSD_cX68qABeV85OQ2Lb0Hgj5YaesM3F-u2jg20MpX9e8Lcp12bBY_Ufg_6X1an6iF2Gvq75PhhQyH1lya&google_hm=3CS64jPOxz8Q4RqusEUgaQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx_zZZqM2Rw5WLkSD_cX68qABeV85OQ2Lb0Hgj5YaesM3F-u2jg20MpX9e8Lcp12bBY_Ufg_6X1an6iF2Gvq75PhhQyH1lya&google_hm=3CS64jPOxz8Q4RqusEUgaQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx_zZZqM2Rw5WLkSD_cX68qABeV85OQ2Lb0Hgj5YaesM3F-u2jg20MpX9e8Lcp12bBY_Ufg_6X1an6iF2Gvq75PhhQyH1lya&google_hm=3CS64jPOxz8Q4RqusEUgaQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
695d4kataqoasd6ohqf3eg259oa83ff6
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I-eMr-qNQhaqkomIMGRJeg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I-eMr-qNQhaqkomIMGRJeg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_ek62MhmqU9z7YvqEK8AzzNphmUq87U5o5jsmV55qvY3bNZzAi7mW2s5FcnVP_NgkwclFRyOBcI5-N8nJ7Cj41AdgTO5U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I-eMr-qNQhaqkomIMGRJeg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_ek62MhmqU9z7YvqEK8AzzNphmUq87U5o5jsmV55qvY3bNZzAi7mW2s5FcnVP_NgkwclFRyOBcI5-N8nJ7Cj41AdgTO5U
date
Mon, 23 Jan 2023 15:22:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENWxHU_Dn7L6SX8WNWb5-_E&google_cver=1&google_push=Aa02lx_TqSE3L55w-MU-I9PV2COQITvg2VSttAtVHjkC-oV1ksCz7NRvdFHXRyy1_fE-rj7vXMw...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx_TqSE3L55w-MU-I9PV2COQITvg2VSttAtVHjkC-oV1ksCz7NRvdFHXRyy1_fE-rj7vXMwQh3aDhPlzqayrrg_t-h3Xrv8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx_TqSE3L55w-MU-I9PV2COQITvg2VSttAtVHjkC-oV1ksCz7NRvdFHXRyy1_fE-rj7vXMwQh3aDhPlzqayrrg_t-h3Xrv8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC&google_push=Aa02lx_TqSE3L55w-MU-I9PV2COQITvg2VSttAtVHjkC-oV1ksCz7NRvdFHXRyy1_fE-rj7vXMwQh3aDhPlzqayrrg_t-h3Xrv8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_hm=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB&google_nid=index&google_push=Aa02lx9prPfWaZwaKTc8gq5Z6L_MP4GDJM0X8...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_hm=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB&google_nid=index&google_push=Aa02lx9prPfWaZwaKTc8gq5Z6L_MP4GDJM0X88GKZwpjEOtflN4E1QxyNLtAH0t07U6mvqUrVTI1nGvqL_jMvufnalO0PKpJkRu6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJr%2FNRmDLF%2FqyQqPWoOeI7B1XgwYxpu9GRKKT0lQdzry0oVqwTghhlom4Yj1Zez8Ic0eBDIuQ0o%2B0mToiiaESjBl%2FjP5Atrhux0BTsd%2B4EVaiAmD1%2B8B6V2KlUt7r8nAo0itkjugKOVqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_hm=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB&google_nid=index&google_push=Aa02lx9prPfWaZwaKTc8gq5Z6L_MP4GDJM0X88GKZwpjEOtflN4E1QxyNLtAH0t07U6mvqUrVTI1nGvqL_jMvufnalO0PKpJkRu6
cache-control
no-cache
cf-ray
78e18624cc2022f4-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame D0D9
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESELN0QXvsEtKRobfPff7tTM0&google_cver=1&google_push=Aa02lx9e1BSkHD5HtEd9vNKlmi98Surm7L_k9czKEJzKRcP0g1a7y0yv5m3LCfsnkGJhgVKC4bjFw3_rB6m981-gZGE7rn80ZqlB
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9e1BSkHD5HtEd9vNKlmi98Surm7L_k9czKEJzKRcP0g1a7y0yv5m3LCfsnkGJhgVKC4bjFw3_rB6m981-gZGE7rn80ZqlB&google_hm=c0224675c33c469137e...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9e1BSkHD5HtEd9vNKlmi98Surm7L_k9czKEJzKRcP0g1a7y0yv5m3LCfsnkGJhgVKC4bjFw3_rB6m981-gZGE7rn80ZqlB&google_hm=c0224675c33c469137e06bfad8ed225c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx9e1BSkHD5HtEd9vNKlmi98Surm7L_k9czKEJzKRcP0g1a7y0yv5m3LCfsnkGJhgVKC4bjFw3_rB6m981-gZGE7rn80ZqlB&google_hm=c0224675c33c469137e06bfad8ed225c
date
Mon, 23 Jan 2023 15:22:17 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame D0D9
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jszn1mpLu2TvpsYQY9EXEVF70wleYI2PjOQKhTcaomSriLm_Wh4eK7NyzXFp8u084j-MB4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=250&slotname=1415611493&adk=1676811181&adf=4216199421&pi=t.ma~as.1415611493&w=300&lmt=1674476095&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335797&bpp=1&bdt=1695&idt=257&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=NbWI6bSLDD&p=https%3A//thehackernews.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img
pix.us.criteo.net/img/ Frame 5833
20 KB
20 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F5efae181952a4efb91968b36df009d03.jpg&v=3&w=400&s=tQ8U8djtTF4ZhfV4WMR9uEvx&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAACiYMKs6ASAAn9uHuXRxJ5dT6KpPCvYQ&u=%7Co2PFedGbrKmk6onNFK4snHNNl%2Fkj6OeVdu7FICjIEQ0%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBYi2lmu1OFyD7ujtByzO3NzGNZzQUi7mzLDSzHbr7FiL5GhNem0ZcZFp_05x2mI6D4yIJPsjbkKKeqvrl5XPrDWsLVphAKLK8N1WbYKUTRDlfwPOz__2AqHpsGALfGFlogqOHi9Fypb1CG_d5YlQvw4SrWhSe619HXCX4yVyYj7O0xDoG0c1xwpBCQoKpq_ym_Zh0oShpFho7NygY7LIqHKtE6g8-cyLlEvEWCGV_H4SrgWUPHAGh3tSF8pGqAV_A1NCuJ6ojUHL1ddolxParkguYp4MCaCHfJLT0RfjrxHAtnJk65xb-ntxE8QkvmpUgpwR2qFZ4A8nDb_UQWbo3dj6KexzvhjiwFzSGWSJtjPbXT0RNsFzxM6nwagC-yn-2mN3OG31j6RUYkpXuU8ktue3Tn5EO-brOhAl7oPWD8O6NUf0aFR3D5PhcuNxZAHeXNy6oWM3yK6Kf6byy39J8tBbApJfcl2qiAcQBuElZAAw9B6mjJNqBTGwIOcBWst5BRtV1G07faHml1mWuq-WieaY_0jjeQsCb6VPwV5r24Tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDefuKKbOY4OTCpLAzgW4-6egBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJ4AIAqAMBqgSrAk_QlEesxSHEykpuuRRjreG4HfHKHiKajIiBT2kH2yUPBfgfFI6tWV-1Vucuuexob5Bbnj6qeFOvUkzjo9iOsIDAu2Iq6Sp12B7YiniEyalh10AGSNw-aC2rS6NtFtKOqQndWladTUa_ADdZkES7RaFstiOPAPd1YmNyO9orioJel67rMnD_UDQ0P2yDJPXd0KDGh5kg-A7Px2in9O1-5A0qrJ6fJp0P2OlBDWFUHE4VlJ5gugFpsB2dYJELTwf3C948P8186xn-4KYZszyKUZHJus4-K3_avaCrnmv4DwCL63ZmkaKH-HnDvFg399TV_YTKNqJFnNqGYR-oR1QdQd6f-WdhmhN_Cw9hBBsFKXRE9tZwz43AOaqvQJJiPTWjG_ujgbY6fhEB7x444AQBgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjX6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ImaC_2wlUMInVlDe-gK6PPRejPQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
2958fa9a25d53bd0517e811f24ba4ffcebd8b5dc9c3c66f4a1bbf3930f7a80b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28955681
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20694
expires
Sun, 24 Dec 2023 18:36:58 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaAO1M%2F5f43gA%2BI34UiYfD6yGbwdoLbWMUx50Ct%2B2FcH%2BpBNgKUtCOoHoJNQerzA7%2B1ut4lB%2FBRvBX4iLR9nVx7%2BNWkSHJOh9QXPKXE58Lx9qBgIrRuiR0ZOGJktRYDWH90KvZubtTsoe8ZXRaCn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186248b37c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtUjUQWvJvWb7SSp5WMDh0hMGxv7JkWGKP9kcL5Moz5W0Qr%2BFG4rVlGS06oM9djLApWTzwUNJGcS8DmlEWgaKlhmXzttpbd3vl8fH3d6YkVtIrYv3zGJWv6GVGHq9P2PF2izISIJRkWRXiDS465N"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186248b3ac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame C8A3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2db6b357-4222-4458-a5b2-9713f4ffeeba
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2db6b357-4222-4458-a5b2-9713f4ffeeba&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2db6b357-4222-4458-a5b2-9713f4ffeeba&verify=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2db6b357-4222-4458-a5b2-9713f4ffeeba&verify=true
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame C8A3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=56b44fb8-570f-4871-a9ec-d6ea5ac77b0b
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56b44fb8-570f-4871-a9ec-d6ea5ac77b0b
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56b44fb8-570f-4871-a9ec-d6ea5ac77b0b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56b44fb8-570f-4871-a9ec-d6ea5ac77b0b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame C8A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6733065173710718434
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6733065173710718434
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 23 Jan 2023 15:22:17 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1454fafc-ce75-4bec-a9c3-9e519921aa61
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C8A3
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=5ba44ca3-86e2-c5eb-369b-d48e0b6fd133
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
52HSNAD602DTTEK7X8WK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C8A3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3567392977657129836&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame C8A3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y86mKQABeG-JIQAb
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y86mKQABeG-JIQAb
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-chi-kigq8000099-CHI
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674487338.772483,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y86mKQABeG-JIQAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
97b5569a-0ae4-ec58-c742-40ec9c0bd79a
pr-bh.ybp.yahoo.com/sync/openx/ Frame C8A3
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/97b5569a-0ae4-ec58-c742-40ec9c0bd79a?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:cf76:255b:115b:e80f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame C8A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=037230de-9a48-7e11-f695-5619635c1ad3&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=037230de-9a48-7e11-f695-5619635c1ad3&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=037230de-9a48-7e11-f695-5619635c1ad3&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=037230de-9a48-7e11-f695-5619635c1ad3&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame C8A3
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmYxZGUzMTQtNTMzZi0yMGI1LWUzNzUtMGNhMGE5YmVkNGIz
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C8A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHH-feWajy-MVtleo6ZxSZM&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHH-feWajy-MVtleo6ZxSZM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHH-feWajy-MVtleo6ZxSZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 84E9
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 84E9
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 84E9
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 18 Jan 2024 15:22:17 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 84E9
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 18 Jan 2024 15:22:17 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 84E9
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=UBEgph8HGCEyXi_1zoW-eDUhWBo2ER522uzsq-Ok9xECyrbt7y5Y54UlNr9IzGivlgsVnOpBCb_nEHn5HKI-oQH_0JRRsGj2hNzujyf9-tmxFTbMME-LSl-JzY2vGYhStbw-zwf4V-KKfQdsRFKvT43OGTWrMvACxJS4n3ik_I1lCG06-kipfe_SU5xTFxnjD0aT_01H1Z863EwcLVw-EEI-khnW-dOBebrB-XfnlkEjJY05cnVqXALTa-soxE3fc0dbToKgFC0bFZHmhECIQCF2iHI_k_aqyG5C17E4sOmMMrwVasYTPlkEWnRyBTsedt9zg0su7gfMz_5X6mw-T0OaHVUnRKHRnFtwwop3zFMbkZDhGGftMQzs0X7vaJhv1bTPB6YGFZHofboqan7cE2jm4wws66YKR2vZTB3rHd3JY0U0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5807743
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame EBD5
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eecf1ab48955d038171e70bcb1d70aa43af9e43094d1a814dae8bc3494d0acbb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
displayproxy-20201012.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame C875
17 KB
6 KB
Script
General
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=25281410-33e2-4100-8b97-320e2caf2f9d.1
Requested by
Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Kxj2ilefT2dP544VKFNQ&site_id=8ewbVYJkT5p8wTZLu1GV&rand=1399263213929798958&tm_auction_id=25281410-33e2-4100-8b97-320e2caf2f9d.1&didtype=UNK&bi=B09mKVSJl9QnEef-8_YrtxmEbcfemKH41fVzjtMzRxb7eFVYJ7XG1YetS010o4gMnb-nxDbOH_-iwbw1KHwZxlHv1CovQzDHOBpotsziRJAmRkKXaZclHxfxobfvr3U9ANhXuYL7KA9I4Yxu78E5x1sknJ8wYzuTYbrZ-rcfP5kVOOHKyLHeN-HwfPOlLMMFILcJoSQVaUy0ypNR05uBLYofs5VKnQWc62dBpZt8nfowMU&page_url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&seller_id=540948327&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.74+Safari%2F537.36&q=H4sIAAAAAAAAAGWRO0_bUBSAsU2aElUqjVKpikTlMtCAaufavn4EKrV5ESDkQW2emx_X5BLHNjeGhI6IoWKoKoYODF0qdaBSh478iu6oU6d2qBADA0PVFNqpZzg6OtJ3dM53RsZasPb009mv-29rry7Th7HEVLQXIn4zCDY9ZIa4y9tBJ2thx0GEzzs6IruIvEDbO6gbJc-GH1x8i42nqv0tEXvINUSnKUO4Up2tL2X2T95RYqrXi5w2UZxKswgkYhZKDcvX3n__-vFuIbWnGAulWXtjq9BZajWjsrW6To6obi14iT3PzMo8YDOr2HeCXpetG6wAeDDDDhoKnGH7Cpxk82HooVVkVXGUlSWVlxQ2U50zaotPWA-3EVtBdjuYZIstEnRQVgA5HvAyFCCvQlY3XZPgv9gxxQo2tFwFCI7i2o6MgCVKQHUUybIANE2onlIToixqAhQAJ0lI5AYF4DQrp3KSCJBom67o5hxe-EFptw_ejCVTGupZK-sLbUMOtZ6xsbgjVFbS96IWapl2GxEf9a7lskxu6DrOn11QIzIEOahJonpFpXBZczobVU2H23ljSwequ13Zp0dR1Aq6QOFCEjjcrqkc0aMksribH3EuJt3ohB7u4gh9puM7ftsPev4FnUn8ByZv3TDjdyQecHo939TnGsYVHU_EUD_0yD5TTsSCEPn90S-vp9LMsl4a_5Mm_-07zeBOWHg4O9Bb7keDk0yvSbCNiiGuYZsEjQG71hw5ZIaOmZtBp0wmQS_rSXp-Mc0oQJyKDZRrshivlBvFRqk8Ha_l12rz9dJz6tH6-cTB8eMPP38DUKS1WKQCAAA*&click_url=https%3A%2F%2Fgoogle-bidout-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAaccGAprZk0yVTZZdnlsHBbB6r2ilaDG4JoBFqfsx43O8uqX4wEAHBbtwt2b1O6uipoBFrein4qplPeYsQEAFtCY9bwMFQYALBwVAgAcFQIAHBUCAAAcJu7n8oMEFQQVBCbs5_KDBBbO3fGDBCUCFQKmsgUWsgUWsgUWFBYUFhQWFBbkCgAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABb29qGABBasv7qABBbGqdmGBBbEqdmGBBUYHBT0AxTYBAAVBCbkChbkChbkChE1DibkCgAsLBaAhJK-hoSKqEoWxcGGtbr85ujoAQAW0Jj1vAwGKPb2oYAEFqy_uoAEFsSp2YYEFsap2YYEGAo0MTE4MjQ2NTYzFq6hARbkCiUEFrIFGAY0NjA5MjMVApa6iokDEREYAk9YDHoUJBQkACgDcnRiANwbAogYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQlnb29nbGVfb2IArDgSdGhvbXNvbnJldXRlcnMuY29tAAAA%26r%3D&uoo=0&tm_os_group=windows&tm_device_group=unknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/066B) /
Resource Hash
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 21:43:55 GMT
server
ECAcc (cha/066B)
age
57966
etag
"261452876"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
5891
expires
Tue, 24 Jan 2023 15:22:17 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWucvIWGfdLanvvwuC3n5z%2B%2BVC5Kc5hOThYUM1DKMrdh7XZShmmHuTg22wEv%2ByvOiRTmSY9lTVOegK%2FcgXt3Q6ygnTMeVxvWJ4RPmfpOyy%2BycRCXE48FbM27w1patEeD7bCZaGkeT2S6q64zDuce"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186256c4ac514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
pixel
cm.g.doubleclick.net/ Frame D68C
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKsnrrEXXnM6fqQJcbNKTWg&google_cver=1&google_push=AavPq0P6fdhSOA4eXFOl4V-GfdCwOobkAGCOq7XCfXcRS6HPYfUPJoumd-...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AavPq0P6fdhSOA4eXFOl4V-GfdCwOobkAGCOq7XCfXcRS6HPYfUPJoumd-A36VWv0IFwQWL4BeIZQHJ3FK-ANXE8GKPHmrmhvaXl&google_hm=5BcKv9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AavPq0P6fdhSOA4eXFOl4V-GfdCwOobkAGCOq7XCfXcRS6HPYfUPJoumd-A36VWv0IFwQWL4BeIZQHJ3FK-ANXE8GKPHmrmhvaXl&google_hm=5BcKv9VMaU2UE9DupGb5-Q
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AavPq0P6fdhSOA4eXFOl4V-GfdCwOobkAGCOq7XCfXcRS6HPYfUPJoumd-A36VWv0IFwQWL4BeIZQHJ3FK-ANXE8GKPHmrmhvaXl&google_hm=5BcKv9VMaU2UE9DupGb5-Q
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D68C
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELC38NxMV2kxKFevVi-T4Pg&google_cver=1&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESELC38NxMV2kxKFevVi-T4Pg&google_cver=1&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0H5xiIlY0l46BgWyl_uqdgtKw5h6evSLK1PL9RdsNbVqO9q0Kwo&google_hm=MDYwMzAwMDFfN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0H5xiIlY0l46BgWyl_uqdgtKw5h6evSLK1PL9RdsNbVqO9q0Kwo&google_hm=MDYwMzAwMDFfNjNjZWE2MjllYjJjZg%3D%3D
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:18 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0Mc97x1jfuUDFFGR-2ZvrCmP-JILTicG20vGnoiLVDp0H5xiIlY0l46BgWyl_uqdgtKw5h6evSLK1PL9RdsNbVqO9q0Kwo&google_hm=MDYwMzAwMDFfNjNjZWE2MjllYjJjZg%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame D68C
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAavPq0Oj4NHaIvxaSnahUK-B3BNOhAGdnxSMeZEz5mxhmo7Ag8Tm9DDdgSQ1LvXgWAn8xXlooDwtxtKy_g...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Oj4NHaIvxaSnahUK-B3BNOhAGdnxSMeZEz5mxhmo7Ag8Tm9DDdgSQ1LvXgWAn8xXlooDwtxtKy_gwV-mhDJFxESihMmB6c&google_hm=57d67dd3-e58e-41f1-a7...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Oj4NHaIvxaSnahUK-B3BNOhAGdnxSMeZEz5mxhmo7Ag8Tm9DDdgSQ1LvXgWAn8xXlooDwtxtKy_gwV-mhDJFxESihMmB6c&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:17 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-136
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AavPq0Oj4NHaIvxaSnahUK-B3BNOhAGdnxSMeZEz5mxhmo7Ag8Tm9DDdgSQ1LvXgWAn8xXlooDwtxtKy_gwV-mhDJFxESihMmB6c&google_hm=57d67dd3-e58e-41f1-a73d-3175e0964399
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D68C
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOh7JyYkKB2dS7LrL5zDSxw&google_cver=1&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJSwz3P-aPdyil6xArt1F1PjP&google_hm=WTg2bUtzQ28...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJSwz3P-aPdyil6xArt1F1PjP&google_hm=WTg2bUtzQ281dEFBQUFhSEZpTUFBQUFB
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 23 Jan 2023 15:22:18 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEOh7JyYkKB2dS7LrL5zDSxw&google_cver=1&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJSwz3P-aPdyil6xArt1F1PjP","cluster_id":0,"gdpr":false,"ipv4":"167.88.7.162","key":"Y86mKsCo5tAAAAaHFiMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad165"}
X-SO-Key
Y86mKsCo5tAAAAaHFiMAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad165
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0MVfg2Bx-92Ukl3NR9nR91uRk2TPIXhTnWS68hMhL5YKD8qZYardxU4fGZcyoxWzN9N9PxmJSwz3P-aPdyil6xArt1F1PjP&google_hm=WTg2bUtzQ281dEFBQUFhSEZpTUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad165.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-IP
167.88.7.162
pixel
cm.g.doubleclick.net/ Frame D68C
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGWz5KmEG6VNT3Qa1rQHBAo&google_cver=1&google_push=AavPq0Pq6WlIWYTIuUHvsiNl82PCZzBZGFEUGfhK-7bgtKNaY30eGQhlQn1PBXOiodhdgZZgXNfid5MrKhP5XWz7Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjEzMWEyYTUtMmQzYi00YmMzLTg2YzEtZjlkYWUzOTRiNmE4&google_push=AavPq0Pq6WlIWYTIuUHvsiNl82PCZzBZGFEUGfhK-7bgtKNaY30eGQhlQn1PBXOi...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjEzMWEyYTUtMmQzYi00YmMzLTg2YzEtZjlkYWUzOTRiNmE4&google_push=AavPq0Pq6WlIWYTIuUHvsiNl82PCZzBZGFEUGfhK-7bgtKNaY30eGQhlQn1PBXOiodhdgZZgXNfid5MrKhP5XWz7YIHan9EoVsXVhQ
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjEzMWEyYTUtMmQzYi00YmMzLTg2YzEtZjlkYWUzOTRiNmE4&google_push=AavPq0Pq6WlIWYTIuUHvsiNl82PCZzBZGFEUGfhK-7bgtKNaY30eGQhlQn1PBXOiodhdgZZgXNfid5MrKhP5XWz7YIHan9EoVsXVhQ
date
Mon, 23 Jan 2023 15:22:17 GMT
content-length
0
google
sync-dmp.mobtrakk.com/match/ Frame D68C
15 B
15 B
Image
General
Full URL
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESECPJ7BIhh5s9_6avLaJlkYs&google_cver=1&google_push=AavPq0NaYGkl7YW4QhT85gR7cuSzHKOurwLT3U_aX_mxF2xnifUyXcvOnSPzGt6IUTQesFxXjtj-6oS3joUH38I2EPYEUJg1bJDf
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.135.132.32 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-132-32.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
15
content-type
text/plain; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame D68C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfUCwoa9...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&%%GOOGLE_PUSH_PAIR%%
Date
Mon, 23 Jan 2023 15:22:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame D68C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyP97OutspidOl5MSZQ6oGr5jL6taVcIwsylIF1X7vF7fJHdPMzYloXtbdGz04FRRNGIMKEfAX
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLgddxD0uvboolZD7c6WiAfA%2F7CfRZObsfn8XhUFFzlUCSU1R0nAdb4BEh5Q5f3htMj1DpV7%2Bt5Af19mdE9SKE5vr7QRDCryyNg%2BV62OoMHTAhfE1Ct2mzqI2XROu8ARhzpHIN2U0ok6kxFd27A1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186258c73c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
animejs.js
static.criteo.net/animejs/ Frame 84E9
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
img
pix.us.criteo.net/img/ Frame 84E9
13 KB
13 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?h=76&m=0&partner=95176&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F95176%2F220506%2Fe9b72aa2c0704332b31e4ae368aa6000_woody_buick.png&v=3&w=596&s=bsc8YMQoCas5iMGRcrm_CwgI
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
964f70dc94b7ebde3a80c76d64d7bb0f8ec216e8ee23bdc88856008ee2066bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29859658
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13200
expires
Thu, 04 Jan 2024 05:43:16 GMT
img
pix.us.criteo.net/img/ Frame 84E9
22 KB
23 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2F93a03727b35843a7bba6f107cc72d314.jpg&v=3&w=400&s=EjE71fVrbZcQjD7WsHmtyZ4R&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
c9844e7ce45688f154c3e8e2d0dbdf55f9645b55d3df5ef9321e9f0b0f7a17d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28837405
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22784
expires
Sat, 23 Dec 2023 09:45:43 GMT
img
pix.us.criteo.net/img/ Frame 84E9
22 KB
22 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fb0826fff3ea54d2ebd72ec0d7b32c39f.jpg&v=3&w=400&s=EhIuj1lGF4RzzojGeejvko9j&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
5c6dbc332d270518aae51f21e5fcffe33c1d9c4df71908870311a5d5e50d8017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30081028
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22624
expires
Sat, 06 Jan 2024 19:12:46 GMT
img
pix.us.criteo.net/img/ Frame 84E9
19 KB
19 KB
Image
General
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=95176&q=80&r=0&u=https%3A%2F%2Fcontent.homenetiol.com%2F284%2F6648%2F640x480%2Fc1044ceff727415daeb4b5221f51f728.jpg&v=3&w=400&s=Z6yISZZNodCEk1y4dW55AU6-&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
bf402005043a0353ece6d0435304bd08eeb40da358a13583cf61aed8321c71b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31030174
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19224
expires
Wed, 17 Jan 2024 18:51:52 GMT
all
csm.us.criteo.net/ Frame 84E9
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=fFcUxet5F5xFsYhrkZ2zb4MdEEdoL9QvVB2Ws71mV7A0M1-sow2uEBREA3qfcmay2pnsY15K58nKFd0Z5b67WTZd_OpyTMkr6h1x-f0DHYMledV1AhvMLsNM6Fv5IHv_7ieH8zmg5wm0J9TdeF8PrnuxBo4m5LWLkJGvmwSbAx8rqQ6ita_3q5h4CL7sA0HVjLmsbylNslEZI8lRdV86DAudcy0Nw8_lLGWsJCo8TFgh-SIvugRSVJq4Tt2Tj4LA58_3iisGxrQGon05&sds=2&rev=84230&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 84E9
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 84E9
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 15:22:17 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CN3pn74cQTDca0JlWYxgAgufwL2wFDnxZzbBP74suGMVgUJ9mm%2FVa7nCoq%2BVyFPfkQvjZKNli835rK5iPb7%2F3E1oDx56uNjikMR0y4pIVyyvMwH8SW7pkhkcIVO22AeuHY3rLBW0GRp8UUoAOgn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18625ecb6c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEVOIto3lV8yaQip4Nm5xdbE4OPVteVG%2FjYRU74khMR6YRe3Zn1napH3uvLwiwiVGmOfoZHWBWMwfLdYIlU0B7ICX1tnNORklAJ7FWUJnofcrOnCrctcYT5RZ60EYAWjGqXx6%2FutfFzbEA7JfVI%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18625ecb7c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
/
servedby.flashtalking.com/imp/8/199363;7080797;201;js;AdobeAdCloud;TR247057101B300x250jpg90634477014O0000016pwoQAA/ Frame 6F3B
2 KB
1 KB
Script
General
Full URL
https://servedby.flashtalking.com/imp/8/199363;7080797;201;js;AdobeAdCloud;TR247057101B300x250jpg90634477014O0000016pwoQAA/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20230123102217%3Ad%26s_kwcid%3DAC!y6TJDFcZjBmQhPtEbWYr!wwtdkr6dGPC03raBDObn&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=25281410-33e2-4100-8b97-320e2caf2f9d.1&cachebuster=208057.62770185422
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.61.13 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-61-13.deploy.static.akamaitechnologies.com
Software
prod-xre-app38.ash11 /
Resource Hash
b9fdf0930bb4e65350776256e7be1eb16d9857a8e0e2a166ce394bf9ca0a92da
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:18 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app38.ash11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
772
Expires
Mon, 23 Jan 2023 15:22:18 GMT
PYUnd1ve
rtd-tm.everesttech.net/upi/extseg/pid/ Frame C875
Redirect Chain
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-1120770146280281808;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
0
141 B
Image
General
Full URL
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-chi-kigq8000099-CHI
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1674487338.978649,VS0,VE19
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

location
https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
p-T1mksRPv1rGRh.gif
pixel.quantserve.com/pixel/ Frame C875
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-T1mksRPv1rGRh.gif
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C875
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.250.6 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-250-6.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.9
content-length
49
expires
0
renderstart
statsf-tm.everesttech.net/stats/1/ Frame C875
85 B
130 B
Image
General
Full URL
https://statsf-tm.everesttech.net/stats/1/renderstart?adKey=y6TJDFcZjBmQhPtEbWYr&mpKey=Kxj2ilefT2dP544VKFNQ&cpKey=wwtdkr6dGPC03raBDObn&sessId=25281410-33e2-4100-8b97-320e2caf2f9d.1&env=site&PG=F&price=&conn=unknown&bi=B09mKVSJl9QnEef-8_YrtxmEbcfemKH41fVzjtMzRxb7eFVYJ7XG1YetS010o4gMnb-nxDbOH_-iwbw1KHwZxlHv1CovQzDHOBpotsziRJAmRkKXaZclHxfxobfvr3U9ANhXuYL7KA9I4Yxu78E5x1sknJ8wYzuTYbrZ-rcfP5kVOOHKyLHeN-HwfPOlLMMFILcJoSQVaUy0ypNR05uBLYofs5VKnQWc62dBpZt8nfowMU&rt=HTML5&psId=8ewbVYJkT5p8wTZLu1GV&seller_id=540948327&date=1674487337406&auth=192375fc186a506cacd647ced63cf896&did=&vinst=t&didtype=UNK&s=H4sIAAAAAAAAAAHwAA__j6Pn3g-6idMWikdcSt3u3wKHQsGNUauhkuosfMH5JodY4lyAUJuqRkGECXDcYhTFnumHvWAYTcGeeEFhFj2TQN6F3sCXrHMW7OtjbHFUnGGeHib24dvgn9HPnX9ClaRUuBYgVHHvnlkbKyxg6MwNjvTebXfkPc5Ht7aroV4egVvs2pmtyjVT2Iuqx27mYgv3kZ5_43X_s-d2_oC5HHW_5lnIv2WN2VzJp7Iyl6AbqJmqvCXfkvc3bit4wfGwM6T4T8cd1Lgxb5dDbxiS2V2fUR6d2vRcijJcFL3wnJiTGtZkPZmBxgqjxQgcDQDOLpejvKne-vAAAAA&burl=about%3Ablank&rurl=https%3A%2F%2Fthehackernews.com&astv=20220412&apv=B20201012
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
x-pt
P=282
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-Central
content-length
85
x-served-by
cache-chi-kigq8000130-CHI
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 UTC
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame C875
85 B
129 B
Image
General
Full URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?adKey=y6TJDFcZjBmQhPtEbWYr&mpKey=Kxj2ilefT2dP544VKFNQ&cpKey=wwtdkr6dGPC03raBDObn&sessId=25281410-33e2-4100-8b97-320e2caf2f9d.1&env=site&PG=F&price=&conn=unknown&bi=B09mKVSJl9QnEef-8_YrtxmEbcfemKH41fVzjtMzRxb7eFVYJ7XG1YetS010o4gMnb-nxDbOH_-iwbw1KHwZxlHv1CovQzDHOBpotsziRJAmRkKXaZclHxfxobfvr3U9ANhXuYL7KA9I4Yxu78E5x1sknJ8wYzuTYbrZ-rcfP5kVOOHKyLHeN-HwfPOlLMMFILcJoSQVaUy0ypNR05uBLYofs5VKnQWc62dBpZt8nfowMU&rt=HTML5&psId=8ewbVYJkT5p8wTZLu1GV&seller_id=540948327&date=1674487337406&auth=192375fc186a506cacd647ced63cf896&did=&vinst=t&didtype=UNK&s=H4sIAAAAAAAAAAHwAA__j6Pn3g-6idMWikdcSt3u3wKHQsGNUauhkuosfMH5JodY4lyAUJuqRkGECXDcYhTFnumHvWAYTcGeeEFhFj2TQN6F3sCXrHMW7OtjbHFUnGGeHib24dvgn9HPnX9ClaRUuBYgVHHvnlkbKyxg6MwNjvTebXfkPc5Ht7aroV4egVvs2pmtyjVT2Iuqx27mYgv3kZ5_43X_s-d2_oC5HHW_5lnIv2WN2VzJp7Iyl6AbqJmqvCXfkvc3bit4wfGwM6T4T8cd1Lgxb5dDbxiS2V2fUR6d2vRcijJcFL3wnJiTGtZkPZmBxgqjxQgcDQDOLpejvKne-vAAAAA&burl=about%3Ablank&rurl=https%3A%2F%2Fthehackernews.com&astv=20220412&apv=B20201012
Requested by
Host: 88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
URL: https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 23 Jan 2023 15:22:17 GMT
via
1.1 varnish
x-pt
P=526
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-Central
content-length
85
x-served-by
cache-chi-kigq8000130-CHI
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:17 UTC
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame C875
14 KB
5 KB
Script
General
Full URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20201012.js?auction_id=25281410-33e2-4100-8b97-320e2caf2f9d.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/8128) /
Resource Hash
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 01:39:46 GMT
server
ECAcc (cha/8128)
age
26061
etag
"1983306799"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
4789
expires
Tue, 24 Jan 2023 15:22:17 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11067
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgCgrzo1SHmmesWtP14bsIqetPX%2BbpiUMo6htETe7GrPc6mYl6AV962d7uQOkv7OT2dFCArAB2SKAeGVHlQsBQ87s0H4qusqMj4Nsmb5PQboT9GRfCHFdE7ltqx4u8Et%2FzQKvvtWHNRWNnplPPps"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186263cf0c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11130
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5R91jhoKQd%2FmeNOryjcZNFGyi6KROtJnRqlSMFUA1xVkzfhLupxO68XkISo%2FuBUnwFgvXluGsZU4OdeJ283xMTH8xSa6uHBJMMeyJkbBXLHBiVoFJR6J9HMowLyfJ7cOU36Ucf5BeHY8hJu1eYM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186266d1ec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKVmZuELSikk%2FhQ20cWAlFOSj4nNzs2pvNddJWoe%2F1bkWddPM88n9Fn4GEfk3dhVYS0tUP%2BzNheiVqYOx%2BqFGnjPmj5gHWClp9oU5vlY1mJ%2FbqrmgLRv3lS5%2FO0%2FhTEXlZEbD8ujiKXNNIcD1HWJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186268d3ec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FYBteZOtYLDKxEH8OVB7g7nnJKUD2tAOheoL836ASLG1LxBSbobs%2FiPGPVAuhV1ZpBn9mEi9lJ%2BAXonuNAhBqaXwPzU2vbVAHoewEfVUADrNqZAP9Mvtzo9rLcj%2BL5Hdyr4pN6XhYhNaA5YmkvK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18626fda0c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTCK3svGTocU%2FOnJs3QZ1gBugZHggmiYaoYCP%2FFhjm033wBAnYj629LCyrbYe0RB25SYwcT4pNDwx2sPKKz8Wq19uRK%2FlYG7fIVALXyTL4gQGoigu9foEt8LUfW4AQ6iWJRfKzzkSh33LfWyerQY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18626fda1c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
j-7080797-3987457.js
cdn.flashtalking.com/xre/708/7080797/3987457/js/ Frame 6F3B
43 KB
12 KB
Script
General
Full URL
https://cdn.flashtalking.com/xre/708/7080797/3987457/js/j-7080797-3987457.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/199363;7080797;201;js;AdobeAdCloud;TR247057101B300x250jpg90634477014O0000016pwoQAA/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20230123102217%3Ad%26s_kwcid%3DAC!y6TJDFcZjBmQhPtEbWYr!wwtdkr6dGPC03raBDObn&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=25281410-33e2-4100-8b97-320e2caf2f9d.1&cachebuster=208057.62770185422
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4c4ae894286539cfbdf83dac6ac8f9f1907385d50452079d8138cf5a6e0b5784

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:18 GMT
Content-Encoding
gzip
x-amz-request-id
TQE7H362CDVSK8G6
Connection
Keep-Alive
Content-Length
11449
x-amz-id-2
VgBpCUGORekIRc+wSRCC/I/SetSeHwWMK/8kae1WCOiRnFY75iCWMQ9I5b1GoijW7+XjrF+8+Jw=
Last-Modified
Fri, 16 Dec 2022 21:13:12 GMT
ETag
"1671225192"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1674487338.dop232.ch4.t,1674487338.cds222.ch4.shn,1674487338.dop232.ch4.t,1674487338.cds206.ch4.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1027
Accept-Ranges
bytes
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrG9DVwGIWSdGy7Oz%2FrF6IKHDuLBfHiaUnjE35021YadasYnxskh8pu4KnKqMvuKPMEXkku3dktQ3RNcg5IjAyD9zOfK9ZDbwi2iDyO6DJIIAY6Jdx0UdgTr6jsS3IdBuJ%2FolR2tNVfqzwGYmyRg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186277e13c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9YZyIG1g92PgnoXpc00He7vUWAiE5pyHDuKSuW8sxBICPy8GCFgwGk%2FyEMx7s5X5SXSQpy14yADbq9EA9Qq%2BIz2bUmx3sFlvV53oqzCRstbhVw3T50KzcAPRDpoT5RED4dVnxNYtxiBWFKmJN7C"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186277e14c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIiuERIiXJUTSYynwovxyHyYzhtFOlHmcK2WvwOf51U3lcw4%2FQsvBtURcW%2B%2B4ck8ww6ir7%2FdP8BseIUXixNsjovVpAW9tOWGA0cl0hywQuWAJufFmFRxYiGFfVJpkss2K4xkYonpNOqQH9Lu5447"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18627ce65c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
3987457.gif
cdn.flashtalking.com/xre/708/7080797/3987457/image/ Frame 6F3B
37 KB
36 KB
Image
General
Full URL
https://cdn.flashtalking.com/xre/708/7080797/3987457/image/3987457.gif?434037307
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a3e1225d4c86116980953a6fd731a8db7a1ddd38604b8bd5c7639ebcf1b878b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:18 GMT
Content-Encoding
gzip
x-amz-request-id
6GZ75M798KHXJSEY
Connection
Keep-Alive
Content-Length
35868
x-amz-id-2
v0xo4VEh7pznL4l262MuxZrKVtDrRuHXclUSrxPJRmVw6qXob2B4MFbFkRyifG51PpV8wfHr2RI=
Last-Modified
Fri, 16 Dec 2022 21:13:13 GMT
ETag
"1671225193"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-HW
1674487338.dop232.ch4.t,1674487338.cds222.ch4.shn,1674487338.dop232.ch4.t,1674487338.cds089.ch4.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1027
Accept-Ranges
bytes
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=3Ebh0mGFM.BCKL7YWudgGwkceRIQJR4YNwTB4Hs34Uk-1674487338-0-AaLIVFPmn61_0uVC-3hphpO7m_zyuDaBFWNN0LPjupbR0cdZrwXrffAa1dchm1j9rlwzuBWcmeokX2N6b1sq-WJcGlCvVUcKf4FA00oMS5In; report-to cf-csp-endpoint
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjItavXDbZW0ccmD0C3tp0MSbUP8ShdOICda7DmrjqMQT1Gex4os0zn6MoCUUIOrGEtalj2SYs0lLX40o0T50ayjYCXGzlZxzuNlDTz61M3P6Q%2FqUTT%2B8pSBci31sqJHI7XuYiMTiisFLZkHYbqm"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=3Ebh0mGFM.BCKL7YWudgGwkceRIQJR4YNwTB4Hs34Uk-1674487338-0-AaLIVFPmn61_0uVC-3hphpO7m_zyuDaBFWNN0LPjupbR0cdZrwXrffAa1dchm1j9rlwzuBWcmeokX2N6b1sq-WJcGlCvVUcKf4FA00oMS5In"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18627fea6c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHWwdpx3agvEnNT45XvKGDdwda%2BwdKkne6GI4ha%2FWv84QEjZV4H3YboewHJkbGZPSImr08FCrc%2FN6fGKF66lQmv54F8qlZa8US9n4wwA4LVcuM8K7YxTmJLUQvCbGZvtzzdHFEze4A4bpUXDUjx6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186281ec1c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fMutN%2FHQuyqzVyWJv52k55MSPs4CsJsaRQvFFUpP8DInYfi3DZe5I41kxxfvgDlWPiJnjb9ZHLni8W801MI%2FLWiO1PbX5tJDZNHtNxX4Qh%2BYvS6rJFxzk9XTmqW2ilmER8JoUUJeneJN2Vmagj3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186288f2ac514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxsaEw0QW9VF6VliXrIk7iDJkvnoRNigEHZ9TdcGP2RvCS5MHNEKyuWy3W7dSSHPxb5NbSH5cUib6hgzp0DI1XLHUICEmvvbSY3qDsx7nUdjwlgEizOvibrp5s8QyuYSwLfOjcsaUOjzAMypHZHH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186288f2cc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
all
csm.us.criteo.net/ Frame 3402
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=z0vzvOt5F5xFsYhrEPg36Yj9z6VnqYOAx91LNTeH1bNno8PYJhEzcmtHEuLT8D_uStBjfShCOsKA_f7m_iBuaNhBFMkiTL6CPODghYqnS5WqqssY-Sd_zzOdfd3ILVorBYtlUBgSav5jqmHpi9FkAHm8KaU-elDr9AQtJ6XZsNJxkkVE_SH7DM-a5RRR4uPefMA0MOxWu2pOomsxwEvfMYj5TGND0xQuu2Ojjs_8K8sOxlpUR1vguuPLTrMuK6D3tK2I7Q&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABhvwKwUBkAA3IE5K1J8itgh8dacLzQQ&u=%7Co2PFedGbrKnBCznVXibolo7w0KRoh2pRBccFhQMiT1A%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdke5lrWSTpYDS9NR7JATbfFlDqVZ8CIqf6tbxKH9wxXHNJh164L6AAHgdGSNTmShopkZ1a9QY7ONpWI9f_gwaXU1gilZeQUoJF8eGcUP5HoRGsuzDZ1I9SFZa4XVr9erO6hr55F_x6o_3WQRdZA1P6r6FJo5I2yaBWRFawF_0kffcl-nA328zejlAjFAjJkKO_DDTCAUDdmccSM3FBaA_EKMw6njPUPh8SJPGOGL3S1hdzOU9KQ9IN1OQCuXqWUlQ8a6digWGhUw_dhgGfiv2fMZgoOas9xluVVEkj0PlVKnmK8Brz3QNJE3WsgdTSq4tFGQcQ9IuC_ozFEQBa7QY2fd6EzOK1vogFIDGSW8g72JVTD8BHI-uZOIskJW6MCQnC3yYmwC7JSSHZnsSFyBsWsrQWMYNV6eUlOt-D3gZ_eLfIR3GXa8VNUIhZBTNT2t-xbc0qUcAicwieWBa65MCntCX4kFxo0TiarpzvPsWd-6lyNUdZlpYW_myBNPqVmzr4gz43ORDfxjQJQbX48uT3My54_AZp9CmgQikiQCAVU6Qokd0MkDZfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrqeqKKbOY_yNBuSAhQaTkLfIBpyB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi03OTgzNzgzMDQ4MjM5NjUwyAEJqAMBqgT5AU_QJfrBFtevh922jef5OBUKE9P8T9oq4qIMhyGv8OBsTTmQRD9ddaWfEL1-O_-FdezcQ_JOZuiPD3isFet7GcW1l50FHi9yOSNuRsRi3PgfJAEAF85ueXcbLF08dWftb-WB-PiTvOoCatB8i9wS6VPytU5O7T2Gs2yYOeFhbTcS3hBe6Ma6yYs4yoGvLrOp3Ft5rynm1QNkf2AA41SsSpywgF12J0z7OGWGczdnOro5_hlwbstLrpH3H-X5-3OaeG2WtXLufjJ9JiNg9lVrP3HMXu3fsU2Vaw9dUrogXFXrfDbFMnqbW9eEe9DSFemN_r1UQK4oa-K_RoAGy7qA7u6JlOqbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gy-5cejICjxvGELTfEAtjl2ExWg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:17 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TriitllFxnc1MlSmlyqzFgLAKaIN87YuqVAc5FMiyQBlPXtR5zzjyUy%2BJHvEismbH%2FzuMDVp3L7CYoBtNgiYHtTHL4ImD9A%2FeBwqMzA%2Bk9qN5PCBpmaJzBHduCV3endN7V1IGWtQv6NXVjIhVxok"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18628df7bc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxEGZPDdY28iJrJ0ma0%2B0%2FP12YS6hOT9DaDsiOxgvCLKtnsB9fTdfndU7oqWOL%2BHJC25vBBgxmp3gnDNotrHNqVmLzWFhHjwU1ua8myka2cmENE%2FAJi3%2Fn6t9oOPNdI7kARXyCBB3tnwPA9sInvG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186290fb9c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmO3nREv78BKsscoGaCOs7TyYnBS%2FsEVVlS%2BvdlNIIBpeS7PyW6RwqAHVAI0xs5Nluf9qhHUYxejGTLzXsCU5ea7UgWnqjQooSLxmMIdr55ZbS5cRjBYBwkC0ode1amI6FDzO8IVQhZcYP8fPPno"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186291fdac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FFC6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiR7SGGLCy9IKMkbjr35k8Iqtfh3dgVRy_EG_zYYHgjR_UlAOIbeuHLIyh9IiagFWvdk9b8Loid438A7iF52lO2KM&sig=Cg0ArKJSzJZG0CMbYX1TEAE&cid=CAASFeRolYwwsEu_WPJE3ZR87jlpcQg0pA&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1087604413&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674487336047&rpt=1386&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzCka0h1GAgy3%2Bb8V0fQ37DK2lTBRWZ0PCH7Pvqr1hWHNK6UX6fNw2oV41DUn1UExs3UBGY7N2n0G%2FdkIxrImeqH4bvy0l0DqysjJrPu00%2FCWH7oPuEgNQMk3Kzl6p6uWNTXRwQ1tAFhynHDi0hF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186298844c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fjjaGL0K3GOvPoA4DMqaagEiNmceR8PSqr8xkNfKplSeLj37U%2BpMPVG69KG7RGrDxkAgUJLy8XsqPM5NUsBmA8qrKl3JJpVNFdJrgO6DL9m%2FNs%2FrCUwAUbeCOAv0UVqVhma%2FHU059WDGIb7GD9M"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186298847c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXub%2F8yXBtImIZt1Kiml3QrL8hTEh3%2Br414ZNyGbGqFGwmySiqxWL912jzNCQ36sz%2BjVrhWf2MUKalsPacq2tpyQ40Zz%2FPlcwt3ywfi9xkLyiIY2qO7BXNFUPof1Tc5ED%2F9G81sgVFkmOhYG33om"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862a08b4c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbNCjSt9%2FTSxxecrRiPmCVnKg1djfRvfdl5PkArvwhrAeN%2Fjuja0wOaA3BuVSqbyXdNeZ7lWqSCcME%2BSKnksfcw3vipo%2BOXtSG8%2BmyXn8GwQJE0vNWWtbgb2xiRPVD7BLXpwMxwd8wPEuK%2BI0tLP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862a08b5c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFU0%2B3%2F1hYwcXNEBypI1%2BC25ewfIDTes7g%2BgC7A8%2Fs2s1d4fbmDhdbRcmtprgC61zaiaoMnLT4F3f56n3Agn4yzZ8vZTvEUH%2BYZCp0Jpz5RvoAHgY9XQWVt%2FzV0PbbciZy6uTIcR5C3TkQCuCtjO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862a5919c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Jan 2023 15:22:18 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1ydeIVU7DLPf2%2FLMVapJdE3WGty6RFMZB5AErDe1X7dEbtIpTqiJtdJrEwMcOTNY0qbsYCpCOmMifPcWfP1k%2BuT6WaVEzVugURBLdkKDNFGIDblExuq4HDIg4T9bjafhPomtjO7hGXNdZtZaeWR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862a7949c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F5B8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU9z_vI5yMp0T8JpNHTm1uPVAkUuLUjW1bx7OQv-Yb6-ItzRD2XMv0D6qxEXxOQMHCX9i6mhOJ95vw68B98DN8wX3H&sig=Cg0ArKJSzN7aJy5axbcPEAE&cid=CAASFeRoa4SSOMojFHkiTyJImUn9OL5ZAA&id=lidar2&mcvt=1000&p=731,1035,981,1335&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2065311470&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674487336757&rpt=870&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4T0ENKev9h69mt4cS27IqiSFNml2EBCpe%2B4tU3t8LLPMQMqJb%2FVdi8pofEIPjIS4gEAOTWXEq4DaeV9Aprwp2Gi3vDYG9E5gw3jEQrrmgv9wbQQhNW1FrcMlQ0n4gZazLfbEyZ6oUfQ%2FB9uMyQV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862aa97cc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
syncframe
gum.criteo.com/ Frame C150
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thehackernews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:18 GMT
server
Kestrel
server-processing-duration-in-ticks
4595763
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Jan 2023 15:22:18 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdPaC3rspTBjDkI2z4fkgVJmW20kGPuUIWg%2BTbNHjcop%2BM1DW0feGlosHg5R2K2oMf9WB0Q5kONTIZikWtVl03ZTK7oFK3LodSBDXXKCLafl8k9B50maXDSLRekR%2By%2Fuh5hHKlN%2FEYSaA%2FRwp7bz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862b19d5c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B2f7ohN2rXCgiwSAxpQfAfKNLGhuRfYjwoju3sQ8nNlJRPdVdBRNphX%2BXcw7X%2BAY%2B81lT%2FBSqoQT1faGop6N0PVW4IoozE9BNG3%2BbqfKdwf4%2FWHorYp4RIOImWV4appz3oiEq8Yci7WlevwLaRw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862b19d7c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EBD5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOZ6wzqnVDoaOvyGHh82oigUTurVIbTjs-bR61g9sDVO6Fw4Kp5UgZb2rsPmevY-q_sG4Xu7lXCVdEZ58QazCfOI8&sig=Cg0ArKJSzBhFLFg8ZGs8EAE&cid=CAASFeRoJiCe809d2XCeUSbWg0D13zJl2g&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1676811181&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674487336063&rpt=1668&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIY%2B1WtaW2HaTssi1MA7QU7Lo16C%2BG4rsqAQZpdBEWvPvXSSA8y9zwmCenYqlvndCBEc5%2FH6ziYshLtw81W4caLqpYxMNMcqapPzH8oiv1vlvx8oR4nhNKxySI65THjLXmletUbkXofwqP4WTzyj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862b6a3bc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CmiYaq85o8nsCDB%2Fmww9hFSPuTHyWktJa9Dq5wZaF9w%2BVYKuDYGQcwHlrV%2FimUWcC9W0kbjFPeaV5ZrJbZfY3GjHpqS6lBR0QdTBgJWsKvWt5ck8%2FCSKf68qbcliRigYPmBMSfgP9S%2FC4m02G5h"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862b9a82c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azPcfDybkPNH%2Bij1PHMyqihNyn2EmilUjt42B7YaAgeFfa10UUXT8NFa0Gu5jE3kpc7c2%2FtzdYuwnAwoR%2FY9ypBbIBMvBd%2FuqXYXZ2c%2FIcnU5VdLY%2BKi0I1ejAryvhIAg8mSbnA%2F5olk3zGrXkae"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862bcaa6c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1F43
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ol%2FDk7bOBiM1JO70963vd9koIOfUoz%2BfTGyheNrOcFwmHQwmsaK9KHr295XgcfEu4uAK7bTbAW7ilgfZmSWsJWXxXhZvHqOCGgl0%2FOpgisIQkJZ5xNN9uasS%2FkKrYfuqsBbVedenNSJnQPbxkxw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862c2b06c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BVs1lCU6ZdGQ59NvTQCgSuumphhIaAKDlDjKfBeWn2HcJhjF%2F0i%2Ft%2BZpeX6Udugfd9cXJ99jsWl%2BLVuYaLyGsY8CeGURfYSNsCiVW1Kggh8c5NEEPB3Db9su0VM7kSDC9Nu6C988FFmGasWxBkB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862c2b0ac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
all
csm.us.criteo.net/ Frame 84E9
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=fFcUxet5F5xFsYhrkZ2zb4MdEEdoL9QvVB2Ws71mV7A0M1-sow2uEBREA3qfcmay2pnsY15K58nKFd0Z5b67WTZd_OpyTMkr6h1x-f0DHYMledV1AhvMLsNM6Fv5IHv_7ieH8zmg5wm0J9TdeF8PrnuxBo4m5LWLkJGvmwSbAx8rqQ6ita_3q5h4CL7sA0HVjLmsbylNslEZI8lRdV86DAudcy0Nw8_lLGWsJCo8TFgh-SIvugRSVJq4Tt2Tj4LA58_3iisGxrQGon05&sds=2&rev=84230&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y86mKAABrYwBy4WTAAVu2xtotaswfXvq6qMA_w&u=%7Co2PFedGbrKnX3b02iZwy7ZXpCVrCXT3Csmd1Qe5knCQ%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsAwFsoXjdrBEFpPHL8_lQEZbRQYotn5i4hZwxsxdRDjlzgdnBN1ajacaKUfa-YtlNo5maHVOHm1xs1fsC9g7WZwG3jpQM2YdorSCVqDQAVox2yd3NZPT50rvFH0jWR2qEC03eqN96KnMjXn0hvpWYV-LmcVxy2QsLo6Qf_u5nydNcej91x2r46Rq0uF_BZQM4V4SWO3hoTZ5dRKt5GucIYneQcX0wJuJ1Qib8sEGfCjO40nZRjEmVXNYWKSVQrTT1HX5OrLsHNgl0qNxOty6XId07HUj1Kfuq7plOk6Yo0w_SUPSC-yGF5VNBu0pc0NrD5CC24WU_fZ898nOzAa6ghnzk6onPyO46u7z9i1na7R1cifWdvVCSqEtyEpENT1xQXplpsTVQ031ZMy4aSXBTkSesFrHjZW1KF-jDXT4MLVu48YSorncBbQTkkWggdJgU0iNnSVjyWo_1BVmhXjgVtkZkejmBRA_Dn9Pc96S3-9dNXEmmfLJcljvBxPhuqvF9BMRLVZyEXPkV6RNpxvnte2LcHRa1LvcI0SnU5oCGktocoUHYnWWYj6yU4BM17XhQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdWiKKbOY4zbBpOLrr4P292V4Amcge-wXKLKp6p0wI23ARABIABgybajiPCj7BKCARdjYS1wdWItNzk4Mzc4MzA0ODIzOTY1MMgBCagDAaoE-gFP0EqaBUiGP9dJnmJZhxAHOnGrBXH0GfLJF1_hoYbmkQN8cTlARLudtcJ_jTw5rAVguqG9_HRfT8vSkTmv-QtNzbxBE9O_jVPif_HJiA9FGZoFoZj59K7OZ9Neeh2pmVAXEV_t553S7Upf5xoVzJijJuz5JNpf1qD3tw98NqjxLyCdO6rPhwT-k5eI0MV6uRuaGkuHW4NmjATO4KFAempv3jatWanQRjcq-uJMGzC0-pK7MGDC70DhVI8FimNzZvRVsW_krApLzppFaiGMOr4G5vci78BVF48boLCduTwM474x4uxxELyJ-_uc_cgLQFh3s04zuY7F6QySgAbLuoDu7omU6psBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ILb-W90U1bkSP5gmZuljPT8Q2Sg%26client%3Dca-pub-7983783048239650%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11068
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqZ85v27yJ28R6sYWRlX1NMwesLJNc8qLF%2BE%2FRwoohX22g%2Fkg%2FxDRHztlQ8cau0%2F6x39sgagyViYyuthYoHBYt%2Fowiat7gWzvRg%2BZQoBuNw30%2FjhmXNH5eUqNHFm2W5z9IFiSJyW43s%2Fi7SFQux6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862c7b55c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
vimp
statsf-tm.everesttech.net/stats/1/ Frame C875
85 B
176 B
Image
General
Full URL
https://statsf-tm.everesttech.net/stats/1/vimp?adKey=y6TJDFcZjBmQhPtEbWYr&mpKey=Kxj2ilefT2dP544VKFNQ&cpKey=wwtdkr6dGPC03raBDObn&sessId=25281410-33e2-4100-8b97-320e2caf2f9d.1&env=site&PG=F&price=&conn=unknown&bi=B09mKVSJl9QnEef-8_YrtxmEbcfemKH41fVzjtMzRxb7eFVYJ7XG1YetS010o4gMnb-nxDbOH_-iwbw1KHwZxlHv1CovQzDHOBpotsziRJAmRkKXaZclHxfxobfvr3U9ANhXuYL7KA9I4Yxu78E5x1sknJ8wYzuTYbrZ-rcfP5kVOOHKyLHeN-HwfPOlLMMFILcJoSQVaUy0ypNR05uBLYofs5VKnQWc62dBpZt8nfowMU&rt=HTML5&psId=8ewbVYJkT5p8wTZLu1GV&seller_id=540948327&date=1674487337406&auth=192375fc186a506cacd647ced63cf896&did=&vinst=t&didtype=UNK&s=H4sIAAAAAAAAAAHwAA__j6Pn3g-6idMWikdcSt3u3wKHQsGNUauhkuosfMH5JodY4lyAUJuqRkGECXDcYhTFnumHvWAYTcGeeEFhFj2TQN6F3sCXrHMW7OtjbHFUnGGeHib24dvgn9HPnX9ClaRUuBYgVHHvnlkbKyxg6MwNjvTebXfkPc5Ht7aroV4egVvs2pmtyjVT2Iuqx27mYgv3kZ5_43X_s-d2_oC5HHW_5lnIv2WN2VzJp7Iyl6AbqJmqvCXfkvc3bit4wfGwM6T4T8cd1Lgxb5dDbxiS2V2fUR6d2vRcijJcFL3wnJiTGtZkPZmBxgqjxQgcDQDOLpejvKne-vAAAAA&burl=about%3Ablank&rurl=https%3A%2F%2Fthehackernews.com&astv=20220412&apv=B20201012&w=300&h=250&pw=300&ph=250&vw=300&vh=250&vwbl=t&vver=20200211&vpct=100&ifr=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 23 Jan 2023 15:22:18 GMT
via
1.1 varnish
x-pt
P=383
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-Central
content-length
85
x-served-by
cache-chi-kigq8000130-CHI
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Mon, 23 Jan 2023 15:22:18 UTC
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11131
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWv3S36%2BO57IQpA7%2Bkq9H6EYr1KKrAgO%2FUqeVuWzlvMPbROwMtMrpG1BZdajwiyEerRi6Lco1kZHGEj%2FqEWlotU4UNZyEhrANsleAuu9HSURb8YZqH4VK%2FFSD1DqV9bHolu8N0LvCsm1VfdvB0vC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862cab8fc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bz0kkpdC%2F2HDcueCPSab1ydfK3PBG8T6XIjgUNscaGzeO9H0Ufv%2FTvhrZ%2Bi29BX36NWJU9KPeKxbwZOdjgrj8mwmnOUStBGXbIC1u7u%2BYqv0SDsJeRVizoTdsUyKfuqdS%2BcjIoHk2yyFikru4Z49"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862ccba9c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDo9vP0xFX86PizA20IIZc2WVPtz5CLDGEit%2BaYVoEuM70I1UYMxM%2BNqH3efR9l1SZjEHHSeF3l5iSVZ%2Fo%2F3Cf%2BnW%2B26RFxzZo3thPvcz0%2BY7BANc%2Bk7DCYV4vQIKCPGz6Hf0%2B%2B9dOICTQaTPuFJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862d1bf1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://thehackernews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
316996
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=jmREzHxLdUQvbWozSkQ1VCtMcGFmNExHZW4vOWJnTWpGM3hTREZGMTc2bitzTkU5TkxuVTRMNkt1SE1OVlQ4bStXNXU3ajM2ZFJUZXdQcEEzb2NpTzlXRlpYRmRlTVJadDV4WmFmQTAzbDBobnpTWW42cnpRV1ZYU3EzbG...
453 B
713 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=jmREzHxLdUQvbWozSkQ1VCtMcGFmNExHZW4vOWJnTWpGM3hTREZGMTc2bitzTkU5TkxuVTRMNkt1SE1OVlQ4bStXNXU3ajM2ZFJUZXdQcEEzb2NpTzlXRlpYRmRlTVJadDV4WmFmQTAzbDBobnpTWW42cnpRV1ZYU3EzbGgvVFNMM0pqZU0wS1JHaWlMa2loSG5rMHd1RVhNb2FKcHlOcGJoTkpVQUpud083cmVNS28yRzlxLzNXNjBmUys5RFRrMkNIdHNuZkxrdkQ1cmo1RmpwN1RSVVJ1SzQ3dU5IRmpLSldFMHl3OTAzYlBSTWYwdXdhMTFvd1poZ0lyMXo0cUxwd0hBeGMzT1RheVU3YUpSR2FGajM3QW4wM0xBTGlxR21IalR3dm1VRDQ2L1JJUT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
11bca1616d86a6bb76003904e978bc858e18cd7f682e489f0080a433dc8c3c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
945359
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=jmREzHxLdUQvbWozSkQ1VCtMcGFmNExHZW4vOWJnTWpGM3hTREZGMTc2bitzTkU5TkxuVTRMNkt1SE1OVlQ4bStXNXU3ajM2ZFJUZXdQcEEzb2NpTzlXRlpYRmRlTVJadDV4WmFmQTAzbDBobnpTWW42cnpRV1ZYU3EzbGgvVFNMM0pqZU0wS1JHaWlMa2loSG5rMHd1RVhNb2FKcHlOcGJoTkpVQUpud083cmVNS28yRzlxLzNXNjBmUys5RFRrMkNIdHNuZkxrdkQ1cmo1RmpwN1RSVVJ1SzQ3dU5IRmpLSldFMHl3OTAzYlBSTWYwdXdhMTFvd1poZ0lyMXo0cUxwd0hBeGMzT1RheVU3YUpSR2FGajM3QW4wM0xBTGlxR21IalR3dm1VRDQ2L1JJUT18&cppv=2
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
514595
content-length
0
expires
0
rid
match.adsrvr.org/track/
108 B
699 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
c95f9e6a774d5a686f2812dfde38f7f8cb45b8d7fc838ed18c0f830a62343692

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 22 Feb 2023 15:22:19 GMT
index.html
cdn.districtm.io/ids/ Frame 2D15
116 B
433 B
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-71.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
25935
content-length
116
content-type
text/html
date
Mon, 23 Jan 2023 08:10:05 GMT
etag
"517f2062d883c0ee35479a2da0c50b8c"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
AmazonS3
via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
x-amz-cf-id
pUzIy9PX2J35pgzRSBoNQ2Nm89O3A96rD-CAoK9TV6I0U6HiWtBCCQ==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame B128
36 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
034d545606c0258b419e148b7a316ca02190004a3673770f807cb3e2611b990a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11786
content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Wed, 25 Jan 2023 15:22:19 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame B22B
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 15:22:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4276
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1674487335917
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
18ed7b4135e610fc8446a1b9adcaf32364ea2127f400292af3562991ff20753a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1414
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pd
us-u.openx.net/w/1.0/ Frame 561B
762 B
462 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3eadeca0f9cb06fea26e8c8f98e9fe7f2689921df0c12a9e823f6befe1d553ae

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
443
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame AB84
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 23 Jan 2023 15:22:19 GMT
ETag
"623de86a-cf34"
Expires
Tue, 24 Jan 2023 15:22:21 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 7AFF
8 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-3.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
33411
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 23 Jan 2023 06:05:29 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 05b3bdb53d1146d1176c185d2da0d530.cloudfront.net (CloudFront)
x-amz-cf-id
kaI0X2Ky51tVgL57IPfQPdCSI_D3VdmzoThNeT5VNW4Un-0v0j9ZXA==
x-amz-cf-pop
JFK50-P6
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48EE
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1664558804419.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50378
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Tue, 24 Jan 2023 05:21:57 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=2f23c37f-e745-416e-ab61-c7085374172e
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
0
138 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D2f23c37f-e745-416e-ab61-c7085374172e&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3...
  • https://prebid.a-mo.net/cchain/0/2133?gdpr=0&gdpr_consent=&us_privacy=1---&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=index_rtb&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14Jn...
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab61-c7085...
  • https://prebid.a-mo.net/cchain/1/2133?gdpr=0&gdpr_consent=&us_privacy=1---&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=adform&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZ...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab6...
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%253D%26uid%3D%24UID
Protocol
HTTP/1.1
Server
69.175.41.44 Brunswick, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 23 Jan 2023 15:22:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F2133%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0yZjIzYzM3Zi1lNzQ1LTQxNmUtYWI2MS1jNzA4NTM3NDE3MmU%253D%26uid%3D%24UID
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10598095826957948035&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ec218740-9b51-4fc4-80b0-fd499abe1b88&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10598095826957948035&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213920604405008989220&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598095826957948035&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&us_privacy=
0
118 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 23 Jan 2023 15:22:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LD8YIXD5-R-H02B&gdpr=0&us_privacy=1---
0
126 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LD8YIXD5-R-H02B&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LD8YIXD5-R-H02B&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbuDqmdycjBz9%2F8MrjttbuWkZUkrJ4dsxWS%2Fzasp3%2FU5xqKgCSySp%2BUj92f22a00cpANJjxqPJi6efw7wEIHmI6319Ix2thhF5f2EU3p8HQNwGKLB19pgbWJN54hcr1Cpr42flugqU3aeCOxkdWp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862d7c3ec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
sid
mug.criteo.com/ Frame C150
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thehackernews.com&sn=ChromeSyncframe&so=0&topUrl=thehackernews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=M_RI3nxnZzRCWmx5NW01bUlYQkNSS1dpRyt2WkNlSEYrNWR1WUlJZzFQTFBWMDV1R2x2YkZqSHk3UVE5ZE5SLzNjQ1I0ZWJsNlNkZHo5ZFZtcWNNcDNMbFZURzVOUDZMa2hFR0tUOVRkVGJpSG45T09sSS8zZmhiaFdXQW...
454 B
676 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=M_RI3nxnZzRCWmx5NW01bUlYQkNSS1dpRyt2WkNlSEYrNWR1WUlJZzFQTFBWMDV1R2x2YkZqSHk3UVE5ZE5SLzNjQ1I0ZWJsNlNkZHo5ZFZtcWNNcDNMbFZURzVOUDZMa2hFR0tUOVRkVGJpSG45T09sSS8zZmhiaFdXQW9SazFYL0ZwM1F3VGZWdG0yUVhwMUI3RjVGVitzekdxSUs5V2t2dEw4VlRvY1dFUDgzYUxxaVZZWGl0V21Yd3o2bXlUS0FXZ3BXbHRDaU5ya1NnOFl6OW4zU3FiSHlNWmQya2ZhelRXampKQVB3eU00ZzdrM2o4VzVCTXlzcWttOTh5bEdHcFowSE4vNllOcHQ0RnNTRFh4SkVPNTdtZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4f6bbbc12e5d8fa388addd24ab934870fd8ffc9a6241f206ffaf03e45fbcad5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2152937
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=M_RI3nxnZzRCWmx5NW01bUlYQkNSS1dpRyt2WkNlSEYrNWR1WUlJZzFQTFBWMDV1R2x2YkZqSHk3UVE5ZE5SLzNjQ1I0ZWJsNlNkZHo5ZFZtcWNNcDNMbFZURzVOUDZMa2hFR0tUOVRkVGJpSG45T09sSS8zZmhiaFdXQW9SazFYL0ZwM1F3VGZWdG0yUVhwMUI3RjVGVitzekdxSUs5V2t2dEw4VlRvY1dFUDgzYUxxaVZZWGl0V21Yd3o2bXlUS0FXZ3BXbHRDaU5ya1NnOFl6OW4zU3FiSHlNWmQya2ZhelRXampKQVB3eU00ZzdrM2o4VzVCTXlzcWttOTh5bEdHcFowSE4vNllOcHQ0RnNTRFh4SkVPNTdtZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
388300
content-length
0
expires
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7%2BU9hG33wfmtUus9mX2jgJRlj7osSJ8rU%2BuMjf3RxH5UYv2%2F2CC6bqNnhC7L077VQIbNFg33ikxqf7ckwMeK5jzfZdEAc85bEQKAdPnKZE8AUnAAXANmMNNS4MJD735HkxDMFt%2FJUaK1ThHEJNg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862dac72c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
sd
us-u.openx.net/w/1.0/ Frame 561B
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=1cfc043b-c832-425f-8000-cd58876e14e2&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y86mKQElmgIw2Q7XHrSOPRzp
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y86mKQElmgIw2Q7XHrSOPRzp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:19 GMT
server
Aorta/20230117.cba244d5e
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y86mKQElmgIw2Q7XHrSOPRzp
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
a4df2aee7079
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 561B
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3CS64jPOxz8Q4RqusEUgaQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0dp1um665bcrqeqprltuvfr21e6ml06o

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 561B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=f14363ce-a62b-4b00-8384-262673057fcf
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=f14363ce-a62b-4b00-8384-262673057fcf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
MT3 357 2feb0b5 master iad-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=f14363ce-a62b-4b00-8384-262673057fcf
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 15:22:18 GMT
sd
us-u.openx.net/w/1.0/ Frame 561B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=1b20469e-74a0-4047-8826-1c3df17e1cb2
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1b20469e-74a0-4047-8826-1c3df17e1cb2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=1b20469e-74a0-4047-8826-1c3df17e1cb2
Date
Mon, 23 Jan 2023 15:22:19 GMT
Connection
keep-alive
X-CI-RTID
de7f112f-ac17-4ba3-b6b1-8a0e3de0acc1
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 561B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 561B
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=050c4322-c14f-4396-bc74-cecf50d0dbdf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=43a9730a-6c22-4066-b849-41c7558b6858&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
onetag-sys.com/match/ Frame 4276
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=bf2863ce-a62b-4d00-adc7-ff74e18bd83a&gdpr=1&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=bf2863ce-a62b-4d00-adc7-ff74e18bd83a&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
MT3 357 2feb0b5 master iad-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=bf2863ce-a62b-4d00-adc7-ff74e18bd83a&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 15:22:18 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4276
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 4276
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
990a7f48-f4c3-47f5-a5e0-5cb9385fd04a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4276
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=zlB4GUZJXm8aZwV9rqRvJiB5uCR19cRkKI9jgzI42l4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4276
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85GNvMpmtFBnKaEt34R335PZIZQJWEqw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85GNvMpmtFBnKaEt34R335PZIZQJWEqw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85GNvMpmtFBnKaEt34R335PZIZQJWEqw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 4276
0
75 B
Image
General
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4276
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EP904PJP5742A1J26WJX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 4276
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
content-length
0
/
onetag-sys.com/match/ Frame 4276
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECiC8xhGGnfIfo8z-7UlX6M&google_cver=1
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECiC8xhGGnfIfo8z-7UlX6M&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECiC8xhGGnfIfo8z-7UlX6M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 4276
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 4276
0
15 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 4276
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 4276
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1674487335917
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utEAyn1tJkAfZvFn%2BfEqHT9XmhmuVZYe8wfeFXwpTUdx%2BXopW8qL9Pg7QCr%2FaY8cP1zGb3nw2B05gWr7189%2FY%2BLyriCrz4b0o9%2BwZDTwnnfoF6m1K7ZDg0Q0jx4bABecyPdxxClV5Z7NFc9Cp%2FAX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862e1cdbc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 48EE
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23693292&p=158261&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
933661873e97ba7e6d84e4d33f369058a5f15e02609d75d76b530c7926b1e91e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkkvAsMwls7LfI6imUWsJ1u6kxjKfS2BF9dEyhAjzsWKtbS47%2FTXFboROVFl%2FqugdLgTKy4MNpwKm%2Fs5kArnCgCTmuOaqVYICddSWeUNX29yogEtq6gYt1tNCZzi2fp1RiLLAyv3r0h0apCavgGj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862e4d23c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
usync.js
eus.rubiconproject.com/ Frame B22B
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e560d81546bfb41e496160db8dfd4a4ee38a057b4723acb9f6fc8bdca956a784

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 00:22:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32397
Connection
keep-alive
Content-Length
10037
Expires
Tue, 24 Jan 2023 00:22:16 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 2D15
3 KB
4 KB
Script
General
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-71.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:05:51 GMT
via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C4
age
33389
etag
"74ede07ef946dc2316f86b2661cf2dd3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3302
x-amz-cf-id
nvO1BfptEcp76XUh-yepdsEsZTVuJGrGUXODB5w4rCfA6Gl5CX2Iow==
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiSuX0sPXp3Hab4uhY6sNIuhlVqmmTATlFcmeXdiuV%2BoreDEcrygunGwkbwHoXi0FCSuMVO8Wzo5%2Bo72vmvUw0noLhZCgd%2Bk6WUBWA4HbF4C2E7HFCuHc6xtfiDtacMM%2Bl5qrdWO9f5JSpIb0Naz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862e9d97c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
sync
gum.criteo.com/ Frame B128
88 B
328 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
16b364cf82d901236d41153e75796be875571b655a07c3732be930ec01b43bc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1915028
expires
60
usync.html
eus.rubiconproject.com/ Frame 6880
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 15:22:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 23 Jan 2023 15:22:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 1282
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Drkt%26refUrl%3D%26vid%3D448733936231748893664194080...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=rkt&refUrl=&vid=44873393623174889366419408000V10&ovsid=851333241415277361
219 B
650 B
Document
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=rkt&refUrl=&vid=44873393623174889366419408000V10&ovsid=851333241415277361
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 23 Jan 2023 15:22:19 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=rkt&refUrl=&vid=44873393623174889366419408000V10&ovsid=851333241415277361
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 51C8
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50378
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Tue, 24 Jan 2023 05:21:57 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dapx%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=apx&refUrl=&vid=44873393623174889366419408000V10&ovsid=6733065173710718434
45 B
452 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=apx&refUrl=&vid=44873393623174889366419408000V10&ovsid=6733065173710718434
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4d0d69e7-611e-41b1-a79d-0b36ddfb59a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=apx&refUrl=&vid=44873393623174889366419408000V10&ovsid=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame B128
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3174889366419408...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=opx&refUrl=&vid=44873393623174889366419408000V10&ovsid=cb5e5941-3148-44f1-95da-2877d1b3880f
219 B
219 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=opx&refUrl=&vid=44873393623174889366419408000V10&ovsid=cb5e5941-3148-44f1-95da-2877d1b3880f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

date
Mon, 23 Jan 2023 15:22:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3174889366419408000V10&type=opx&refUrl=&vid=44873393623174889366419408000V10&ovsid=cb5e5941-3148-44f1-95da-2877d1b3880f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dmma%26refUrl%3D%26vid%3D448733936231748893664194...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=mma&refUrl=&vid=44873393623174889366419408000V10&ovsid=f14363ce-a62b-4b00-8384-262673057fcf
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=mma&refUrl=&vid=44873393623174889366419408000V10&ovsid=f14363ce-a62b-4b00-8384-262673057fcf
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
MT3 357 2feb0b5 master iad-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=mma&refUrl=&vid=44873393623174889366419408000V10&ovsid=f14363ce-a62b-4b00-8384-262673057fcf
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 15:22:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B128
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dr1%26refUrl%3D%26vid%3D44873393623174889366...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005&rndcb=5741704055
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&google_hm=NWY3ZmY2YTEtYzFkOS00NjE3LWE5YjEtZDY2ZTAxY2Jm...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFopXyrkIor6MJhZ8hCInHU&google_cver=1&ssp=adconductor&bsw_param=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
  • https://sync.1rx.io/usersync/bidswitch/5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
42 B
255 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
Tengine
ETag
RXbeb24e83254d490da5d5fb76ab96f7e0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Content-Type
text/html
Connection
keep-alive
cksync
cs.media.net/ Frame B128
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE3NDg4OTM2NjQxOTQwODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOF0ZAomU418VTX88aut1mU&google_cver=1
45 B
610 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOF0ZAomU418VTX88aut1mU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOF0ZAomU418VTX88aut1mU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Ddxu%26refUrl%3D%26vid%3D44873393623174889366419...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Ddxu%26refUrl%3D%26vid%3D44873393623174889...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=dxu&refUrl=&vid=44873393623174889366419408000V10&ovsid=688nsmJw1PjYEj5
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=dxu&refUrl=&vid=44873393623174889366419408000V10&ovsid=688nsmJw1PjYEj5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:20 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0bc96928789c6d1ea@us-west-2a@dxedge-app-us-west-2-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=dxu&refUrl=&vid=44873393623174889366419408000V10&ovsid=688nsmJw1PjYEj5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e094fbfc-98bf-447b-9823-36915e8ebe8d
45 B
616 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e094fbfc-98bf-447b-9823-36915e8ebe8d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e094fbfc-98bf-447b-9823-36915e8ebe8d
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1216542
content-length
0
expires
Mon, 23 Jan 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10598095826957948035&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ec218740-9b51-4fc4-80b0-fd499abe1b88&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10598095826957948035&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=215000604405008989504&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598095826957948035&ssp=medianet&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:20 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dzem%26refUrl%3D%26vid%3D44873393623174889366419408...
  • https://stags.bluekai.com/site/23178?id=5Afr29_qdWuWh6KASYx3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJVIFTHEMRZL5YWIV3VK5UDMS2BKNMXQ...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=5Afr29_qdWuWh6KASYx3&refUrl=&type=zem&vid=44873393623174889366419408000V10&vsid=3174889366419408000V10
45 B
455 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=5Afr29_qdWuWh6KASYx3&refUrl=&type=zem&vid=44873393623174889366419408000V10&vsid=3174889366419408000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=5Afr29_qdWuWh6KASYx3&refUrl=&type=zem&vid=44873393623174889366419408000V10&vsid=3174889366419408000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame B128
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3174889366419408000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=70bc7c92-7e4a-4877-be0e-b545f77053dc&cs=1
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=70bc7c92-7e4a-4877-be0e-b545f77053dc&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=70bc7c92-7e4a-4877-be0e-b545f77053dc&cs=1
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame B128
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
45 B
621 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 23 Jan 2023 15:22:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
dcm
s.amazon-adsystem.com/ Frame B38B
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=23E78CAF-EA8D-4216-AA92-89883064497A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZSZS1M739HNB6GCT96SP
cs
cs.minutemedia-prebid.com/ Frame EE60
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGZUNVN0huVXdBQUI5ZmF1SXY4UQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFeCU7HnUwAAB9fauIv8Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeCU7HnUwAAB9fauIv8Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8681080202229734004&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFeCU7HnUwAAB9fauIv8Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8681080202229734004%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8681080202229734004&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAFeCU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFeCU7HnUwAAB9fauIv8Q&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1012%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%...
  • https://prebid.a-mo.net/cchain/1/1012?gdpr=&gdpr_consent=&us_privacy=&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9...
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
0
280 B
Document
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 23 Jan 2023 15:22:20 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
server
envoy
x-envoy-upstream-service-time
3
Pug
simage2.pubmatic.com/AdServer/ Frame C429
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
42 B
405 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:19 GMT
Expires
Mon, 23 Jan 2023 15:22:18 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master iad-pixel-x14 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 0412
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:18 GMT
expires
Mon, 23 Jan 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
684766
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame F4BB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7
42 B
420 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame C2F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6733065173710718434&gdpr=0&gdpr_consent=
42 B
218 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6733065173710718434&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
4792f706-f825-4b79-8ed3-6a32df37a6e4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Jan 2023 15:22:19 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6733065173710718434&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Artemis
aud.pubmatic.com/AdServer/ Frame 48EE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=23E78CAF-EA8D-4216-AA92-89883064497A&addseg=10,33,39
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=23E78CAF-EA8D-4216-AA92-89883064497A&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Mon, 23 Jan 2023 15:22:19 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=23E78CAF-EA8D-4216-AA92-89883064497A&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 48EE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=23E78CAF-EA8D-4216-AA92-89883064497A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=23E78CAF-EA8D-4216-AA92-89883064497A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=23E78CAF-EA8D-4216-AA92-89883064497A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Frontend-ID
11
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=23E78CAF-EA8D-4216-AA92-89883064497A&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 48EE
43 B
657 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-83.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
XkVLA6Mc-OB96njpkShirx3awWOoBTQgAu1qBuyV3AgysMzX7641HQ==
expires
0
/
io.narrative.io/ Frame 48EE
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:23E78CAF-EA8D-4216-AA92-89883064497A
  • https://io.narrative.io/?io.narrative.guid.v2=ba17fb30-9b31-11ed-b2a4-02b03d742aa1&companyId=673&id=pubmatic_id:23E78CAF-EA8D-4216-AA92-89883064497A
0
247 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=ba17fb30-9b31-11ed-b2a4-02b03d742aa1&companyId=673&id=pubmatic_id:23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
HTTP/1.1
Server
3.222.96.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-96-203.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Cache-Control
no-cache
Server
nginx/1.22.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=ba17fb30-9b31-11ed-b2a4-02b03d742aa1&companyId=673&id=pubmatic_id:23E78CAF-EA8D-4216-AA92-89883064497A
Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
nginx/1.22.0
Connection
keep-alive
Content-Length
0
23E78CAF-EA8D-4216-AA92-89883064497A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 48EE
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/23E78CAF-EA8D-4216-AA92-89883064497A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:cf76:255b:115b:e80f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 48EE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=23E78CAF-EA8D-4216-AA92-89883064497A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zO1B_5pE2uWiDxMEy1CgoaIh2nvD3u0-~A&gdpr=0
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zO1B_5pE2uWiDxMEy1CgoaIh2nvD3u0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zO1B_5pE2uWiDxMEy1CgoaIh2nvD3u0-~A&gdpr=0
date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 48EE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739&nuid=23E78CAF-EA8D-4216-AA92-89883064497A&...
42 B
268 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739&nuid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573739&nuid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 48EE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1b20469e-74a0-4047-8826-1c3df17e1cb2&gdpr=0&gdpr_consent=
1 B
235 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1b20469e-74a0-4047-8826-1c3df17e1cb2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=1b20469e-74a0-4047-8826-1c3df17e1cb2&gdpr=0&gdpr_consent=
Date
Mon, 23 Jan 2023 15:22:19 GMT
Connection
keep-alive
X-CI-RTID
525c7d80-63e0-403d-a6c7-7ff9988ce04e
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 48EE
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.185.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-185-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 48EE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dpubmatic%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=pubmatic&user_id=k-T4j7cCiBaMAfDC5YT25ggUsITnMO2ZGtj4Rt9A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
245 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 23 Jan 2023 15:22:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame AB84
0
857 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
AN-X-Request-Uuid
8d30052c-7af2-4b08-be13-83cd719cb79c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvamCoPbZBB1XEyut1Ogses8Oy1Zk%2BQpKoHbGPxwvUHDg0XuNKPABkqSa1kuKLccIUIHQRpfN6hIm7scfj52uGbqYvd0wQoQ7Bkpo74wuNlszM%2BbNcK5oYnr5w6Y%2B1boRBWGOeZ9Z8R5f%2BJh51KL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862f6e3fc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlEmC6NfPuHit9RAO33LTPxhAAe3BkMmlQXYkZF81Y%2FCmpQl%2BLh%2F0W2nSu%2FVMUheRA%2B76j7y%2FJg8cwagphbapqW2Xmrp9sz4Y8%2F2%2FLWhLYfVQhb3ozD39LN71pSC35VUmcWusOajgJEM3XM67bKD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1862f7e58c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
buyers
dmx.districtm.io/s/v1/ Frame 2D15
0
0

PugMaster
image6.pubmatic.com/AdServer/ Frame 51C8
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96545013&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ee33e52552e8d9ceb5f07b96dd439235eaf0c656df607992f48b0b27429a09da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QESFWOZZR%2BIAqEvh4WuXLVxzWXZGK%2BVe1Dfj%2BHcr2iVG0ppvOdNQGViD1g2VatbWucrp7Gsgolw%2FcphwjvZLnmAUEecJ7qY%2FPxAZIpW3Jbs90ZjtPy2XOZUHg6XOSLzpnV%2BEqNDwGQNMt30rndam"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186302ee9c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnTeWMC5yr51aHjrLZWBq3CKmLSOL1NHbvnFTQtOHzfI2oHz27GkCTgeOB7rxGyR6%2BsZwVi%2Fl2BK%2BF0XHSt17v4GCMkSc1JV1%2BaD20Tux2NOv%2BHOZOfHMHxQK%2BQrayq%2BmNSAEJn4SMCYwKbIgX8g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186302eeac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=jmREzHxLdUQvbWozSkQ1VCtMcGFmNExHZW4vOWJnTWpGM3hTREZGMTc2bitzTkU5TkxuVTRMNkt1SE1OVlQ4bStXNXU3ajM2ZFJUZXdQcEEzb2NpTzlXRlpYRmRlTVJadDV4WmFmQTAzbDBobnpTWW42cnpRV1ZYU3EzbGgvVFNMM0pqZU0wS1JHaWlMa2loSG5rMHd1RVhNb2FKcHlOcGJoTkpVQUpud083cmVNS28yRzlxLzNXNjBmUys5RFRrMkNIdHNuZkxrdkQ1cmo1RmpwN1RSVVJ1SzQ3dU5IRmpLSldFMHl3OTAzYlBSTWYwdXdhMTFvd1poZ0lyMXo0cUxwd0hBeGMzT1RheVU3YUpSR2FGajM3QW4wM0xBTGlxR21IalR3dm1VRDQ2L1JJUT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
564301
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
log
c21lg-d.media.net/ Frame B128
35 B
296 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=oyknI2cK4VNs4xMXyX-L8lfmGpev5SCx&cs=15&vsid=3174889366419408000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 23 Jan 2023 15:22:19 GMT
tap.php
pixel.rubiconproject.com/ Frame B22B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIFikI7dJAa09CHKxkxaPCU&google_cver=1
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIFikI7dJAa09CHKxkxaPCU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIFikI7dJAa09CHKxkxaPCU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame B22B
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T627V836R2YTD9ENN6TV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B22B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGEwZTVhMTZmODMzZTcxMTBjMDFkYTJkMjg2MjlmN2I5MTcwMmQ5Mg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGEwZTVhMTZmODMzZTcxMTBjMDFkYTJkMjg2MjlmN2I5MTcwMmQ5Mg
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGEwZTVhMTZmODMzZTcxMTBjMDFkYTJkMjg2MjlmN2I5MTcwMmQ5Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame B22B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD8YIXD5-R-H02B
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD8YIXD5-R-H02B
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D0B3619588974EF6964531B87B582A74 Ref B: CHGEDGE0912 Ref C: 2023-01-23T15:22:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXy7/cSioqiWQgiA56lqQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD8YIXD5-R-H02B
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B22B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tjKAxn9MwGRV1mDMOG_Arg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MIIftilE2oJ53oiIg2WnJRXOvWHiZaOzsb4ozw--~A
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MIIftilE2oJ53oiIg2WnJRXOvWHiZaOzsb4ozw--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MIIftilE2oJ53oiIg2WnJRXOvWHiZaOzsb4ozw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame B22B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=&expires=30
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame B22B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4WUlYRDUtUi1IMDJC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B22B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=43j5-a_HTTmmKldJSz95rg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=43j5-a_HTTmmKldJSz95rg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=43j5-a_HTTmmKldJSz95rg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3KQSYPF9Q3QJ8X1ASDQF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=43j5-a_HTTmmKldJSz95rg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
image2.pubmatic.com/AdServer/ Frame 58AD
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2f962032988a4842baa98
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2f962032988a4842baa98
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Mon, 23 Jan 2023 15:22:18 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_2f962032988a4842baa98
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 6DA5
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba37cc44-9b31-11ed-9559-2c64530b0a35
42 B
447 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba37cc44-9b31-11ed-9559-2c64530b0a35
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ba37cc44-9b31-11ed-9559-2c64530b0a35
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-4
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 4C4B
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0fd454b4-cc14-4f60-8c3c-438bb2bf5352&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23E78CAF-EA8D-4216-AA92-89883064497A
42 B
491 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-62-93.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 23 Jan 2023 15:22:19 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=23E78CAF-EA8D-4216-AA92-89883064497A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 96D3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FS9LiMPt1PjYEj5&gdpr=0&gdpr_consent=
42 B
239 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FS9LiMPt1PjYEj5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 23 Jan 2023 15:22:19 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FS9LiMPt1PjYEj5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0bc96928789c6d1ea@us-west-2a@dxedge-app-us-west-2-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3918
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=735127523027
42 B
208 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=735127523027
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=735127523027
i.match
s.tribalfusion.com/z/ Frame AF1A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
78e18631fcc02c07-ORD
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
78e186315bfd2c07-ORD
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1863
Pug
simage2.pubmatic.com/AdServer/ Frame 7FA2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GZRzl4UwQCNEuHuzO6M4yKdYB6I
42 B
303 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GZRzl4UwQCNEuHuzO6M4yKdYB6I
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Jan 2023 15:22:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GZRzl4UwQCNEuHuzO6M4yKdYB6I
Pug
simage2.pubmatic.com/AdServer/ Frame 229E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BAO_P5htM
42 B
206 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BAO_P5htM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BAO_P5htM
vary
Origin
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 9E6D
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
sync
ads.servenobid.com/ Frame 16EF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005&rndcb=8382039606
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadconductor%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=adconductor&user_id=
  • https://sync.1rx.io/usersync/bidswitch/5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
  • https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
0
361 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 23 Jan 2023 15:22:23 GMT

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 23 Jan 2023 15:22:20 GMT
ETag
RXbeb24e83254d490da5d5fb76ab96f7e0005
Location
https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
/
onetag-sys.com/match/ Frame E6EC
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=7qqgB5qHCJ-x2aqaLKbOYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
0
291 B
Document
General
Full URL
https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame 3ACC
43 B
312 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 23 Jan 2023 15:22:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 07D5
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 23 Jan 2023 15:22:19 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame C949
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e9742f81-43dd-4213-8350-fc1f2346c4fd
1 B
72 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e9742f81-43dd-4213-8350-fc1f2346c4fd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=e9742f81-43dd-4213-8350-fc1f2346c4fd
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame CD4F
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-e5862b114d5c@version_1.533v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame E0C1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Sun, 22 Jan 2023 15:22:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCDE7643AF4548A79DEE48D8B397BDF1&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame B230
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7277737392085258416&uid=Q727773739208525...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7277737392085258416
42 B
220 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7277737392085258416
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=60884
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 23 Jan 2023 15:22:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7277737392085258416
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
cksync.php
contextual.media.net/ Frame 9467
45 B
467 B
Document
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3174889366419408000V10&type=pba&refUrl=&vid=44873393623174889366419408000V10&ovsid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Mon, 23 Jan 2023 15:22:19 GMT
expires
Mon, 23 Jan 2023 15:22:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
qmap
sync.crwdcntrl.net/ Frame 51C8
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.250.6 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-250-6.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.169
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 51C8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=23E78CAF-EA8D-4216-AA92-89883064497A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%2C%2C
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&ttd_puid=ec218740-9b51-4fc4-80b0-fd499abe1b88%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
sync
x.bidswitch.net/ Frame 51C8
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=23E78CAF-EA8D-4216-AA92-89883064497A
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=ed71f341-d7c1-4fba-8c92-153a64ac3d60&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=e1fe7722b1e75b1e96d88d014e9a3063
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Mon, 23 Jan 2023 15:22:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
/
bpi.rtactivate.com/tag/ Frame 51C8
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=23E78CAF-EA8D-4216-AA92-89883064497A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.134.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-134-189.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 51C8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
42 B
388 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:18 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 51C8
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_FCF2C310_6B820E01&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
4.78.226.233 Paradise, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-357474140; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:19 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-357474140; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 51C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1163824315312156669
42 B
218 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1163824315312156669
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1163824315312156669
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 51C8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6733065173710718434
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6733065173710718434
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 23 Jan 2023 15:22:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb1b5f2a-bb0b-4b32-b7f4-aac66ab2e5fb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 51C8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c2d2e1aa-92b2-4f61-93df-caf63b5593f2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
date
Mon, 23 Jan 2023 15:22:18 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj1eIGyCk8mUY99hAEEwClvzyl5Sdyah2p4Z4vS%2FkKrP%2BkznQ1ZJA4dtxM%2BU4RYaiNtBmdrI7dyZUBLk9Vek%2BDdKAIf%2Fv%2BXeUnB9xsXgSMLw7rntkM7i26kK0NxH%2BimtF3366ntVyE%2FTVP9EEycf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186313feac514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9u0s0rEOyssEyOuCbfVivkP00AB2Ap90OzLukU%2FmA4PX8fixEvYgFRsgg7S3DZdpnbFs8u245AR6jktDy4AzbAEViLhtsDsmxUeAusvADKvZaFN3mtgZtn%2B38T0AK64XB2C5RQWnnPVMjmAXMvu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186313febc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
usync.js
eus.rubiconproject.com/ Frame 6880
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e560d81546bfb41e496160db8dfd4a4ee38a057b4723acb9f6fc8bdca956a784

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 00:22:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32397
Connection
keep-alive
Content-Length
10037
Expires
Tue, 24 Jan 2023 00:22:16 GMT
cksync.php
contextual.media.net/ Frame 6880
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LD8YIXD5-R-H02B
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LD8YIXD5-R-H02B
45 B
451 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LD8YIXD5-R-H02B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
184.29.128.24 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 15:22:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 23 Jan 2023 15:22:20 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LD8YIXD5-R-H02B
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11132
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBa3%2FeUce2NilSbyI2R%2BGvYp%2FrWUIPGN0dpxFR7k%2Bmv9OFhGwEa%2BUSa6ohg2KA5QexYpcWlHpd1ZN9KOoqg0mFIx9uO1mdyXlOt6WnqNmTpUeg3sko%2FOxg2%2BdKKfQGUMkFtYLiJPunKUsmVPXlHc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863208b1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11069
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQXyIl2Q8wUNUUtdiDRDSd5b0lJzNDcyZroKFYdd65YFu0fhVgnyBjn9Lpq9lL9RA01K%2FEH1z8GKxKOjunlOfCsQcXbwtCfBjdDG7M6xmz%2B6%2FASGgG%2FyAAS2OJApi7ZP2mdpEBQWKgAe7URDZOkH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863218bac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
13926
g2.gumgum.com/usync/ Frame B8FE
5 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.201.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-201-215.compute-1.amazonaws.com
Software
nginx /
Resource Hash
11fded7bfe8683cd37b21b414a99ed8a162b43b5d1835a7e9103ad5ee7fe4f49

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 23 Jan 2023 15:22:20 GMT
etag
W/"0924b0109f3711c221a96039357119089"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 326C
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
758f5e37a6db5fa794e14bfaef8f2de08b3c4a0023cb9b161fe452207b6f85fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1329
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8A43
768 B
870 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
d80faa165cf77d1356729dcbd0ee6def0e53bc5f32178f2fa84b935c98a12bd8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
768
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 72B6
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb23fa1e11e3ec7fa91bde8d3cce6b5c58752fe70293fa75ef6e6a40cd806850

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78e186337aff22f4-ORD
content-encoding
br
content-type
text/html
date
Mon, 23 Jan 2023 15:22:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjgyYfijNpVQN63HuFzKyToBFBrZaglYm5kxRRgaMSsIoNjcOWwtSd6IdFPpwqQotljWOVXcXsk7LarGRmIDRFk%2BKOb2APbYhWmzqxK4h894gWEs2WnCl3fQNETBL8yFx3jPh05yj0etWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CF75
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 15:22:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6A19
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50377
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 23 Jan 2023 15:22:20 GMT
expires
Tue, 24 Jan 2023 05:21:57 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame BD92
4 KB
5 KB
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:9800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
65e2dd4a3f9868206c1121e53fffa3e821f558d861febdbb8e7e07d87471ffd8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Mon, 23 Jan 2023 15:22:20 GMT
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-amz-cf-id
MwBHWKruIa_8_FV3h8KPYNr1hGxGqb9GxbE9TVcLR1UjCS6IYhAMmQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6733065173710718434
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6733065173710718434
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5a0f90dd-63ae-43a0-b813-570bbcdb5458
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ord1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=GCPaUBZHlJi9exKKRLGQ2_G6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.26%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5760239520
  • https://sync.1rx.io/usersync3/centro/2069.26/d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553?zcc=0&sspret=1&rndcb=5760239520
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
  • https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
0
362 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Tengine
ETag
RXbeb24e83254d490da5d5fb76ab96f7e0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.servenobid.com/sync?pid=321&uid=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Content-Type
text/html
Connection
keep-alive
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=851333241415277361
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=851333241415277361
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=851333241415277361
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=332&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-136
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
getuid
eb2.3lift.com/ Frame 7AFF
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3446%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dtriplelif...
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3446%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3446%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame 7AFF
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpTa...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F5035%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%26bidder%3Dappnexus%26cbx%3DaHR0...
  • https://prebid.a-mo.net/cchain/4/5035?gdpr=&gdpr_consent=&us_privacy=&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpWW1a...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iYmZjOTIwNi05NWRmLTMzM...
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26bu...
0
0

sync
ads.servenobid.com/ Frame 7AFF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP4JNH4dFFhH1mkmiL2RoYKgB7j8ZIvXw8Jn0vjB8nhaCP00O913yi%2F57Xjf%2FyN0aIt3XriKMvAw%2B1TqKZOa26Clqukpmx%2FG1Cxh4xuXhVWSdN3NZ9yoJy2kbkA1f12Fbh3PO%2FroNx3vutvHrDqI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863369d3c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfaAH%2B8knmVDPJRoJ%2FLSwycLU%2BhFDiV9DxS7BkJY2PIe2s5iTLUFYElPzf1R8V1J3O1r4Fz%2FNUFFYoS34%2BFlJkiKSFgg9MIV1FBRxWWM7XU3qVfxSrppCN9HQSezowdqPSrLh7GQZyig%2Fa4NASPH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863379ddc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
pixel
cm.g.doubleclick.net/ Frame 326C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd84_MdzQwYtWaGH5Yk3vBLmozXxieOv-w
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd84_MdzQwYtWaGH5Yk3vBLmozXxieOv-w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd84_MdzQwYtWaGH5Yk3vBLmozXxieOv-w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
MT3 357 2feb0b5 master iad-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 15:22:19 GMT
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LD8YIXD5-R-H02B&gdpr=0
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LD8YIXD5-R-H02B&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LD8YIXD5-R-H02B&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6733065173710718434
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6733065173710718434
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d1d9e288-a2c5-4785-9f3f-3be876b5a47b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 326C
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=8681080202229734004
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=107&uid=8681080202229734004
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=8681080202229734004
date
Mon, 23 Jan 2023 15:22:19 GMT
content-length
0
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=23E78CAF-EA8D-4216-AA92-89883064497A
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame 326C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=onetag&user_id=P83sXq5qLii8eMjsU7jo0
  • https://onetag-sys.com/match/?int_id=30&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=&us_privacy=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=30&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 326C
0
365 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=318&uid=XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 72B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&expiration=1677079340&gdpr=0&gdpr_consent=
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&expiration=1677079340&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&expiration=1677079340&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 72B6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y86mKFrdnGmrRqZjg9GGuAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDHmzgagCuTPHTYcl-eE7x4&google_cver=1
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDHmzgagCuTPHTYcl-eE7x4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDHmzgagCuTPHTYcl-eE7x4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 72B6
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VT00Q2Z52HBXYQRBJQKS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 72B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_cver=1
43 B
752 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6NuH1xeOyZ2%2BQeQao98oMpLP1uP9SNf6OsFj0jDVeqMc62PN7AufuGXa7PKJAYpU%2Ba5hQ%2FhafM2OvaZ9VTKu7BaHyZY1hf3OYvTJmr0Fovx5XyfBI8riD7G65JSL3Nxf1%2BSoeklyMZy%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78e18635accd8117-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMVbvEGsMITr0afhuczdqjg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 72B6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iG4IHN9rWU6Tal1OhmRGQI5uXUqTZVhJjW7srEgq
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iG4IHN9rWU6Tal1OhmRGQI5uXUqTZVhJjW7srEgq
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iG4IHN9rWU6Tal1OhmRGQI5uXUqTZVhJjW7srEgq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 72B6
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.185.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-185-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
crum
dsum.casalemedia.com/ Frame 72B6
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6ffdf29f-22dc-f0e3-d943f179
43 B
780 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6ffdf29f-22dc-f0e3-d943f179
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo0uVVAmOsSveuhgsKPn0TcpMH5Os1WhmFRwF%2BmRX%2Fg4y7bnWAT4kl3yBCIVwKXqxa%2Bgi5y9BICeye7QLjb0Hcv1%2BbWSWc200RuIz4FWfz%2BDDYobtdkXGMktrwH8z6d6yzvV7sVB"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78e186377bfdc51c-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 23 Jan 2023 15:22:20 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6ffdf29f-22dc-f0e3-d943f179
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 72B6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3567392977657129836
43 B
631 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3567392977657129836
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3567392977657129836
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ads.servenobid.com/ Frame 72B6
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOneIpS%2B%2FFbiI7xC%2BEk1Ky2zGKAVA8rWzumiadrrOsWlx5nsNky9FprcjCYMhFO7kj%2FDVHBg1GRxGoDLqGqkxljv51wiWOXdVjDngKNVs2sGU4UNu94SuWPmZdvIRtEWX8tV90d5YfH51Gsj%2FP4W"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186344a9bc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSLIYXjbyZDCyavsZnJd5MfftdzTjBuGk7i0XV82tFBhVnHYUhb1By80cXWVF%2FrY46WIvY%2BlUkh8lJEjy0bdEuRjc80GyngXw6cEa579suCHHZgwaH%2BCcwZvuNEAPXaMi4KieuUUwMrKpJzkmBTl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186344aa0c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
usync.js
eus.rubiconproject.com/ Frame CF75
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e560d81546bfb41e496160db8dfd4a4ee38a057b4723acb9f6fc8bdca956a784

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 00:22:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32396
Connection
keep-alive
Content-Length
10037
Expires
Tue, 24 Jan 2023 00:22:16 GMT
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6733065173710718434
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6733065173710718434
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2838b3c7-affe-4140-8102-0b6bb6e5a1f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidswitch
event.clientgear.com/cookie/ Frame B8FE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
0
106 B
Image
General
Full URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
//event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-19947397-8530-4023-44b8-7bb33ba338c8$ip$167.88.7.162
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-19947397-8530-4023-44b8-7bb33ba338c8$ip$167.88.7.162
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-19947397-8530-4023-44b8-7bb33ba338c8$ip$167.88.7.162
Date
Mon, 23 Jan 2023 15:22:20 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=5Afr29_qdWuWh6KASYx3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NKBMZZDEOK7OFSFO5KXNA3EWQKTLF4DG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=5Afr29_qdWuWh6KASYx3&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=5Afr29_qdWuWh6KASYx3&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=5Afr29_qdWuWh6KASYx3&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1506%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=6695119181
  • https://sync.1rx.io/usersync3/appnexus/1506/6733065173710718434?zcc=0&sspret=1&rndcb=6695119181
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Tengine
ETag
RXbeb24e83254d490da5d5fb76ab96f7e0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Content-Type
text/html
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ocnaw3qIK5Iq&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ocnaw3qIK5Iq&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=ocnaw3qIK5Iq&ev=1&pid=558355
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1
syncPartner
sync.outbrain.com/ Frame B8FE
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28KSeY0RdU_RZOWWg11gsm11y4Yjtn4SMS1zlq9uHSyV4J6H3YCfrbnNthyOTbv30A%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&obuid=ENC(KSeY0RdU_RZOWWg11gsm11y4Yjtn4SMS1zlq9uHSyV4J6H3YCfrbnNthyOTbv30A)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
11 B
191 B
Image
General
Full URL
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
f6c96b4b5b62c1dadd244bb3ca51f82f7960034c9e3bd8dca35cb7db5a5661a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:21 GMT
X-TraceId
929b5b2ce4f458fea657e77b0f89d8c1
Content-Length
11
Content-Type
image/avif;charset=UTF-8

Redirect headers

Location
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Mon, 23 Jan 2023 15:22:21 GMT
X-TraceId
308e3fb257aac038b408c2d9538cd0af
Content-Length
0
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f44f94ae-b25d-4647-91ee-46f4ab0c1b95
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=f44f94ae-b25d-4647-91ee-46f4ab0c1b95
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 23 Jan 2023 15:22:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=f44f94ae-b25d-4647-91ee-46f4ab0c1b95
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-8ykkOzNE2pfPp3yFiN2X67OBxDiGIcwtz5Ge~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-8ykkOzNE2pfPp3yFiN2X67OBxDiGIcwtz5Ge~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-8ykkOzNE2pfPp3yFiN2X67OBxDiGIcwtz5Ge~A
content-length
0
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1b20469e-74a0-4047-8826-1c3df17e1cb2
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1b20469e-74a0-4047-8826-1c3df17e1cb2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1b20469e-74a0-4047-8826-1c3df17e1cb2
Date
Mon, 23 Jan 2023 15:22:20 GMT
Connection
keep-alive
X-CI-RTID
5cd29d02-e4bc-46bd-9a42-4ffadd02197a
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=F88BA36B265E4FFEAEB75BDBA6F0F08F
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=F88BA36B265E4FFEAEB75BDBA6F0F08F
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 23 Jan 2023 15:22:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
30221939
location
https://usersync.gumgum.com/usersync?b=snc&i=F88BA36B265E4FFEAEB75BDBA6F0F08F
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_2f962032988a4842baa98
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_2f962032988a4842baa98
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_2f962032988a4842baa98
date
Mon, 23 Jan 2023 15:22:19 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=3242660a-fc38-4046-afb7-078464cc380d
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=3242660a-fc38-4046-afb7-078464cc380d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=3242660a-fc38-4046-afb7-078464cc380d
access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame B8FE
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8681080202229734004
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8681080202229734004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8681080202229734004
date
Mon, 23 Jan 2023 15:22:19 GMT
content-length
0
sync
ads.servenobid.com/ Frame B8FE
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
0
290 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-136
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=57d67dd3-e58e-41f1-a73d-3175e0964399
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21490&id=5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=ocnaw3qIK5Iq&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=ocnaw3qIK5Iq&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=ocnaw3qIK5Iq&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-wjfvg
expires
-1
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=d4c92408-fa4a-5317-9d84-b30afe4a1520
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=d4c92408-fa4a-5317-9d84-b30afe4a1520
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=d4c92408-fa4a-5317-9d84-b30afe4a1520
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=70bc7c92-7e4a-4877-be0e-b545f77053dc
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=70bc7c92-7e4a-4877-be0e-b545f77053dc
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=70bc7c92-7e4a-4877-be0e-b545f77053dc
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gc26512b2917400273e2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gc26512b2917400273e2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=gc26512b2917400273e2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=8681080202229734004&gdpr=0&gdpr_consent=
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=8681080202229734004&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=8681080202229734004&gdpr=0&gdpr_consent=
date
Mon, 23 Jan 2023 15:22:19 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.46%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2055851728
  • https://sync.1rx.io/usersync3/appnexus/2069.46/6733065173710718434?zcc=0&sspret=1&rndcb=2055851728
  • https://sync.targeting.unrulymedia.com/csync/RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-beb24e83-254d-490d-a5d5-fb76ab96f...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
Tengine
ETag
RXbeb24e83254d490da5d5fb76ab96f7e0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
Content-Type
text/html
Connection
keep-alive
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=GCPaUBZHlJi9exKKRLGQ2_G6
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=GCPaUBZHlJi9exKKRLGQ2_G6
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=GCPaUBZHlJi9exKKRLGQ2_G6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=3242660a-fc38-4046-afb7-078464cc380d
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=3242660a-fc38-4046-afb7-078464cc380d
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=3242660a-fc38-4046-afb7-078464cc380d
access-control-allow-origin
*
date
Mon, 23 Jan 2023 15:22:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=2131a2a5-2d3b-4bc3-86c1-f9dae394b6a8&gdpr=0
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=2131a2a5-2d3b-4bc3-86c1-f9dae394b6a8&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=2131a2a5-2d3b-4bc3-86c1-f9dae394b6a8&gdpr=0
date
Mon, 23 Jan 2023 15:22:20 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1012%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2f23c37f-e745-416e-ab61-c7085374172e%...
  • https://prebid.a-mo.net/cchain/1/1012?gdpr=&gdpr_consent=&us_privacy=&A=2f23c37f-e745-416e-ab61-c7085374172e&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9...
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=2f23c37f-e745-416e-ab61-c7085374172e&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame BD92
0
103 B
Image
General
Full URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 23 Jan 2023 15:22:24 GMT
Server
nginx
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFj3vtxoEcbg5CgSG0yfyQXOOvqe9zT6vkSt8MX%2BbJGJcq5d7xZbZBPy%2FC0uV1fDp2nTmZ7%2BKmxnEd%2FSmhAs9NujkHqA4%2BDIZi6J3uOcLMUdV7nQ%2F%2BeHIlR2Pm8qOjYrQQUxqvuDcNXLHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y86mKFrdnGmrRqZjg9GGuAAA%26172
cache-control
no-cache
cf-ray
78e186352c138117-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=23E78CAF-EA8D-4216-AA92-89883064497A
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=23E78CAF-EA8D-4216-AA92-89883064497A
date
Mon, 23 Jan 2023 15:22:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212085163492328
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212085163492328
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:19 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212085163492328
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=9a2bd2da-e5da-4145-8e0d-4fee235f9036
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=9a2bd2da-e5da-4145-8e0d-4fee235f9036
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

date
Mon, 23 Jan 2023 15:22:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=9a2bd2da-e5da-4145-8e0d-4fee235f9036
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A&gdpr=0
date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame BD92
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26bu...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=7d6e3bd3-1c69-46a6-a032-f2b0d07f4cf5&r=Cid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaW...
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
199 B
Image
General
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAhoYOAI=&gdpr=&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY

Redirect headers

location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAhoYOAI=&gdpr=&gdpr_consent=
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:25 GMT
cache-control
no-store
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=6733065173710718434
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=6733065173710718434
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
43be3525-44d5-4a50-acd5-435a3e68c9db
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame BD92
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=1233109657613021960210
0
289 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1233109657613021960210
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=1233109657613021960210
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame BD92
0
0

sync
ads.servenobid.com/ Frame BD92
0
340 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=348&uid=O4bVP8haC_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 8A43
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8681080202229734004&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8A43
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=cbbD8ikVXEiRLWDoWJf8eRjVw
43 B
465 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=cbbD8ikVXEiRLWDoWJf8eRjVw
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=cbbD8ikVXEiRLWDoWJf8eRjVw
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8A43
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1163824315312156669&gdpr=0&gdpr_consent=
43 B
435 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1163824315312156669&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1163824315312156669&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
redir
rtb-csync.smartadserver.com/ Frame 8A43
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeCU7HnUwAAB9fauIv8Q&gdpr=0
43 B
412 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeCU7HnUwAAB9fauIv8Q&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFeCU7HnUwAAB9fauIv8Q&gdpr=0
Date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8A43
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6733065173710718434&gdpr=0&gdpr_consent=
43 B
435 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6733065173710718434&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
94e65666-9265-4dd5-b838-47ffc079f791
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6733065173710718434&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A695
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Mon, 23 Jan 2023 15:22:19 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-c2acSQu-gCzEs3V0zIlsfUC1Hg3nds-SKFU670GhRw
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D68
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50377
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 23 Jan 2023 15:22:20 GMT
expires
Tue, 24 Jan 2023 05:21:57 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 9B64
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=f105d891-05e9-4d32-aa2b-e9a4bfdd0784
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame AF4B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
Mon, 23 Jan 2023 15:22:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master iad-pixel-x32 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame FCD7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y86mKQABeG-JIQAb&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y86mKQABeG-JIQAb&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y86mKQABeG-JIQAb&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-chi-kigq8000099-CHI
x-timer
S1674487340.334459,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame D780
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hNzlkZTYyZC1iZDM3LTRlNWYtYTk5ZS1mOWZmNmI2ZDI2YjY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 15:22:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 28F6
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=emx&i=6733065173710718434brt56831674487336491320b5
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=6733065173710718434brt56831674487336491320b5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Mon, 23 Jan 2023 15:22:19 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=6733065173710718434brt56831674487336491320b5
usersync
usersync.gumgum.com/ Frame 4522
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y86mKsCo5tAAAAaHFiMAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y86mKsCo5tAAAAaHFiMAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 23 Jan 2023 15:22:20 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y86mKsCo5tAAAAaHFiMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
0
X-SO-HostName
m-ad165.dc4p.scaleout.jp
X-SO-IP
167.88.7.162
X-SO-Key
Y86mKsCo5tAAAAaHFiMAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"167.88.7.162","key":"Y86mKsCo5tAAAAaHFiMAAAAA","privacy_sensitive":false,"uid":"Y86mKsCo5tAAAAaHFiMAAAAA","upstream_id":"m-ad165"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-UID
Y86mKsCo5tAAAAaHFiMAAAAA
X-SO-Upstream-ID
m-ad165
usersync
usersync.gumgum.com/ Frame B0A5
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=dcea0fd4-aac5-4203-b6da-f8645c69c7f0
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame 9018
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y86mKFrdnGmrRqZjg9GGuAAA%26172
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y86mKFrdnGmrRqZjg9GGuAAA%26172
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78e186351bfe8117-ORD
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y86mKFrdnGmrRqZjg9GGuAAA%26172
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpdT9DeQSNRDPPiv8lq3Kr0vUDm83lFlSFH4bcL2EVYj6SxQvH2T89CbDAnxFxBOBYJGUu6jKQfvCUCI4aZzSoBb3WlEmcxvyiJQ99CRcZz3Hpz0Fskpwxj660wngvDWmE6LR8SPet26cg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6859
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=8oolc2dejhzYX9zHqr4C&pi=gumgum
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=8oolc2dejhzYX9zHqr4C&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT Mon, 23 Jan 2023 15:22:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=8oolc2dejhzYX9zHqr4C&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 224A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 15:22:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2taYP95yUV%2FyI1FHs9HdrebLHvCkdkrw2y8vtpICWKfofzkXVz5xz%2FwNYPMOK0kZgSrn6ziiPp5ew62i8ovmsjk9Z9XLYx4k0Jd07sYzWZ2qnzI5xyNHrUuDym4OxAHLg869nZvj8I2icmAzz5W2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186351b59c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi5G6saiUxWduNc7AjPYedSofpC1J4%2F8YNiL5p4OmroF3KF0ooHaMHM467wckIbOCZMA%2B6HXZshLDWZw%2FFvZGEVstFjZoyMJk9GXv1sfV2uzSfIFjRC0t1WiJI%2B%2FZSmSgVHwJrSdy4n2XEIx5MwB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186351b5bc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
usync.html
eus.rubiconproject.com/ Frame 3E7E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 15:22:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 23 Jan 2023 15:22:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 78F7
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e4144363e80ea6c9546470acfc69a771e60eedf9428270d54d4143303e47b4ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1338
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ads.servenobid.com/ Frame CF75
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LD8YIXD5-R-H02B
  • https://ads.servenobid.com/sync?pid=323&uid=LD8YIXD5-R-H02B
0
343 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LD8YIXD5-R-H02B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LD8YIXD5-R-H02B
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
pixel
cm.g.doubleclick.net/ Frame 78F7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85HnZOISco2McGCNz8RW8vKIEJwPRaEg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85HnZOISco2McGCNz8RW8vKIEJwPRaEg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhd85HnZOISco2McGCNz8RW8vKIEJwPRaEg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame 78F7
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 78F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=1&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Server
MT3 357 2feb0b5 master iad-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=f14363ce-a62b-4b00-8384-262673057fcf&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 15:22:19 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 78F7
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 78F7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c96c159b-0f0e-4ae9-b5de-1205b2cad13a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6733065173710718434
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 78F7
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=DZWK-i0ejcs0ZpO_lLm1nJTz2TRWvjq-oFQZTKsnIAI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 78F7
0
75 B
Image
General
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:19 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 78F7
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
content-length
0
/
onetag-sys.com/match/ Frame 78F7
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI9pRaGZ1YoQJFDRcTAQEBAQE&expiration=1674573740
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 78F7
0
15 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 78F7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 15:22:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=f105d891-05e9-4d32-aa2b-e9a4bfdd0784&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
cs
cs.minutemedia-prebid.com/ Frame 78F7
0
279 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=DZWK-i0ejcs0ZpO_lLm1nJTz2TRWvjq-oFQZTKsnIAI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
async_usersync
ib.adnxs.com/ Frame AB84
0
857 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
AN-X-Request-Uuid
57931e1e-1f87-4527-8193-425f908c4598
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
167.88.7.162; 167.88.7.162; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqqv%2FLdfFYe%2FEbMUqZGXsr7g2Cktq9JtjwMGJCIzoOQBkhaA9vtuitxyBCRwmR1z5E%2BOsQq7Nvm2ImM2dgbuAamlLSCZ5xmop%2BSt0LXwsfB9VImJly5O%2F7Db7NJZwGvXOzALawjYQ9hEEORtfTug"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186371d21c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SN%2FHf1oXgrz9s8Nqn9ZupTGZz127kAwPl12G3iYtST%2F5IiXy8bq4WhtUFI2HrzRn0qXUTmlF77pUWRUBRtL54Ix%2F2vJnD7EAA%2BEzT0bazO445Mc7boWxo4%2F2gjBL5a%2FJL4p5g%2FxC0Sk5QqbeSuSd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186371d23c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
usync.js
eus.rubiconproject.com/ Frame 224A
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e560d81546bfb41e496160db8dfd4a4ee38a057b4723acb9f6fc8bdca956a784

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 00:22:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32396
Connection
keep-alive
Content-Length
10037
Expires
Tue, 24 Jan 2023 00:22:16 GMT
usync.js
eus.rubiconproject.com/ Frame 3E7E
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.72.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-72-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e560d81546bfb41e496160db8dfd4a4ee38a057b4723acb9f6fc8bdca956a784

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 15:22:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jan 2023 00:22:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32396
Connection
keep-alive
Content-Length
10037
Expires
Tue, 24 Jan 2023 00:22:16 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mgyTiYEiiRNtPqSzYxFpihoYWLcmWEyErFAt4uTEswSfTHUjiXupGXgEQANNfv7AT%2BT0SRPfuZpAYd87Sdkk02WKtJ2lyyBtEBJHavg46tDtbU1W3Z2vBYShOoRbdm%2BcZuy7EwNWJOsxuUZx9vs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186379d8fc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klzCHcASSHfJxEzMIi3Qt%2FClMudQVqUc7QMfJ2kVIzQXcolCEmtnZltXh9RfLhz%2Bs0zJF2XQBD%2BDpcyrO2QhXRGC94t8hQ6h%2BO64HqG%2FOZf3IIt4G7FsYP9x7csxZCLKPeK8hpnDs1L7w%2BCq3Q4S"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186379d94c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
usersync
usersync.gumgum.com/ Frame 224A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LD8YIXD5-R-H02B
  • https://usersync.gumgum.com/usersync?b=mag&i=LD8YIXD5-R-H02B
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LD8YIXD5-R-H02B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 23 Jan 2023 15:22:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LD8YIXD5-R-H02B
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Expires
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjhLUScdjJyjJ5KDYacAtq4p%2Balor1nCaXY5QcYCuPyIAIspFBoismFJjwJ%2BmlckxkQ2rMdnTHLT4Ql7flzAhjRAww2NUu%2BFSwRPvxalE%2FDqyeCvKTPXzI8q%2FpDOhN3pb58a7OIQPz5LLMu1hC6p"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186385e2ec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy3%2FXunYkMUn2nWNTa1c%2Fbx0ipxwxHYu6Ql3J3mIk7njKtSjkfddUu40V6oqNoKBpFE7HCMSFYgb8JM9F4UDdJvlmjib24pw4bD9qjoB2KumpZcyaMP8eiPHmfTpE2z07skeNi8mAlEYYu0e5H5q"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186385e2fc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
cs
cs.minutemedia-prebid.com/ Frame 3E7E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LD8YIXD5-R-H02B
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LD8YIXD5-R-H02B
0
284 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LD8YIXD5-R-H02B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.229.193.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://eus.rubiconproject.com/
date
Mon, 23 Jan 2023 15:22:20 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LD8YIXD5-R-H02B
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11133
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddkYu8jinFdVplxhmYKQQwTl1WEwNBT5B%2FLuxL4u9PxgeRNoyf%2FwI3wJFIraQsnuf9Tp6NEsLRyWQCm%2FV%2BkXooEe9%2Bv6cz4uFNC3ooZ1AsU0Qom6Sa7ekxgqC8y8jlyrj1IeI9rD5CQ2XJV1Sxuq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18638dea8c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bx60Anfd5coCeS%2BYEnACMiEAqoZIGU%2BlXJ%2BlG3XxWZSG7jWKwEmVpNSHte8EtosDgODvAuvJHbjX6b%2FPLWbiJnvP0TfizB%2BAwunMWVav%2F79woEVV6AXHtckEf7yp9ngHQm1Myhe%2B8rxzRBhbjg0I"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18638dea9c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11070
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XV%2BSjkWkx%2F1k6l85JjzMOYXQuC5%2BRVl1Fw%2FPqDvshitslZON%2FKPjpbwZcRNC6%2F4uVc9Ju4eYbLiEgVq6MoWjX%2BBZEMKrYvUdmdjgwKtrhqqqladgCPorN%2FuBCVSShk8%2BJNyjcaiELU1swV1Ci%2B0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186392eebc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZviimqcKSgk8LNQ8ZJAHWIk3SZc1x7yXeRcqnk7VZeV6Spz3wFeHK9xYFtwBabOKyVuKoF88AJuJ90zVRPqx2ThDai4NxjKlCyKCA6YNch74IVDgdy4zQkcyZPrqBLmRTNmRMbVuw7%2Fufn5jy3L"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186396f1ec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4EC12pI3wl5YvdIRgSHBcxWowapmggfBjgfyudLOH%2BGuKiQO3XIpMYYulZaM2uaVAIVZfeKvSttsqyMX3CkCCGQjG8EkDCPfC2QrInev%2FNAV%2FiXzcNkhG8fVu%2F807f1n3TtmM10l0ESTeu7Apqr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186397f3ac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qZyu3v3VrDMbdVs3gFQwZSJXFc2J%2BEdxLus6rI%2FgsSiMlMS7WUlLMk8tsKOh25%2F%2FcFCbcyvPf6gV77d93Fa%2FFA9ukwkKBVuyov5NTbIfsXLoQYQ7ml8%2Fw%2BoI19EJF3rfKIYnkkLiACQJKnxbCNq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18639ef7ec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iww7cSIGUh4Q%2FeFPEbp0A4Z6EklQAoMT4ucwWilT%2BnhwEdztA5ZlJq0V3MiMg%2BLAvXJz6ztRrozlYCgLBwSmWvftRAv2CX0SF8sGVzPgI4rFwBSZEItN7ByTC1S7IV%2BKBZprOj0fTx%2Fqe9UDwxMG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18639ef7fc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv1OXBnaiAl2d%2B3WuHnRqg1fMCzIEuzD%2BTqNLOp0bIo%2B5utoXgPQQsAVHm8L630RJHTIfrFVjI7utcp1cv6or8csn3i46SpIfkeP1CYFGX9H4T03G1AEQgzgs%2BWK7m8u3DMmamsF38%2BRTFsXSKde"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863a3fbcc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8Hp2NXk0ASiE247Ea%2BTXx5I83TJZdgOMtKJ1YPemI6dp5uKvXaaeqgBt48VS2EJESHB%2Fk5Up2oDPNuTfNL68kezOq69tE2JTTiLlPIXY%2FcLNi%2BKocyMtt%2FGEzDBkLSwzDBdAaksdJDgzfQ59ngb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863a6fe1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bcae5ryoH6WEn%2FsSpZ98ZusuXXBhFq0Xytq06tDOAGBV46SDvDnuCBR36gJGZ0bkmtAHV%2FsCCheLJjenpFbMuyzQfogssLir8sP8o00V0pwgnmm7s3Eh2lE0LCxwRPhBnTuA9skDeuFPljh0eYqK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863a8801c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiUThMt3Ddgr2AsBrR9RMm8JX5tbKQBwV5LuQB0Y7FNo%2FBUf3vriN5w%2FkGlIE%2FspYQqfF2Lb5HgMdRU9JfsmEnY4d0u2tmldPpGTT8aNuQBi575wBFALUmNS2SXBmnTtQIbHmFP%2Bv6WE%2FG3uFdt7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863ab838c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9q2TzpDaNuiZnxgdl8BZSTN8gWTbq7%2BcczCJTCiXdHxbgZZOR3n9R5W46w3z93jrswO5RIkYKnSODwLkX2qBgghzkJ%2FUb5CJ91gCr2%2FtZpXGnUK%2F9hgwIgOV6zRlUQP2SKpohv%2BSLBTNCFdlfNq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863ae876c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0%2FTJd492j5K%2FwVfl0nC5OFZaPJKl2nmsCCgad34IJjA2VLBjKFQYyaafX9WwVB3PC4hXl25b4BRR9ShhedMgoGdkIV604H4IRITRMI6Mv4yy3U6dXZqa%2B0NjbXxnqZfuXq4pQf6lZiFY9Fqm4DH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863b088bc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kA3HZ%2BnQFpBDr6pyuuutUK85kWq8vEWh0jP4p8coIjaHk4x%2BChBhycK8nd7QehJpSKz8g5dac0bbIatyfl66pcB3zrZa%2Fufsgn%2BIBUyTeYvlhHJ9xvo3EMLmCglsgd0iMDR9Q%2FJx4Fv1mqlS01Q"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863b58e1c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyVMPC3%2FGLP1WDVq1IsVfsirgb6dBbw%2FfTVUHDJ85NqB%2BevBJRsa8oYTdbMKHtjc02RtNblhZlvTEM4QrgDrSzc%2BAbNAxtC8Jlr%2BZYMO0gMrVK%2Bjun8jVIGP1Cnbf9xMYk9%2BsYKn%2FRtGWhrGapMT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863b891fc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jztviSnCyC0RKG8vtkGCmhu4Mj19xYfI58MdqDBTf%2BUwZ5bvqcbZFvj5aCnWQY5um%2BRHgxexZMn9O%2BkgQdtFrCeSp2vcf3siqzLvRQaN1t3BcDsuvr5whwdxhaNs0%2B8Qi7RqiL23N663WPN1BRiU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863ba940c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 48EE
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158261&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0XdrwqMcGhMVa6r%2BE8FTT7OTmbwr4P9tDZ9zpQ9XKLX%2BUhq1F3CpLmd2BNH%2BPl2cPzWj2Xe14Thdp44KWSPX1TdNgp5WwgdWi%2BZLrtRkil8VlsPIqH%2BWt7MZCkPLRGOjN7T%2Bkr52iwNOw472Kjm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863be981c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFtvwABeTe%2BcyatXCIwwkKi93b4e%2BvSOOqNvabq4XAtxMVfb7jR52hSTMer5U387REIjmVHvqRzPLCm%2FLpXGyUTqp1FXn%2F8eKXDog9TuOIs2TKKMoMPAH4LP2feNoCES5Nbeg7B2sGkEbd4oQ1%2Bz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863c19acc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKg0BNxfggjFP3IQ4gXx2xkruHgf4CGI81iJdbcnUUBnMAblPQBopL%2B2%2FpP4NhvFwJCKMLr3bpSM5eJ6zMBxacw%2Fi18kmtj%2FGGZMBx9lhUz9KFSsK0wjR2Gry6m7tPUrBM%2BPzOyq0U4ndV8eg%2BMf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863c29c4c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQa2jhRkDT4H3AK4BBY7lN0dXTfRL7rUs%2F%2Fjy%2FAV7Ccg2dc1I0OwkZWxqI%2BMUAV%2BhbW2%2FvyAEGWOFpgP2tHURHF2ArLBUG5wrWdQZ58b3qEyj2p4OdjWDgLkFFNA0ARce1Es9GnplqyXLD3njfLu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863c69f2c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BInarj%2FWNXGfA5roc8j%2FXNhQO%2F7dm8a6Sh2WkIbUg9df4D33viq%2FXtqzGhiny5v2T4I%2F4vmZ33jvdt701%2BXCVSEJfiUsN8YVjVFp11BsPH2sC7gkMRakdJoznCyYlOisMsQtEZPO9dp1gMYViZm3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863c7a02c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcUjRV7U7Zd5w5wldKmi%2B6KCtQFRMbz%2BKy6RB5EHuDRlNIJnd7RDmtcUR9dqnxjb%2FX%2BAjSmfkl6wGBa99a8xyd%2FHLyxFd7jZPXoUOcST6He2wS6xWiBtMVqwnSihFFffIUgknjaqn13sSDVP1%2BIH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863cba26c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNw2UPNDCjxlD43FF9vHBbjn9n%2FYnAKOfAK5HDGq6qH1hR6YXw8RDmb0cmJtUeU0k7flEEmMPUUR9oBMlq0UkA%2FsTmNxFYYV8mqjD%2BHfmtLGzeIFu8WBBjRiHgl1Qz1i3DUv24thmf04%2BGjltGH5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863cea49c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxa6H9gnbm1bi6TKxsWbX2lqlEr%2BX50TAtroL26guWIqZte%2FYt%2F5DM49po%2FZLWJ9kUD%2FJDhvjUFS6TRJkiJ%2BqB6%2FjdB47TPZCwzxpi8y6Hct70h%2BeZLtfbn1CSmL0kjFWk6VGcnIk%2BE9Wvyh%2BxEM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863d0a70c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QFixBFSiNeisf42IujXAJaOHTHyxn%2BzXhemv%2BzRfLYtj8Gms2k1a33sqlb4dpJmsIhnOc%2F32B6%2Bg1GYQ3fBoUpzvLsqHfvRGEG7pavIEIULEkDhmv8cO6I0SjXfJdoLNVuwj5%2FFz5KOA7YUL3pP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863d3aa2c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn0PfSLV5eEro7uet82YYmnNtNlnw7MitdkYVv%2FJGMknt9qJgL2JjmNHi5dqADwYsO1jh76lVKoYlIclGVqW7pkLAUH9edmvkKS7xbDTjNZlPq6T5MQwciil2Hoa47QNGdioOapaX1I1PREAU0K4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863d6ad6c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 51C8
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3174889366419408000V10%26type%3Dpba%26refUrl%3D%26vid%3D44873393623174889366419408000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yvI%2FPcO4BaECExkyt0GK3tav0iPMYD6zdBIzCLC62TZPN7179GsHpBnQ3q66W1AHKgyZtEnNd5up%2FtVAnQ8wZrpgZ3qdVBaNgd2RRPxaZb2xVSOiYxDpadbjxvE8nSCu7qrcKyEOgZsn1TIgG4s"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863dab15c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agqczcAlaR%2FzDm8N3uObR3vK4cW2UlmKVuCPrJzA4oUu%2B4AYqtemqsd9qd9tsk%2B7ETnQ0QsEWBGzXIMi3rvX56QkpjD6OwyJROxIK2IIa%2BRacn%2BCPeMmY4nlrTJPjrTJWMr3MDSPpqIUHEmKkYiZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863dcb26c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ORHiiFfC8JFXVjGlqzunOyP4zej3taTVBAENVROP4Id3uk%2FZlNY0RzJJtLXmI%2FwU8RPGQXzuEYKkiLLaWwmEDzlDaSYEioiwMsrPizdkTquU%2BbomAb4Gll9L8nX99q9ZyLD0hGw4WVW%2FThRpRyo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863dfb57c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUpu1oWlsNuC2X0ZPdXfatKXhWXaZIzXVBuMWMW7uOpNpjikByQwYKu4Ynoi91khUZfiNWDiTtTDjw6eUTclsaEYl3ZYcWgkhSk1G0G6F2L%2BPg3E57ZQlNnJbGjvRziCnY8cDJZTnznc05ASVbHL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863e0b6fc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=sOffj8eMQa7hyp1uUN5OQSOl5aWJqDFH14JaaAyxVTw-1674487341-0-AVaNSakvhRzK1lLbqKUI2jdcWgdJa_7BEmCZ0bC55uyiwmIkGCGqtfiiig1YWfH9Xf9ULbmDPSk1in3fqaICfA8UrqJIMkNmsIelL_2EcYtj; report-to cf-csp-endpoint
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14qT6KngKz%2BmL45%2Fl6Orx4oXaCEX2tZziQbAqlGYX3caRFwOrpZDHA4C%2B%2Fuy2hu%2FL%2FoFYVZDbornzo8znzhvK1al4pVcX5FeG0OfG4lnaTF5fHlUowZftohTi5dsRu%2FY8YKm0UNvxZmdwsKYePK%2B"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=sOffj8eMQa7hyp1uUN5OQSOl5aWJqDFH14JaaAyxVTw-1674487341-0-AVaNSakvhRzK1lLbqKUI2jdcWgdJa_7BEmCZ0bC55uyiwmIkGCGqtfiiig1YWfH9Xf9ULbmDPSk1in3fqaICfA8UrqJIMkNmsIelL_2EcYtj"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863e4baec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWvob8EZCiAhTWrvufSuFXjr8kPwnvZGAt2tp4Lylvzy5bt9FPSweatZBmOz5yDJjvI3GIG5%2F5IQTGELmet%2F2L5r00pmDpQSTN2q77FExp1axBts%2FUeh%2B7yBuiU2%2BumMoWbKnF3l6iThOKb21Ft9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863e7bdcc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQE0uLfUTeIuby%2FKDRKCVpEFL8OnuYZNI5rnR7rBApjieLU05qX2Y9PS8QcqKIJ0w8Zp4l8NCcLd%2FiwAmb5rZYK7UsX5sMHUyiPrdkJKiKfjRm9LQVsmTBva4lGxW5wHNd3zhhHYwq4gVFjtvzU5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863e9beac514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFLEboeETnmVh8WiOgUIs%2BN9S56%2FwRhzywauvNcuZwh3efh2hNlGRYf77skFZGMQN1XQQ1rrfBUG0G2ZJxjNcp7CqtuTva73CXlgO1x%2BH1kVV2pi%2FnUsWH9KBjaGuy%2BWAb3cBy1gDBs1C26GrJ7R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863ecc07c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOLKsv96GxlmKP8Te2eVYoOMJ8riqnb9d%2FY767YnkgABQQDDi7QyT2ttw%2FUua19NS0q81f1rpDezRXu6jNI9n5j%2F%2B%2BxZVUHgM%2BRKb9isfy%2BH3PK0kHLsy9KGsFJ0ah30nZwnAFtOt2%2BbWP5XLrBL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863eec1dc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXHAShBk84IPqemDPopFGF7%2BZ1QQ6ukK86VqGOMeb1Ua4%2F9fzPaGGHPx8w1sr7aTKKVhWegRxl85mrQzSpdD7YLpIbKo9NvUA0Sb5ZIBJ3Dd6CMFn5s%2BfSPAlQiYvQAtbNhSYeuNs8bCsPj%2B%2Fady"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863f1c51c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11134
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkSOmC7Dx%2FsJsean%2BU2e2PCU4A106ZBAkCfdupxS0l6cvL%2BBZnFQ5TZveYOH692OoRAps95qkmaEG20BpecJBGBWYQFDikDEMDkIAuaTLC8auEJRiM30JQ45k6RFYIApDfSEio5rZ0E2oKHhl%2FOV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863f4c81c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11071
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2NruYXvxQYvWAnA3BFti7JyDOeijtVYx1IWKn56exVWPt0AwpQ41lQlFrLNFdGrBlKA6qGIwpWYDWmpJa9q4pc5IoKSZGu%2FvnqJDIuvD%2FZWmmMdLPzlUl5egYWoUVMwKDLVblMAa6vNvGWbGdAu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863f6c8fc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KcMrN5AT65UzMKWRNzU8tuLuc0SyIMY7a4%2FT8DV36CrPuUGxRZGEl0M5Corom06v6kp61LfjK%2BQc%2Fhgedys01neA%2BNaEdF%2F%2FaWvwtdFU6KJyqW1wTugxocLhNyzRgwVZgyK2mWlc7zPZGLNOHHq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863facc3c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YdId9mISEva1Qup27D2Z8XJHhX60Zj5XX7c81zjMIvEE3JdnqxjhPFYQcYwNaVdwJyGIMwPmDxzLdh43qsSx7t%2Be%2BX5Nly0duw7xhj2mQ3SxG224uTu47%2B3TDBlCIR4WjqcFxYq%2BZrVNwMPlosE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863fbce6c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzWsUiGz9lmOfLEIenHz7q1UCqoh1iALlCoPh0etjSeIjfSrDNIptTGSGlVOnyq4bFdR9eKCCAkvJsCApikILEg114FvtZbkGvoLfE3PLcpBrc9u0q97b5z3cgRcSL3Ln0fa3buSTaKLdBdycixV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1863fed12c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0HQwbprO%2FiRNTaqauBUhBBgIR936roxCz9PN%2FG1MgOka8ll%2Bf33BK6E81MXrJ3CL9A8RSDbX%2BIXpZSIaT8Tg4fK72xIPSPJNScDMrq01KR8lSR9NEUhbOU0PnwYIfga8ZG8FJZGXRsWN251kB6J"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186400d2bc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwPE0x88VVwjB4Cj2pK6F5OZ64Wtmtock2DOAXzgx%2BpGGQr%2BB%2BN%2FBAArZHM0%2FAGzaqxp1563gFxj8y1Yc94TaiP24DR83BmZyDNyG%2BtP2QwT43E0PQnMCQuYnXnjN6SvIhWBjqsIxlHUGtGLAMPp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186403d57c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5ftFV%2BsM2NOrZrXL43cztet1Ij3lI%2B7xX%2F1KRCkcukth%2Bl%2Bx7da1xpRr6Q%2BTPbEhMELUYPuUfRruh0QKL0HQ5xSRF11HPfXZOhRbnldNMxvg6iJxWLTKJGAa30rlakBJtJGeOy%2BSTSoYR%2BuqXlA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186406d72c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbpYtgWerwnG%2FzYXk8aviBpQc9ZKYnKcOTBUjCZUgGtPGfEbhou%2BF3%2FOIjcXzb9PofFMuUR3vSJ6bsKbzulX5ssXhUgq6es6vIdUE3yA%2FzU3NR%2BM1EdFpO7tMSpN0JxRMhGZjA5gtaZCieCuDl7D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186409da1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Gylys2ABjcTzV1mu4POohbBO7HYXxYgumBEcN1YDRC8rgzgAbU4oXo8iMMrh5UDYd2VaoaeJmvgcldeRpUpo0BdWp8PxIDst8KRLT1RBh48Q8npGHjNG1rsRZqc5lGMXKcdE3dpb5U2h2ixsRDI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18640adaac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5B1dJa3QJjYBchLssjdfAlB3d3F5eMyEJXNr5qSXVvqkTNYHWVoroGl5N3Iij9ySQpB%2BcDkYqwI1AnIIJAi0SeckGiftGQSDnLEKt2FDAm1lE8691p9d1bzrcfplUeh4FHaz1WbTFa%2Bl1tT4ifuf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18640eddac514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0E%2F3emFRXTryDT9P0om8dGMMYhoxjeaV8juQCGa55f5r51gGTNnK3uy801AYSFyGpYYJAAo3VKSnHqUKYkgEhzCpcHpFZTJGAdrZaEvRJDVSitFad6ONW9tCV0z4lF04Az9MMGthYjXt%2BZ3WsDh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18640fde9c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVww8Gde%2BxIkOM7Yme5QR%2FWPIeJACYz9e9NNYIJHE0hKwIOWYZDPKlSb95ajCyiU6VRYHoZZkg%2BIuS%2BJ%2BeBYd7VheEXynR%2FhXC8xj9Nwhlj1E3Viy8euXxvwaw1GbmVDywznd2lhB66Iy4kBZrAr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186414e20c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd37PNrQBvAVOUmWabSYCU7Nuz6JhtHzh%2F%2BbAIvrfDr19bMoM4HO4wTAYCn2O4jQx60%2BAd0rxC2cbL30as7%2BoJapd2mBPAYE1QMABfIonQOtA%2BjMubCfrdddarZrsAKoBxBVZRuB8XUAZIv1joBJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186419e5cc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1Dw%2B%2Fvhe6AOnISpaBtfFTPuy1sQMImCSLK8CBeEDYbpKaRDS7nVh0lUssFhnHqmihbyTExK5jdHaBtBzeoywuZH9Z4WV0QnESnoI6QQfHBO9aha3BSfNXvFybLWtZQLJ65iKsOSuslCZKBKEi99"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186419e5ec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQYDieIGB9jdu0ctC08NBKRDTR6%2BzBR7week1xRGZgJ4P4DOIidwmIvNV0Lguv3IPRXb21pl0Omxs0DkF5gs1Yw%2FSCrcyTh%2FV0y%2BYrkMzaN2sEFOWI25ZYiXe06wYpJuCSGMplETz44F3g5510eQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186422ed5c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv3ci0elHMmAhJc%2BzQ0bvsB4lXZBnjyJeLl6ATlhlqAldigZjKUetkHJXGODyyQCHNHdiRtvlSfPQa%2BEGJG6rbhW6uG96OYRWzVCzTCMZ1H7Zzs5pZyBWCxq3W1yQnJ3%2FVw73c70mhOgN2NAVex%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186423eecc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X9hyLASBIKWKI17wZtirdGZrL8G4YFP8GPW%2FFk%2FMjw1Uvl3OLvuiyU4Iic0Laiuws6vBXVQPIdHFTpHQsiRG%2F0j5k9X6eX2rKwvPHZ8v2wNMIOninqcBzcZG232agE%2FU09fcK6C4YHA7Mba%2FKld"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18642df96c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShCEdSIpAcxFVcr2VkiMOOj4t3Ems59%2FvOjCIy%2BPlX%2BwQ7lAKW%2F%2FhpaKlCmflnr2mREeQxEEtS5l3ekln4pLc2HCW0cmHQ0kpQteLz8In1VfN0XFA2uiVssF9KgV6TQp8HxZheNzl5Lu7bqSW4KF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186431fd5c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=douROP4S6YXRt%2BiQ7HER%2BiVPcCd0tRvhhFxEzsyfMhEsYzmIDzL%2FCH9iZMOzc%2FjDXTvtudJ7c4jEcntZ93we3SeHacSrHTHYAiiMbPtmlhRkAuEjIFFVZYBK2cxVNNbmYSvJVI5jVSvsZXzjF%2FcK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186439862c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zgi%2F%2B%2BL7ZZI4WydXE6qd7s8ePWVcOANx3lWLwHDVsxzJwtHjPQLgB9sbIVt0jRUHR4QlyIDwKVUpmhLbqfvlX2YQLpvjCNCFHnKD%2BjG7KroOqxYE%2Fy5lWxk0nHktYSsFF0IxAIYIjCqN8aIYI5%2B2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186439863c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s84zaJ%2BhFd5Y4dyfR8KfOSCCkeVO4KuTuGR38RbFZ4OA3p9CaQsa9AK7UPwOgVRxHZszI7gLNydY8cA5i0p1qRRofo%2F5sQYUfkAi9P6qFcCNfXFS1ljdGNe5lHfLBBUCNSjmbzZkwvOQSOSfHNPa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864418cec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDS%2F5%2B6XtRHe6kAVgYIkffzlM2iQ9xZHm1pm4Hs49iu9KmbQ8U1Be1W%2FMDwOGmtDeU7dueX4G8Urs3rcLtsl5vJ%2B6B%2BtvxBSXhYbitsjF2jQp5HFOCmIyVhQtEyfVxCHGHDd7W6vzZ4lAEhnrd7W"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864418cfc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKR%2FyLqhW0V0GgzNdJgnPFMNgISFkXyqjzKnZBiyjRri7iVetfXvpsIBjKEwmSMiUrKd%2BjMUgQqIegosqAjkMB%2B6T6GDkSxkHueh3LlRRT8KO0GXuBJ%2BdG8h3yKKL4qThpjFWimIjtyGdPR%2B2frU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18644a936c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2dj6lHFITCTJJMHSnXndOmGrIxOLmX8R7OQi0%2B%2FtRipD8e3Y8dUeIZiJ%2FqkMqf97s2gb5tWi46M928zkj2M5qRHZf8usfHcwuRGTXRqlrfWJ1tXgui%2F%2BvTDCd6MaqYOSHvTXcquvjlVCf6DDEZf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18644a937c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11135
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRV%2B31vpjgeixpyZdK6NAbDozYWfppsrDFnfHSvsM972WwU06r5T7LQiOa37a15M38mh8qBvBp0wESr3ddCHbGFWmJ7Lv4%2Fqo%2FQebqKaiu5G8QR%2FwOYkQCtGBChWxe52o1%2FyDpvExOrJohqXDq7g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864529abc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxeOSVHIIrr2f7A3nB1%2B6p9Lwt3NXGXrydiR4gqnYlxjgi68iYNZ5Q75cTabIkJwDNM3edWJlRzOhVZ6lM1XemWRNBl1ieT3HGAaYKHKl3Aj2u8lNfyWqo9RFlpM3dtIKAPpsxAMDlrlSCqPNN9g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864529adc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JV6iYULTfhCDK51zZFEqAhnRE1TaqS64ZHk98d9jcKMcp1lPnd0nr3CBTPGokjGr0LEGiHEe5d5n2KMp9D2b85FSJcwo1%2F36%2BnwgHfI11XwpSH42lXJLD6YlKQS0Gbszu8tODe%2Btc6XkOciXrSKN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864579fdc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9nTWzqne3a%2FPcbVaqDfnwTdrqSib0HjZx8stTBDk8%2BVHycRaeB33UquFSdbEW7h4iBw7psxE7j9dAvwroLC1bi0otA%2B1LN54zSqGkCR1XgWQj2S4sqNKtsl1cdwwT06V0xEPmoTlTe2%2BLAk4ao6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18645da43c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BowR4untkMpViCTEAuHx5w45T%2FhOEwGvjuDVp4OCWWztcza%2Fi9Xg5IXjaxcufrsnzAtUcIz4g%2BPPsRe0Tx4i0WRL%2BcZ%2FeFYfkxdq4SQhj9rghYUWg9lALheUmIlCkNMCBM4ourEOWZp%2BW5OY1q0L"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18645da45c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Bz6XGritJWHNG56SODVuzmI%2FOApEfjYBPliQK%2BcUt5kcgCuSAnkU2810wko1uwIyszrVg%2FYCY7tC3SZ9L%2BbsLOZTnKz6a5iClIQ8dhy8V14KL8M844U78DQSf1OONi4qkk1%2FLxGefTPGUNiqjH0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186469aeec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ed4rpB50Y7eLBXc9Id84SY4g8hN8gEeEvL31WgDkVeXEsb3fI0t3JYX2PwtE0Zq7EBbrFbdXgnnAV%2B%2BVuNRJNT7Qk9VukbUiVve%2BTqrv0%2B7%2B8l5i%2BX%2FSZv3LcfPbpWWH6g2t5ymj2iAb78Rxanas"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186469af1c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6A19
47 B
226 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59804945&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 23 Jan 2023 15:22:21 GMT
content-length
47
content-type
text/html; charset=UTF-8
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fux8ZpZ47YhKm09JDiHCNZwtIkbHaElvccf17l7BOyNqCY%2BmzZFS7fyp82QK5174oTs7zpUdlVea52%2BJVaBUx2UtxO%2BwBOMXN2vd1k8qjmLrEC2%2BfD6vznTe2BL9MBBrD%2Ff5%2FM7ItpL6bqha9tOH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18646fb3bc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
sync
ads.servenobid.com/ Frame F6E1
0
357 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=316&uid=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.144.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-144-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 23 Jan 2023 15:22:23 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQhzvArFV7R7wxhh9Xod21HQMpcxgBG4OmXXGkrzg44CooQ1NhqlKd15x8xXwJto4iMkz47OQvRw1EDs1C64LxCWJXdTl7KtAgvYAEmM%2F458390gTT83yH4bR8uGldviMjAWd7vsBphnONcBkjfX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186473b6fc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLkX%2FLiq%2F3cev8kuJeuxbU4iP249q1RR7R7yebUl63nhrzJEgJwTIFH685TiSL7EmD3L0jCdA99MLa4Yi6KGJqIo7DzZWltisUArauDeq4rmUtTPaQdCYpI0DQRJtpY4sQLIYBl9QgAMu%2F8sW8pp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186473b83c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPjZjOj%2FjlkH3dGe%2FZoBSxWCFt4ZWQnq0B0%2BVFz34R8RpMW7BGsweQW3O4%2BaU3%2FhUp3hFuo09%2FGV23u5KcGLQqDPVyQGXZk4ZWdSj9fpkmUf06Dl4RRX7lyrrEFUgNs2Jtl9yXzYdXw0jvJVNCnK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18647abe4c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Fz7wwJY9f5UU0q5%2B2mLbZ%2F78BhDpb42A4qc3Cy3yZdSmK7qJsoaP3RuAZbEm%2FrfV%2BHLwp2pHRuIfIRmG%2Br19ISQIG58HxHzKPvFsNulgSScK19PNHSLi%2BNkeW3gvNXw8e%2FOrJCtc1EhT6VVkzR7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18647cbfdc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RBE4W9RCOh6bxNdx7DrZ%2BqCi4CswLkatMGp0VnvFYm5oLrxrQyR9jQTONjHFBYzjJMomdxuX8H879fKrp8Dkj9H7eHsbUM0U4118TJ1qVyB3kcSvSDlkePsLun30DQk2sVKxhyU6qlWhChs98VE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186482c4fc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaE0zcM%2B8hjCt3PT0GLfj63p%2FciMBpLxD9tdD64bBUEyOJW1FCmyymwNlBTU%2FGDuTC4b9QJ7UOOM8wDZGkO0S9BR4yUFZthgI4OfguearG0hUIQz8wylEYeBJY00ymaL6xY%2Fw1VA0KLwCNLvnjIs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186484c68c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
usersync
usersync.gumgum.com/ Frame 10EB
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=23E78CAF-EA8D-4216-AA92-89883064497A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 23 Jan 2023 15:22:23 GMT
Expires
0
Pragma
no-cache
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDVZaN%2BRo4FVq0fbeqjStm7Wky2VAi%2BCCOINXoNeW2ouwDJjLpwu%2B4BNYrZIGfMhAPmCh0hT%2Btu5CPRL8QIi0xoRlM6htjDQ3wHO3fhorNUKcCDfLgUBqJLG642T7SohFYN0F2dSPF7ZfttpHoKE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18648ccf2c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqv4c8Ko9DpnlDXdQA54Rb1q8uiYIG7MGn34qyh8DFtR8wDXf6%2Fy%2BmEMjMVIc%2BKvVIB76Tfl36PuXAg6YaWNeR1Qqaf2xpjGgf6dGehRIhRp7waoBaJHsH%2F5jwuyA9uQ33DD0o%2FBYruBKAD9SL%2BI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186491d25c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVuzX0g7G7OokaFLNIxFk5Eyt%2FN790VGBKq1TZbc1kZjg8a5f9pJENfkADVYJNA6rNa1Aje7nGlGkewxfsb7lvXVi7QZNa%2Fkz%2B8F178trwSJWFUzuWljX2%2BpNhkjTsPBamSy2wygyjHRbS7Paf96"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186493d39c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo1bXR%2BpVaBEa3Dl%2BeFRw7x9BvNiy%2FWL30A00hMufoEBQCBd4b9ovOU%2BEK3JTvmK22V2lS3EQ29d24CkwGfLlz1HH7PSglvIldz3lKFbVFu9bBL1%2FaXwD6p7nK5nuvel93QsFpG1dZmRFtzwPrT4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864a1df0c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBhz8eA597R5IDSVZN2JUlRD5EmcXccmyTath3siWqwjnGUi1iWbN9vjcvDByd%2FvoN8QoD%2F1e86%2Bt2AC%2BDDha2DvoZhfo54wm8zuj%2BwTxrccf%2B2oac7l9pM4iBRzs4I%2FGgcd4eb46UyGbR5kEAba"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864a1df5c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yydjXZpMjCoFauzMFSPOG1DbKC8g0N1dpBp3lBcVXMZqfI3%2FYQSrAJZWnNpFtemTY4iodPUXQglkIwMWZXQUF5oq%2Bi6IWX5ic6ThE9kJCzmTtUp4tQLPvAPQ7m5ca5gREb6OZagXHTDxle26p80v"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864a7e4ec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1bR8L71tqw4SVS%2B7ywiLS%2F7zVcclV49PMjfBjd770LsW6yqJehPGyAsyOm6wYszOMwCDwAiv9wdEShfirIGycxGFl9n3C%2BYjVO9pUi2RMUbYZJJ8k0EEcdp%2BtdHfoPdl7hs%2BA0xZ4hwHDMFsyT%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864ace99c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFSJsmNqHuNaIvCRQ5FKsQKJMnUopfHlwKmocfqO5bRMKfaszzjoyh8XDKVotsrTS0W7OmmVCuxBOQdrhR3m1ztbZf6rRtRyKnFO8OhWloS%2Fp%2FNza5b5sRxg1%2FA8LLggVlFq2wsf7A18ex6ybuqX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864b2ee1c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11136
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybGQJTgHsv5%2FQ1o4%2Fps3ypeTdrYPzJmucznK%2BCi4BjQFJpXyxiYFM1DHQrIBlXK7GbJyBn2Q2pYIxeZiPl2f1qx9DzC9EwXmENkoqRP91mQa1gM07%2B%2FJypL4EDwgVZZiKIu3UDh7SmdsrNA8LqwZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864b5f1dc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11073
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GpuAbkpqP4TOFhx38a08hIsFXiEWXadjws2LNVOTtjLtsmwQ6dSihJwdu%2F%2Bg%2BDc%2BFwO2YrKyC7htJPDCNroPdhEP470KDScH2meV7ZxOgJW5vUGyJZS2VPMQQjiv0QekTWK5MfnWEWoNmWo4%2FYU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864b6f22c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11137
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHKhaxtsJEYBm5%2FeTp99cs6FnvYlAp2PzVULIxOYEhDJQcax8o%2FniO1XB34HBDseRJiYp14PbAsRSfvQqChDgu2iz9CZ5HtcgZojtdB74Sa84C2GkEbNzUcjDO%2FkvB98DLM6Bj26Zr9wpQgsVe13"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864c3fbdc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11074
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k98U68ch0JtFmk2OxFjJ565emYmv7nlDGnqFZ24Z5ly993t9syK8n4JY6WCIfViXwWiprOburZGMNuIvF1ciuXrV83NRKWzKarTsegni7P6tijG1nP8QGBq%2FEDFuH9nidkvlT5al1mI4wBGSgEyJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864c3fc0c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11137
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcS00utBVpqVR9xeOFqdgshpt5%2FuqhC68bZv5EvGt9hoAjWPWqAladLTVYDaOuFuHrJvlt0wOAqrL4KcMBDTpzrp8pI%2BI%2Bc5rHbcU3GifAfr3BRwKKiAU%2F6ps61sP8xgG4FBIuhdsO1K4bRpQ%2FKB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864d98d1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11074
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47X0lqfyGNsc9f0PNcsyfEOVU2d02s%2BIGDFvMBIPnpcf0orqthrCyYtZkvZb%2BHNCAP6DJfDi8tUaTM8Pkn%2FEa85dqWE75W5be6Zoys1xu0Tbf5LVPrex%2FeQ7T0eKaZ6v%2BBG70rORnp3w6cXZZ2Nt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864d98d4c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11137
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KiMYZt%2FOMQSEh%2B3QzsGZXIKkij9eIkt3ARJwAq6lV5eRmhCJ616cgpgQ0m9UwnPn9baQ9tgfs0faOVec5bvWpmtGZH9mnIJjE0n98epvrc93jE%2Btn8JZaoipd09o2%2BAFVhKzn3yoLhzZRCoMlRg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864eb9aec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11074
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4RDh23ne1V5gNhEQzgZ08%2BQ2G3hmuT%2FcMQYj2p%2FVEAAACCWVD1KobZ3keV5xgKakvVxbBB46VCc2oimrWU3lV8MlbbhCkS%2FI6NCrBNP7%2FhP9VTQ8kUjct%2FDf%2Fk2RSIu0C14OV1saVJuY4ioDadK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864eb9afc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11137
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KDkH9S4V3C3rKWyCs5CMAMIGevqEpX4eWZJa1CIBAJXxU1xKy3OT%2FdZuq3k8HDY28wxkhntsNBI5%2FYYlL49tOBxxF2NACEXAl9dSAljBqPupjo7JKIOYyZMlD5oWrfqgEeqPZxsC%2FAf9mzSSBZp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864fca68c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11074
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTZnC5%2Fk6Trk%2FqM8k21iM2kAo4MBT632Zp6KreSMlSgMS5uxByt7QnGRBu5cwhdG4eTQm7OR%2FUF8B3dJq%2FKfiwx4qGcQ3wPwLMpjKtNOK3zd4k5Wf9lSfMCeX3a45ZAi0%2FBcddI5V%2FONxIs9gf1i"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1864fca6ac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11137
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvaktSyxwmsNQTP3bSqE1oDtE5h4VarAlJ3BQjMT5JNHdZ9iLNgCk%2FK5J%2FDgakDVqx4TI5%2FfejDG7cfkDsQQWosMrH3HiDa7pUS5d6litPerZB3Dt49CJ%2Fwp8nB%2Bt4hApzQZz%2B9A0tIDxi43Q%2BQa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186507afec514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11074
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLGcYfBtPt60MuG6NXG6%2FoLQJT9Gs0kDtHSVROP57QBiKimO8shLJUiXqNkPLvO%2Bm%2Bh7ymZRJ7sZbrjWHLPOKGnqu9%2BIhy53zTJRBdYXM3lKrTpdJIJm8Ohr7EojoBCvHHbAi03aEYr7wT5Kaoey"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18650bb26c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11137
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BL3aCVH%2Bb2LsJITP2ILLhOfqSfcm9U8BrFl0GuwtSQcjtQfUXHAwULx%2BNMPS9A40G5drQ2ziFqaHdBkVz324qJD1GwZ2l41%2FotaG6Z0U8v5HhtGoWMhyUaLyZOu12QQDbdxjtij4JRbUbTnGo%2BT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186517be5c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11074
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gl%2FIpRhK5Uef9kufopLHX67NDMii112AO%2FjUvX8EnB3IMWayQQLayHJZz3cDzFyW1Y7sMva4OqLbbc3lJRHB4Ftwxk%2BTksRydwCo4iu8GUAXfE06xEmfpswerrtVe1b2guKSfkcK83a4xTDyxqVM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186522c62c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11138
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ue%2FpXsoQss1%2FfdCfNkxMQ5FHXcUSKrfVtsW7ziBJGn%2Bvtdgt%2BQFVOGE2josKR%2FQ1NsNrKrySNd2jyFBv13vpBum%2BSt9W6ZZm1efmciDc1eTzkbkCfp7K4yJpFhZMKd6tHEdOXCgKcB5kFYe0JGV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186528cbfc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pmvd7qplOZWrIcYtH3wODqH5fSGhBX9cn7Wn8ef4I2ae8o2eV%2FvmVOhskkmwP9yIvm5XYyt3aGBZT0ZSSazJBJTe5wIzu9R1nGK0tmyP3i4c6AvOR4nt0gfBqMPhQtWSQfv%2ByZntav7TBD0twtcy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186528cc2c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYZJFb8ximgZY8WKMzfqhlcJv%2BbY809aAg345eTiSFyoS8jq1Pr4aIfchhiDPqXUiYAfUUGk9mjgSVowcRLjE9mJ%2Bi9vzZTf9fjyGJkX31E1r6mecY%2FOf2Muz9sffukBK8FRdWYfib3K0azQKQiU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18652ed18c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11138
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwvA7MNjzHbln1grgG4GR772iYCJWncF5uWReguQzeBRv%2B9TRXpxqlVs0fnKJuZPNOjXqYSQMqQFaPPDOceL0Mw2Le%2FgRmDqpY4QXX3y7Ky1oU1I3o6iOn8H0oOKOqprvjQikyZdEEvM8%2F9PjIhW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186538dc2c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZDK1%2Fis6lt8V3z8%2BHtDvfJJfKzORsK%2BOPSXLosIU4L7xTfotawRyri73YSipT3WVVVn6Ii3%2BxMEHMjOc5vVWISNSSKkj0ocMWtOb9grYgaUFsJuTspnKP8IncZYdTSvCKz6TjLKJl0MLQbJ4uJy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186541e83c514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11138
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHHeky1zk4m4BnLYLC%2Fga0aP7ppIHPOspOJMca0aVDCB98qsRXJcsCJD6bNaQmBtUjZEfhHkiY25y6XdwTBb3Jog7lvAaygX2y2Vu1bwYrG0%2FL%2FsvAvaTo8iymwn%2Bmj3uyGS12WMqRCeWd1%2By4EO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186547ed1c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKEpVZFAc33mqVpRtaDk6deOtRx8eSDG1DNN5bSLm6wb4rvEsdNUXr5XZ3vO4jMKpliY3gk9rmP1tLcIiHVHYq1%2BAhEOcp%2F8J0Te1x7ZBe7WyEKRqswxpqOLiqz4JxicLzYzQVobg1dRhRghpfa9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18654aefec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11138
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ7HodKkG4rZsk6s5C%2BKpm6Ab9%2BwtQaEGTLPm%2BkMQADMl67qyiNq7SKtE3nBm6%2BoQsm4dmRSY5lq9ACM8OZJKREVxNR%2FwVMZsUdwu8GHjoiv2E3HccDeI0XhouUB5kiWBwFVYgKU%2FMuGlh5Mlkuj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186556fd8c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuEpUMgInldxDP8lzHkP0N3DUj6%2B5be7HJHni5zyM2bs%2F1%2FcULp2s0R%2FtJ019aLnaZdB26q4rNrAQ%2FDMC5lSx4MwYPfjbA1q44roDEQtv28Ne5zF0nZRLMNU%2BKFA9FP1S545YZ1lYFQOwLwqdKtl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186556fdac514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11138
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BQ%2BSfgHWT%2B5a%2BhMyFX%2BmvyS8UHvG%2FfABEBHER4EAn0hXa3lCTyhIKwtT7IlTFXh%2BC%2FYzBlbc3Jilw9M0nQy5iSXzE%2FXfx4CjNo%2B%2F%2BynNWuzDdjAIzfv3opCp0in%2Bon3xdjhHxtWaAvqWUgzoNmA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1865658c4c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isN7ubcjswkRj2ztLXmLhap01GabrODAlwi2blUkLKP9CDfx9TakZpAyP95o1DvXin9daK60d1X8%2FY7%2Fggv7qA6J%2FJ%2FPsAemP5VCExNTO9yCR8ogrJbOVYEF4oTWwaLWJSl7MyvnmOAXwDJCiUqn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e1865668dec514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
33 KB
34 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11138
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5QBI%2FoSSYDSBRrW6fUg0MPRNQ%2BpAdwpU6jk1XfWe5PC%2FFXXTS4btWMXur8fRRXBH6LEiz6RS8TIY1Qbhn%2BOvi8wFrjb6GuPOn9a3S6bAPR1g%2FiiCOj9PyLgLI5eTI280JZzJYiA0A%2BNZ4wcrPcT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186571976c514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mbdBRAiM8T4HQAairPvYP00hf7U2Xc4%2FdzDesxD3Sq1WnaRQ9qvS8XyFTGsfhtZgyfV87n7TYm%2BV5AUu%2BzM2DpGMpEEyG6Vrd%2BkFU4WYXv1Bz%2FM0zg4E3mUlowCUGWNSjysdT02i6OjTaa0UYCm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18657298fc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
2 KB
2 KB
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11075
cf-polished
origFmt=png, origSize=3015
content-disposition
inline; filename="git.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1776
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25bb"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCal%2B3IvQFL%2FpgDaEWpLTmHgU0q9x8ujdLXq4qNX7ABwTEsudtoH41%2BMrK%2F47UCuxPxteqIdC4QilbZVIP3N%2B6vS1mzgxywQ5Z%2FAkQU4qwbexCfK5cvGg8p7t0mqSwT00iuky8to6pFBEeQBYJYU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e186586aacc514-ORD
expires
Tue, 24 Jan 2023 12:17:50 GMT
ads.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeU...
9 KB
0
Image
General
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg-aXXZ4ZhMnxWjWAK1ON1hdUiGzwXdIYm3-1DJnXHjgQxpyqWz_0e60cA3kF0x5otQzKkrPAKeXa_92r6BUEH4Cgs5mV52f3p_mLaa0gBlfwT0Mx9qne5QObc8MiY_0Bl0-HcDgqzEV_DgFroeUqI_ArNwTETkhugXomFggxKcC-yH6U0zCEVi92ev/s728-rj-e3650/ads.png
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thehackernews.com/2023/01/massive-ad-fraud-scheme-targeted-over.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 15:22:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11139
cf-polished
origFmt=jpeg, origSize=48887
content-disposition
inline; filename="ads.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33836
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v25e7"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k5cawIuLIW3LLuwbKKoYtaL%2BqlUK0pe79JFqiS75frimCMJ9xJAqkzbKFpIYz%2B2Ufa%2BNp2zEKkpSfrLac3kpVWXKg%2FgnsV4coEAsRBRSHi0ixRRpo%2BiBL%2FiM4e%2FP%2F7%2B8%2BaC6JjH%2BfMVYsZi2qsH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=31536000, immutable, s-maxage=31536000
accept-ranges
bytes
cf-ray
78e18658eb1dc514-ORD
expires
Thu, 20 Jan 2033 12:16:47 GMT
git.png
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvb...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/buyers
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-bbfc9206-95df-333b-944d-ed85ac722945&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iYmZjOTIwNi05NWRmLTMzM2ItOTQ0ZC1lZDg1YWM3MjI5NDUyAgYaOAI=
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
thehackernews.com
URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg4BrplWeBfjJku4m0yuXYxF_qIAbkShAXoh0PPPiOyLsYY5TLK8kMFnaY6Is9Ewn54ZJArOXJElQFZtDv9INsTxgxTtKc6EF2P0m9BpCcddg26dMtyvscfNlN-YrPWNeOrh37ObG7waIIH5mWvbg8xZ_2SCavCRDJDD2Af2uV0AB6THMXaaPwnwWxP/w72-h72-p-k-no-nu/git.png

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontentvisibilityautostatechange object| zarazData object| zaraz string| share_url string| share_title function| isInViewport function| lazyLoad function| head object| __cfQR function| defer function| deferscript object| dataLayer function| setImmediate function| clearImmediate object| adpushup function| $ function| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| apstag object| adpTags object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue object| lotame_sync_16576 function| quantserve function| __qc object| ezt object| _qoptions boolean| google_measure_js_timing function| lotameIsCompatible function| sync16576_ba function| sync16576_b undefined| sync16576_c undefined| sync16576_ca undefined| sync16576_d function| sync16576_e object| sync16576_g function| sync16576_da function| sync16576_ea object| sync16576_ object| sync16576_ha object| sync16576_o object| sync16576_ta object| sync16576_K function| sync16576_aa function| sync16576_a function| sync16576_f function| sync16576_h function| sync16576_i function| sync16576_j function| sync16576_k function| sync16576_ga function| sync16576_fa function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_p function| sync16576_ia function| sync16576_ja function| sync16576_r function| sync16576_ka function| sync16576_s function| sync16576_t function| sync16576_q function| sync16576_u function| sync16576_la function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_C function| sync16576_ma function| sync16576_G function| sync16576_H function| sync16576_na function| sync16576_oa function| sync16576_I function| sync16576_J function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_L function| sync16576_M function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Z function| sync16576_X function| sync16576__ function| sync16576_Y function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_3 function| sync16576_8 function| sync16576_ua function| sync16576_4 function| sync16576_6 function| sync16576_va function| sync16576_wa function| sync16576_9 function| sync16576_7 function| sync16576_5 function| sync16576_xa function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_$ function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea object| adsbygoogle boolean| __cfRLUnblockHandlers object| Criteo number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

265 Cookies

Domain/Path Name / Value
thehackernews.com/2023/01 Name: _ga4s
Value: 1
thehackernews.com/2023/01 Name: _ga4sid
Value: 1978976386
.mrtnsvr.com/sync Name: userId
Value: BAO_P5htM
i.liadm.com/s Name: _li_ss
Value: CgA
.thehackernews.com/ Name: _ga4
Value: 7f3a64fd-38c9-4f36-ba54-152699fb24eb
thehackernews.com/ Name: __AP_SESSION__
Value: c20e2ea0-5733-42ad-a458-26dd53d8ea0a
.adpushup.com/ Name: ap_uid
Value: b765d380-9b31-11ed-a97f-6045bdb1578c
.adpushup.com/ Name: ap_usid
Value: b765d381-9b31-11ed-a97f-6045bdb1578c
.quantserve.com/ Name: mc
Value: 63cea627-76789-90363-83033
.thehackernews.com/ Name: __qca
Value: P0-82214107-1674487335286
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 4c08f0bc3410c24da6a3c0e8b931549a
.thehackernews.com/ Name: _cc_id
Value: 4c08f0bc3410c24da6a3c0e8b931549a
.thehackernews.com/ Name: panoramaId_expiry
Value: 1674573735533
thehackernews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.thehackernews.com/ Name: _pubcid
Value: d0de0f87-33cf-41e6-ac43-9ef1077b292e
.lijit.com/ Name: ljt_reader
Value: GCPaUBZHlJi9exKKRLGQ2_G6
.dotomi.com/ Name: DotomiUser
Value: 718206884076345760$3$1141642770$$1
.teads.tv/ Name: tt_viewer
Value: d00f4d51-f2a9-4c26-8348-6ca1997dc8cd
.openx.net/ Name: i
Value: d0de0f87-33cf-41e6-ac43-9ef1077b292e|1674487335
.servenobid.com/ Name: cap_908
Value: 10
.rubiconproject.com/ Name: khaos
Value: LD8YIXD5-R-H02B
.prebid.a-mo.net/ Name: __amc
Value: 1_1674487335_1674487335
.a-mo.net/ Name: amuid2
Value: 2f23c37f-e745-416e-ab61-c7085374172e
.prebid.a-mo.net/ Name: sd_amuid2
Value: 2f23c37f-e745-416e-ab61-c7085374172e
.amazon-adsystem.com/ Name: ad-id
Value: A3JhvOh23UeWmbaA-1QxXNM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 6733065173710718434
.simpli.fi/ Name: suid
Value: FCDE7643AF4548A79DEE48D8B397BDF1
.3lift.com/ Name: tluid
Value: 1233109657613021960210
.contextweb.com/ Name: V
Value: ocnaw3qIK5Iq
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5da340d63cddac40
.smaato.net/ Name: SCM
Value: 5f484d19
.smaato.net/ Name: SCMaps
Value: 5f484d19
.media.net/ Name: visitor-id
Value: 3174889366419408000V10
.sharethrough.com/ Name: stx_user_id
Value: 2131a2a5-2d3b-4bc3-86c1-f9dae394b6a8
.smartadserver.com/ Name: pid
Value: 8681080202229734004
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uis
Value: 57d67dd3-e58e-41f1-a73d-3175e0964399
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 1
.emxdgt.com/ Name: uid
Value: 56831674487336491320b5
.thehackernews.com/ Name: __gads
Value: ID=a2c0f265ab3945c6:T=1674487336:S=ALNI_MbltNGCSv2uA6CA8BLSqZlrDQFQuA
.thehackernews.com/ Name: __gpi
Value: UID=000009478c7c2703:T=1674487336:RT=1674487336:S=ALNI_MZH9C_coeT3-JWeAePppOkTVoQp0g
.doubleclick.net/ Name: IDE
Value: AHWqTUkiFoXdmlCqcouKs_N1JV3P_4DY0_66sh438hOLNzyB2Ge20M2uqDDJL1QouzI
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 23E78CAF-EA8D-4216-AA92-89883064497A
.tremorhub.com/ Name: tvid
Value: 7740ca41c7754a2caf7e335139f96e76
.tremorhub.com/ Name: tvssa
Value: 1674487336901
.turn.com/ Name: uid
Value: 3567392977657129836
.emxdgt.com/ Name: ps
Value: d59,d57,d55,d53,d52,d48,d46,d38,d35,d34,d32,d31,d30,d25,d21,d20,d19,d16,d15,d8,d5,d1
.emxdgt.com/ Name: apn_id
Value: 6733065173710718434
.emxdgt.com/ Name: dt
Value: 023
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y86mKQABeG-JIQAb
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:FCDE7643AF4548A79DEE48D8B397BDF1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&da7e4dc7-4032-49fd-8b3d-98425539b765"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2982:u=1:x=1:i=1674487336:t=1674573736:v=2:sig=AQFM_2wnoUBammR2trrpFSwXggR45yW8"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-19947397-8530-4023-44b8-7bb33ba338c8.aTMsc%2Bjzm99kbv%2Bwu%2BeseiLcVnhE5BvwFQAMgbQlDeY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGZRzl4UwQCNEuHuzO6M4yKdYB6I.rhbax8sVH1cENtL0a21makPvBxLaK3p4CMNVlW8emsI
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjA1NDY2NjIxNDE0NTI3NzYzFOIz1C03qCo0KfH09jYJNgcAyqWHWSQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjA1NDY2NjIxNDE0NTI3NzYzFOIz1C03qCo0KfH09jYJNgcAyqWHWSQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129Q82jvCrsrC0LPco9DEuzM4KMMoxCAUAwdMLuR4AAAA
.adform.net/ Name: uid
Value: 1163824315312156669
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEEplLbJ_NtStTTQGD8bQIyg&KRTB&22987-CAESEEplLbJ_NtStTTQGD8bQIyg&KRTB&23025-CAESEEplLbJ_NtStTTQGD8bQIyg&KRTB&23386-CAESEEplLbJ_NtStTTQGD8bQIyg
.smaato.net/ Name: SCMg
Value: 5f484d19
.tremorhub.com/ Name: tv_UIDF
Value: CAESEItyr5YczpqvQbuYo7IsksY
.go.sonobi.com/ Name: HAPLB8S
Value: s85136|Y86mL
.zemanta.com/ Name: zuid
Value: 5Afr29_qdWuWh6KASYx3
.bidswitch.net/ Name: tuuid
Value: 5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
.bidswitch.net/ Name: c
Value: 1674487337
.bidswitch.net/ Name: tuuid_lu
Value: 1674487337
.adsrvr.org/ Name: TDID
Value: f105d891-05e9-4d32-aa2b-e9a4bfdd0784
.360yield.com/ Name: tuuid
Value: 3242660a-fc38-4046-afb7-078464cc380d
.360yield.com/ Name: tuuid_lu
Value: 1674487337
.blismedia.com/ Name: b
Value: 63CEA6290FC81E00129917AABLIS
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.rlcdn.com/ Name: rlas3
Value: Q9c+zTkyIKvC5k5QFZ8UlJhrkMgMnT1N/9DqgmC4Tq4=
.onaudience.com/ Name: cookie
Value: 35bcdf5f3c7d20c9
.onaudience.com/ Name: done_redirects219
Value: 1
.deepintent.com/ Name: CDIUSER
Value: di_2f962032988a4842baa98
.casalemedia.com/ Name: CMID
Value: Y86mKFrdnGmrRqZjg9GGuAAA
.casalemedia.com/ Name: CMPS
Value: 172
.casalemedia.com/ Name: CMPRO
Value: 172
.criteo.com/ Name: uid
Value: e094fbfc-98bf-447b-9823-36915e8ebe8d
.clickagy.com/ Name: cb
Value: Y86mKQElmgIw2Q7XHrSOPRzp
.sitescout.com/ Name: ssi
Value: d7b07b2f-4cda-4258-9762-2e4f3d7024cd#1674487337258
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3567392977657129836&KRTB&23150-3567392977657129836
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ipredictive.com/ Name: cu
Value: 1b20469e-74a0-4047-8826-1c3df17e1cb2|1674487337298
a.clickcertain.com/ Name: _ccpx_u
Value: 63fbbc2a%2d72a4%2d4058%2d851c%2daf35c566bd25
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0d4647c7-bb63-4ba0-9c6c-cee5ed34b200&KRTB&22918-0d4647c7-bb63-4ba0-9c6c-cee5ed34b200&KRTB&23031-0d4647c7-bb63-4ba0-9c6c-cee5ed34b200
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.pippio.com/ Name: did
Value: 4CdjshoNAruJNgWI
.pippio.com/ Name: didts
Value: 1674487337
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CKnMup4GEgYIgr0rEAA=
.zeotap.com/ Name: zc
Value: e3233cf9-0634-40b9-4537-55f22d950997
.zeotap.com/ Name: zsc
Value: %EB%03%A81%EF%B1X%40x%28%E0C%7FA%C1O-c%A7%27%E9%AD%E6%D3%E3%80%96%A5%BA%08%0F%BF%AFl%CE%22%D1%1F%14u%C3%E1%2BQ%1B3%12%F1%1F%BDAIH%94%90g%9Af%D5%27%83%87%40%09%D5SM%D4c%BF%CD%A8%1B%96%18%81%21%9B%E3%09%F2%FC%88
.liadm.com/ Name: lidid
Value: ed71f341-d7c1-4fba-8c92-153a64ac3d60
.bidr.io/ Name: bito
Value: AAFeCU7HnUwAAB9fauIv8Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.bluekai.com/ Name: bku
Value: ikG99YZZpZBiDmXA
.mfadsrvr.com/ Name: tuuid
Value: 70bc7c92-7e4a-4877-be0e-b545f77053dc
.mfadsrvr.com/ Name: c
Value: 1674487337
.mfadsrvr.com/ Name: tuuid_lu
Value: 1674487337
.linkedin.com/ Name: li_sugr
Value: e90b159f-8c12-4ae7-a745-e94f471fca75
.tapad.com/ Name: TapAd_TS
Value: 1674487337660
.tapad.com/ Name: TapAd_DID
Value: ec218740-9b51-4fc4-80b0-fd499abe1b88
.mookie1.com/ Name: id
Value: 10598095826957948035
.mookie1.com/ Name: mdata
Value: 1|10598095826957948035|1674487337744
.mookie1.com/ Name: ov
Value: 28154d6ba37b05f496ee73e2742b1739
.creativecdn.com/ Name: u
Value: 8oolc2dejhzYX9zHqr4C
.creativecdn.com/ Name: ts
Value: 1674487337
.adingo.jp/ Name: ID
Value: c0224675c33c469137e06bfad8ed225c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005%22%7D
.rlcdn.com/ Name: pxrc
Value: CKnMup4GEgUI6AcQABIFCOhHEAASBgi46wEQAA==
.openx.net/ Name: univ_id
Value: 537072971|f105d891-05e9-4d32-aa2b-e9a4bfdd0784|1674487337849950
.yahoo.com/ Name: A3
Value: d=AQABBCmmzmMCEFTULEnLOOgRRTnwrPN-upUFEgEBAQH3z2PYYwAAAAAA_eMAAA&S=AQAAAi02ODAZSSb6GT2VfKf7R4E
.dyntrk.com/ Name: dyn_u
Value: 06030001_63cea629eb2cf
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=550131C3C86423"
.socdm.com/ Name: SOC
Value: Y86mKsCo5tAAAAaHFiMAAAAA
.openx.net/ Name: pd
Value: v2|1674487337.2|iKbwvPvMgahEgKkWg2gy.mmuYeSwrf8ke
thehackernews.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22f105d891-05e9-4d32-aa2b-e9a4bfdd0784%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-23T15%3A22%3A19%22%7D
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
aorta.clickagy.com/ Name: chs
Value: [{"ch":"177","t":"2023-01-23 15:22:17"},{"ch":"4","t":"2023-01-23 15:22:19"}]
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.mookie1.com/ Name: syncdata_IOW
Value: 1
.mathtag.com/ Name: uuid
Value: f14363ce-a62b-4b00-8384-262673057fcf
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.mookie1.com/ Name: syncdata_TAP
Value: 1
.media.net/ Name: data-rk
Value: 851333241415277361~~8
.fiftyt.com/ Name: fifid
Value: 6ba949c0-f703-4915-66e2-b75dd60b0316
.fiftyt.com/ Name: cs
Value: MTY3NDQ4NzMzOXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHIVGNi9UCB6PdZiyY6r6B375MZRbELpAav70WyQeEk5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7&KRTB&19420-ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7&KRTB&22979-ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7&KRTB&23403-ng-GbMkK1z6FC9M-kAXIMJgP0zqFBNY5mw-ALfs7
.pubmatic.com/ Name: DPSync3
Value: 1675641600%3A201_245_228_221_226_236_219_197%7C1675036800%3A164_248_252_253
.pubmatic.com/ Name: SyncRTB3
Value: 1675641600%3A55_48_233_239_81_166_3_13_243_220_165_249_99_214_204_71_56_7_22_104_238_21_5_234_231_240_250_8_96_54_178_176%7C1675296000%3A63%7C1677024000%3A224%7C1679616000%3A69%7C1675036800%3A38_223_2_15%7C1675728000%3A35
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f14363ce-a62b-4b00-8384-262673057fcf&KRTB&16736-uid:f14363ce-a62b-4b00-8384-262673057fcf&KRTB&23019-uid:f14363ce-a62b-4b00-8384-262673057fcf&KRTB&23114-uid:f14363ce-a62b-4b00-8384-262673057fcf
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6733065173710718434&KRTB&23339-6733065173710718434
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-1b20469e-74a0-4047-8826-1c3df17e1cb2&KRTB&23011-1b20469e-74a0-4047-8826-1c3df17e1cb2&KRTB&23355-1b20469e-74a0-4047-8826-1c3df17e1cb2
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQEI9pRaGZ1YoQJFDRcTAQEBAQE&KRTB&22713-AQEI9pRaGZ1YoQJFDRcTAQEBAQE&KRTB&22715-AQEI9pRaGZ1YoQJFDRcTAQEBAQE
.media.net/ Name: data-ttd
Value: f105d891-05e9-4d32-aa2b-e9a4bfdd0784~~1
.media.net/ Name: data-o
Value: cb5e5941-3148-44f1-95da-2877d1b3880f~~8
.media.net/ Name: data-a
Value: 6733065173710718434~~8
.media.net/ Name: data-c
Value: e094fbfc-98bf-447b-9823-36915e8ebe8d~~1
.media.net/ Name: data-c-ts
Value: 1674487339
.fiftyt.com/ Name: fppm
Value: 20230123152219
.media.net/ Name: data-mm
Value: f14363ce-a62b-4b00-8384-262673057fcf~~8
io.narrative.io/ Name: io.narrative.guid.v2
Value: ba17fb30-9b31-11ed-b2a4-02b03d742aa1
.media.net/ Name: data-mf
Value: 70bc7c92-7e4a-4877-be0e-b545f77053dc~~1
.agkn.com/ Name: ab
Value: 0001%3A%2FFN%2BQTwVzEraijF5Zz81N5fUwGMhnRH5
.media.net/ Name: data-g
Value: CAESEOF0ZAomU418VTX88aut1mU~~8
.semasio.net/ Name: SEUNCY
Value: 1739626D174987C8
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_2f962032988a4842baa98
.ctnsnet.com/ Name: cid
Value: a086ace933374a9eb30b13f087c64532
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-GZRzl4UwQCNEuHuzO6M4yKdYB6I&KRTB&23334-GZRzl4UwQCNEuHuzO6M4yKdYB6I&KRTB&23417-GZRzl4UwQCNEuHuzO6M4yKdYB6I&KRTB&23426-GZRzl4UwQCNEuHuzO6M4yKdYB6I
.mookie1.com/ Name: syncdata_NEU
Value: 1
.media.net/ Name: data-pba
Value: 23E78CAF-EA8D-4216-AA92-89883064497A~~8
.media.net/ Name: data-ze
Value: 5Afr29_qdWuWh6KASYx3~~8
.thehackernews.com/ Name: cto_bundle
Value: Ck812V9ZZmhoaTNwODElMkYzcFV4dyUyQnhwRHBYMXdsb0RsT3RkZEpJdUNUWFRMOXlPenBvd0lINnNzczNZRG1oRkx1TUlDZnJOJTJGOG9WUWdaUGgyelhGcDFYUk0xRW1QUXJNMFFVbXJxU2dydnluJTJCRm5zZ3dWOGtabEFmZSUyQmNBb1RkOWlDU092U01VYlFYJTJGdWpjMEw0c0hRdnZzZXclM0QlM0Q
.thehackernews.com/ Name: cto_bidid
Value: d2fs3l9JOVhFNmJpU05sSUFwaGdRQ0tVMUs0MGRZcXRMb1NTSE80VjhDVlZvRUFrOU8lMkJ3R21GU2ppS216UGM0MXFDN1NWOUd2U1kyWE9rN1V4bmJtTkVnZFp1Rjl0RzIlMkJ6NlExVlpKQmdVYWczJTJGanlidzJyUjQ2RVFEeHpXa2RES2ptcQ
.adgrx.com/ Name: ADGRX_UID
Value: ba37cc44-9b31-11ed-9559-2c64530b0a35
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7277737392085258416P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&KRTB&23418-d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553&KRTB&23424-d7b07b2f-4cda-4258-9762-2e4f3d7024cd-63cea629-5553
ads.playground.xyz/ Name: connect.sid
Value: s%3AvOeKKG3K8HfmRBr7KBvkkeQmqInxY2XF.1E0tewhR1fFEWz9CUUtl2c540jFyvCZBje0Bi%2FqZ0A4
.technoratimedia.com/ Name: tads_uid
Value: F88BA36B265E4FFEAEB75BDBA6F0F08F
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230123152219+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFeCU7HnUwAAB9fauIv8Q
.acuityplatform.com/ Name: auid
Value: 735127523027
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQndnEVmsmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUJ3ZxFZrI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-BAO_P5htM&KRTB&23413-BAO_P5htM
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1163824315312156669&KRTB&23263-1163824315312156669
.mxptint.net/ Name: mxpim
Value: R1B342_FCF2C310_6B820E01.1.000000000000000063CEA62B
.tribalfusion.com/ Name: ANON_ID
Value: a7nseFwyEojpuMNpbIUvPme5QZcZcwkyjIeqsGf03t3cSyQN3IchRRmZavxIPCn4wZbkEPUWbk22vgRZcbEAx1XCn
.w55c.net/ Name: matchpubmatic
Value: 5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-735127523027&KRTB&23428-735127523027
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-0fd454b4-cc14-4f60-8c3c-438bb2bf5352&KRTB&23340-0fd454b4-cc14-4f60-8c3c-438bb2bf5352
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B342_FCF2C310_6B820E01&KRTB&23092-R1B342_FCF2C310_6B820E01
.prebid.a-mo.net/ Name: _sv3_bid_switch
Value: 1
.w55c.net/ Name: wfivefivec
Value: 688nsmJw1PjYEj5
.w55c.net/ Name: matchmedianet
Value: 5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!567
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 870a0746-d278-4367-9ebf-1b3b678c16a5
beacon.lynx.cognitivlabs.com/ Name: ss
Value: eL2BFKqljiuT4cunGNc4ypkiS9XWblEpvwWk4dSRQarf%2FS%2Bs9ZB2qcuZBf0H5wKIbBJBKH6BAKzBuyUf9UHr2Q%3D%3D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129Q82jvCrsrC0LPco9DEuzM4KMMoxCA3iNTQzNzGxMDc2Njc0sXjFiMpfxIvENzU1OSUO55sYGJibAgDUNUdSXQAAAA
.inmobi.com/ Name: idsp_c
Value: e9742f81-43dd-4213-8350-fc1f2346c4fd
.rkdms.com/ Name: sessionid
Value: h-e1fe7722b1e75b1e96d88d014e9a3063_t-1674487340
.rkdms.com/ Name: sc
Value: 13%3A105735
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-ba37cc44-9b31-11ed-9559-2c64530b0a35&KRTB&23275-ba37cc44-9b31-11ed-9559-2c64530b0a35
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005&KRTB&17107-RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:FS9LiMPt1PjYEj5&KRTB&23421-uid:FS9LiMPt1PjYEj5
.prebid.a-mo.net/ Name: _sv3_11
Value: 1
.media.net/ Name: data-r
Value: LD8YIXD5-R-H02B~~1
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7277737392085258416&KRTB&22521-Q7277737392085258416
.media.net/ Name: data-xu
Value: 688nsmJw1PjYEj5~~8
.servenobid.com/ Name: pid_324
Value: 851333241415277361
.servenobid.com/ Name: pid_310
Value: GCPaUBZHlJi9exKKRLGQ2_G6
.csync.loopme.me/ Name: viewer_token
Value: f75989ec-2559-452d-8fa8-909246d16756
.adsby.bidtheatre.com/ Name: __kuid
Value: c2d2e1aa-92b2-4f61-93df-caf63b5593f2.443701340
.servenobid.com/ Name: pid_339
Value: y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
.gumgum.com/ Name: vst
Value: u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6
.servenobid.com/ Name: pid_337
Value: y-rf6ik1tE2uFxaBH8u2rHCElyfkUXIOuW6TQ5jSw-~A
.servenobid.com/ Name: pid_312
Value: 6733065173710718434
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.sitescout.com/ Name: _ssuma
Value: eyI2NiI6MTY3NDQ4NzMzNzQwMywiNDUiOjE2NzQ0ODczMzk3MjgsIjM5IjoxNjc0NDg3MzM3NDAzLCIxNyI6MTY3NDQ4NzMzOTE5MywiNyI6MTY3NDQ4NzMzNzQwMywiNjQiOjE2NzQ0ODczNDAxODJ9
.servenobid.com/ Name: pid_318
Value: XjQDc7cP2-CyZefUKdhPpZwyhiXZRdsDaKK3nH7jfHk
.media.net/ Name: data-bs
Value: 5f7ff6a1-c1d9-4617-a9b1-d66e01cbfb63~~1
.minutemedia-prebid.com/ Name: wrvUserID
Value: O4bVP8haC_mm
.c.appier.net/ Name: _auid
Value: 7qqgB5qHCJ-x2aqaLKbOYw
.quantserve.com/ Name: d
Value: EGYBHAGPKIEO-TC_vLEMuJ0Q
.servenobid.com/ Name: pid_333
Value: Y86mKFrdnGmrRqZjg9GGuAAAAKwAAAAB
.servenobid.com/ Name: pid_332
Value: 57d67dd3-e58e-41f1-a73d-3175e0964399
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-7qqgB5qHCJ-x2aqaLKbOYw
.brand-display.com/ Name: _knxq_
Value: 6ffdf29f-22dc-f0e3-d943f179.1674487340.0.1674487340.1674487340
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230123%22%2C%22142%22%3A%2220230123%22%7D
.servenobid.com/ Name: pid_317
Value: 8681080202229734004
.servenobid.com/ Name: pid_309
Value: u_a79de62d-bd37-4e5f-a99e-f9ff6b6d26b6
.servenobid.com/ Name: pid_348
Value: O4bVP8haC_mm
.yieldmo.com/ Name: yieldmo_id
Value: gc26512b2917400273e2%7C1674487340357%7C0%7C
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~29l3:196y~29l3:18z8~29l3:196n~29l3:194o~29l3:1983~29l3"
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.mfadsrvr.com/ Name: ssh
Value: !minutemedia,1674487340!medianet,1674487339!bidswitch,1674487337
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-bbfc9206-95df-333b-944d-ed85ac722945
.33across.com/ Name: 33x_ps
Value: u%3D212085163492328%3As1%3D1674487340430%3Ats%3D1674487340430
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1iiy|8kt.0.1|81F.0.1|4is.0.CAESECgjTrnE6Q7vEkn6bo1adN0|7TY.0|2N.0.AQEI9pRaGZ1YoQJFDRcTAQEBAQE|3oy.0|7bq.0.1|7dN.0.AAFeCU7HnUwAAB9fauIv8Q
.admanmedia.com/ Name: admtr
Value: dcea0fd4-aac5-4203-b6da-f8645c69c7f0
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: d4c92408-fa4a-5317-9d84-b30afe4a1520
.betweendigital.com/ Name: ss
Value: 1
.server.cpmstar.com/ Name: USER_ID
Value: %3f%cd%ec%5e%aej.(%bcx%c8%ecS%b8%e8
.outbrain.com/ Name: obuid
Value: 5e4bf459-9e23-43f4-a4c9-db435de2bcdc
.audrte.com/ Name: arcki2
Value: cbbD8ikVXEiRLWDoWJf8eRjVw!20220908!1674487340663!ip#167.88.7.162
.servenobid.com/ Name: pid_321
Value: RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIzNqI0PTXvjsQBRIWCgdydWJpY29uEgsI9tmh6fTXvjsQBRIUCgV0YXBhZBILCJLXoez01747EAUSFQoGY2FzYWxlEgsIqJ2J7_TXvjsQBRgBIAEoAjILCJD-lKCL2L47EAU4AVoHdnc2aXlybmAC
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFeCU7HnUwAAB9fauIv8Q
.pubmatic.com/ Name: PugT
Value: 1674487339
.betweendigital.com/ Name: ut
Value: Y86mLAALG8B2efPlgvdMgLiuUHuFXCDPOmZfHw==
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-beb24e83-254d-490d-a5d5-fb76ab96f7e0-005%22%7D
.onetag-sys.com/ Name: OTP
Value: zwszGXkOAvfLdXDTfVVuxOOm7iH39yR_LmJwaMqIBHA
.smartadserver.com/ Name: csync
Value: 22:1163824315312156669|127:AAFeCU7HnUwAAB9fauIv8Q|141:cbbD8ikVXEiRLWDoWJf8eRjVw
.id5-sync.com/ Name: id5
Value: 8eecd97c-2f32-7b27-aa2a-f1728434d7dc#1674487337167#3
.admanmedia.com/ Name: ac_r
Value: CS71|CS112
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxLylb/Yb8/J+lYvo2XO8wv+vGi7zdmzImaFkn5rZ1sc37tYkUvGeouMVFGUy9rDq9fa0xx3WHsLKMBQn6AvuCLFYBCfaDuadRJvXUXSgkxWQwmsd6cmBZ0t
.pubmatic.com/ Name: SPugT
Value: 1674487341
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1674508943203
.servenobid.com/ Name: pid_316
Value: 23E78CAF-EA8D-4216-AA92-89883064497A
.servenobid.com/ Name: pid_323
Value: LD8YIXD5-R-H02B

7 Console Messages

Source Level URL
Text
network error URL: https://dmx.districtm.io/b/v1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7983783048239650&output=html&h=90&slotname=5354856507&adk=1087604413&adf=2959314990&pi=t.ma~as.5354856507&w=728&lmt=1674476095&rafmt=12&format=728x90&url=https%3A%2F%2Fthehackernews.com%2F2023%2F01%2Fmassive-ad-fraud-scheme-targeted-over.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674487335796&bpp=1&bdt=1694&idt=239&shv=r20230118&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7090965524977&frm=20&pv=1&ga_vid=3312542.1674487336&ga_sid=1674487336&ga_hid=60387030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071766%2C31071792%2C44779793&oid=2&pvsid=1380390476623251&tmod=543820465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hLxW3VVcuO&p=https%3A//thehackernews.com&dtd=248
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://match.prod.bidr.io/cookie-sync/emx?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://dmx.districtm.io/s/v1/buyers
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESECPJ7BIhh5s9_6avLaJlkYs&google_cver=1&google_push=AavPq0NaYGkl7YW4QhT85gR7cuSzHKOurwLT3U_aX_mxF2xnifUyXcvOnSPzGt6IUTQesFxXjtj-6oS3joUH38I2EPYEUJg1bJDf
Message:
Failed to load resource: the server responded with a status of 408 ()
network error URL: https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88e8b293fb7d8f109f6ab210953d1fa0.safeframe.googlesyndication.com
a.audrte.com
a.clickcertain.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
adpushup-d.openx.net
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.us.criteo.com
ads.yieldmo.com
adservice.google.com
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
blogger.googleusercontent.com
bpi.rtactivate.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.us1.dyntrk.com
c1.adform.net
c21lg-d.media.net
cat.va.us.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.districtm.io
cdn.flashtalking.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.us.criteo.net
csync.loopme.me
dis.criteo.com
displayf-tm.everesttech.net
dmp.brand-display.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
e3.adpushup.com
eb2.3lift.com
emx-match.dotomi.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
g2.gumgum.com
gocm.c.appier.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
io.narrative.io
ipac.ctnsnet.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mid.rkdms.com
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.us.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playtime.tubemogul.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.turn.com
rtb-csync.smartadserver.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
rtd-tm.everesttech.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
statsf-tm.everesttech.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.crwdcntrl.net
tg.socdm.com
thehackernews.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.google.com
www.googletagservices.com
x.bidswitch.net
cs.iqzone.com
cs.krushmedia.com
dmx.districtm.io
thehackernews.com
104.36.115.111
104.45.178.220
107.178.246.49
107.178.254.65
108.138.115.22
108.138.124.226
108.138.128.124
108.138.128.83
132.226.63.138
135.148.35.199
137.116.89.182
141.94.171.215
142.250.65.166
142.251.40.130
145.40.89.200
151.101.194.49
162.19.138.117
162.248.18.37
172.105.203.31
172.64.154.237
173.223.72.70
173.231.178.81
178.62.202.251
18.164.116.3
18.214.193.123
18.214.96.241
184.28.61.13
184.29.128.24
184.29.129.73
184.86.146.172
185.167.164.37
185.184.8.90
192.40.39.223
195.5.165.20
198.148.27.139
198.24.162.123
199.127.204.171
199.187.193.177
199.187.193.182
199.187.193.199
199.187.193.202
199.38.167.130
20.127.253.7
2001:4de0:ac18::1:a:3a
202.241.208.53
205.185.216.42
207.198.113.90
213.19.162.80
23.32.172.185
23.43.252.214
23.52.160.130
23.52.161.180
23.52.167.93
2600:1400:d::17db:5cd0
2600:1f18:24e6:b900:e9b7:f48b:1f4b:38e5
2600:1f18:4e9:5a07:cf76:255b:115b:e80f
2600:1f18:612b:4232:cbfb:31da:cef6:348
2600:9000:21dd:9800:1f:4c18:bd40:93a1
2600:9000:21dd:f800:6:44e3:f8c0:93a1
2600:9000:2209:3c00:1b:5138:8a40:93a1
2602:803:c002:300::98
2606:4700:10::ac43:db6
2606:4700:20::681a:832
2606:4700:20::ac43:4615
2606:4700::6811:180e
2606:4700::6812:19ad
2606:ae80:1451:22::820
2606:ae80:1471:12::410
2607:f8b0:4006:806::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a02:2638:1::13
2a04:4e42::485
3.135.132.32
3.210.134.189
3.222.96.203
3.227.167.227
3.229.193.235
34.102.163.6
34.102.253.54
34.107.148.139
34.111.151.213
34.117.228.201
34.171.234.26
34.225.197.151
34.226.144.29
34.233.108.47
34.235.214.237
34.96.105.8
34.98.64.218
35.170.172.42
35.172.92.2
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.201.96.126
35.207.24.140
35.211.178.172
35.214.223.115
35.71.131.137
35.71.139.29
37.157.6.254
4.78.226.233
44.209.91.56
47.252.78.131
5.161.54.172
50.31.142.159
50.57.31.206
51.222.39.184
52.1.62.93
52.21.122.168
52.21.44.152
52.3.185.245
52.41.85.220
52.45.175.185
52.45.33.138
52.46.128.147
52.73.201.215
52.73.27.182
52.95.118.179
54.147.97.191
54.157.142.114
54.162.250.6
54.163.128.108
54.237.254.37
54.87.127.173
67.202.105.24
68.67.160.132
68.67.160.24
69.166.1.12
69.173.151.100
69.175.41.2
69.175.41.44
69.90.254.78
70.42.32.127
72.21.81.64
74.119.119.139
74.119.119.147
74.119.119.150
74.121.140.14
8.18.47.7
8.2.111.13
8.28.7.109
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.98
80.77.87.162
96.46.183.20
99.84.37.71
01193b75b4546de5817de2ae5c104c0cfc83874668d3203ecde75dd449eb199b
034d545606c0258b419e148b7a316ca02190004a3673770f807cb3e2611b990a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c6c51dafc8bdf4ef6841da2faf4d5d7555393739fd7577d931b0268fe3060a9
0eabaf8d54578cebdb01ec141a6604c4edc6203daea0d22366bfa502cafcfe3c
11bca1616d86a6bb76003904e978bc858e18cd7f682e489f0080a433dc8c3c32
11fded7bfe8683cd37b21b414a99ed8a162b43b5d1835a7e9103ad5ee7fe4f49
13687f2dc869c2b7f8ba74253fc909fc86110e7f8a5805d98a077b3ac724f57c
1577c01c806caa32d876be1a72079c05ad447b28038d6c97d4ac08c83a5b3303
16b364cf82d901236d41153e75796be875571b655a07c3732be930ec01b43bc2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ed7b4135e610fc8446a1b9adcaf32364ea2127f400292af3562991ff20753a
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f
19d1c8b843bef3862523918c900e01d1ec90d82de41c159e20cf9fb00c574a53
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
20861a67c9d3f8694f1d9cc9fa0146fc0726ef04eb47017ca7efd5b9054be6d2
209d3e9bf535065111a7578eb5d4790d16fb38d2758456cb22a02df5df8fde04
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2958fa9a25d53bd0517e811f24ba4ffcebd8b5dc9c3c66f4a1bbf3930f7a80b7
2bc3d8cc5be5088cfc77b97d46ee5b3b65ffd906e4fb67bd82966fef4e738841
2c882bded16fceaa96978791f6a249e68733a879efc354cdf684b6e3f9d29be5
2de33ca2d2cfb7f437aa190ecdd4b3991ff2879604c0e24aaf02849ae1f360b3
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313f97e05a986b4cc42231b229bf3f69aa35f1ba6dd24d723cb525b391691506
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b210dea1a0be1a38c2d55d5048323f0d0857f1980b4974fe73efe202ed2b1d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bfb77d9936f8b91c5fef48dfc82f26fb04fddc3d692d63ce7de692db9d7dd3
37cce515bd5df4b16be6501104866128f762a73bd610dfdfe2e56b47527add13
393c2f8f6b5e30d8754d66e09c1222241a5470fc60f201b1c4e926690b306c28
397c3eabdcb77405f8f0e43ecfa1737cbc1e88edec7efd88c35b53288ceb7bdc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eadeca0f9cb06fea26e8c8f98e9fe7f2689921df0c12a9e823f6befe1d553ae
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c4ae894286539cfbdf83dac6ac8f9f1907385d50452079d8138cf5a6e0b5784
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f6bbbc12e5d8fa388addd24ab934870fd8ffc9a6241f206ffaf03e45fbcad5f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
576c774cca9411a6a129ae9f19ab8fffc1a0583b9e2603b832ce652b5cad869f
58d13248ebe406010cf0f669b960ad791cb146fc6fb3d2fd52755e39a05371d4
59e9c6f8d98afc820746f135c9fb9efcfd3d39432fb4bfad87b6e61d4869ac3c
5c6dbc332d270518aae51f21e5fcffe33c1d9c4df71908870311a5d5e50d8017
5c6def1fa51cab473af29cab6fee7b5ff9f97c50104b46c77d5aa3f0a45a616a
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657522cf56d3621346ae7f0e6038b36d39cacee09795e95887e1b00850752bc2
65e2dd4a3f9868206c1121e53fffa3e821f558d861febdbb8e7e07d87471ffd8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
68f2fd508ac5838a5f1cac32ff96420dcc62bf6e2448beef79b0bf9c9e8ffc4d
69e2bc285ae0e092f074e10ba38692e1d2b4176c7db6dce6d18a4f182a4e6a1a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c46c1b6dab1453bf35ce6d9ed062a8ca0a371d892e33446da9d8bc291633288
6d54aecd2bd9fef0d74763ef48135aded46f2a190546075cf9466b9e5296c8a9
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72c82e75b2236d4375339ae95e9b4814d872c23e72090249b4cc63096c107bc8
758f5e37a6db5fa794e14bfaef8f2de08b3c4a0023cb9b161fe452207b6f85fc
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83529ab2c8bd9b5eed83e37f2be2f64d07af89d03bb027f8802e389c81129cb7
841c247221ca9d6cb6bfe54dc42d452edc616872c4ea1ff14488a2d6db0002d1
848c2b11a39d6af4a9cb08e516faaa87f05227446e5af4e2a1b7634e929806d4
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85ed30e3c582ca9a38c374f465dfcd068189d67e0ecc45e7ba0aa6e22364f820
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a30036501a6d3e268b557ca30bf90d31b5296da03398d0375c520f22d049b6f
8aa693a7aa0b3dc24b2855ea89caed906f8cdfbd640e25250b4c08210b3ccf14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef1e5091415bb8d67f2729f4e30741e9c28775a8b61a840f99467a9d1e3e1cb
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
933661873e97ba7e6d84e4d33f369058a5f15e02609d75d76b530c7926b1e91e
964f70dc94b7ebde3a80c76d64d7bb0f8ec216e8ee23bdc88856008ee2066bbc
978cb97b3ce84b408310e2b78160d62af31f6c7d358bd29fea6cbf3e640b7777
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
995d2fd8b7cce3356118cb1757678ad7dd49f4b63d93260c799bb307e310d158
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a8999cf02ff66cbf643c11316d9ee24146e244a01351272fcb27e65e0fc6dbb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f6bf549663035f716917eed6abb75ce1663a75961b9977cc802d59bf5bce99d
9f966aa5a01d4ff4394b40843a787ff7025e3baa7a39631bf4d52ebe670be59b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2758971acc37a9a7924626bd2c7861ffdb97b4f510c64442208bef5c5838869
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3ccc531deff659f0317e224db114ea2352e9cfd36c3472bdf5e4186ee57c8c9
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a3e1225d4c86116980953a6fd731a8db7a1ddd38604b8bd5c7639ebcf1b878b7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a893c28a33579110bb075cf2fdba9a887a76f047821bcd85f37c86fc87964b24
abdaf94b1404de4cf0cc866e988716a201a00b85e23786b5e080944b37beb629
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad0335e42b76a2f56864e0bb2310e567b96dde3f8b0f7dae25e918e0252164b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b2ed9f404d83e3318e75e3d27ce24885d27873b87914981c9fc10c87c974c600
b737f20bfdd06fbb629ce7024ac34732e62d05b141ab734e0ada978ca4d4d95b
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
b9fdf0930bb4e65350776256e7be1eb16d9857a8e0e2a166ce394bf9ca0a92da
bafdffaeb107f68f4555e076f29926f4c791869abe13237c9b6254b978548cde
bb0ba7fd78c5aaebe6e77ba9ba93964751d49a4a3af2b52f699fed8f6dfcf80b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb23fa1e11e3ec7fa91bde8d3cce6b5c58752fe70293fa75ef6e6a40cd806850
bf402005043a0353ece6d0435304bd08eeb40da358a13583cf61aed8321c71b4
c15904403ee1666afdcb0f4df49e8b219fb1e149dc05abcd415a37832551de54
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e159e1f9639d7fd30bd5955e5574291b4c34197c7f59fbab94cf5fee12f4da
c57eab762f19c8bdcad2151bfa117bd6e144db5f0dd4026131db64314960b3d9
c659f3b7f36374f694dd7f4a862bae2b2c3a0d6718df90fb304b2b3ba2f21bb2
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c95f9e6a774d5a686f2812dfde38f7f8cb45b8d7fc838ed18c0f830a62343692
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
c9844e7ce45688f154c3e8e2d0dbdf55f9645b55d3df5ef9321e9f0b0f7a17d4
cbeaba9fbcc1297735946d95f4d571102722a6064abb2e95ed5fd45261812033
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0b8d6cdf052a2b7b4649e1521ab3e7d2577df71021455ff3c2d4c084fd0bb6c
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d16dd84c274dee7062a0dc26fb8adc436e86e183f750a2a7c9cd8503606fe21a
d5ef141c8649172cc921e50e9b28d5deb2cabfeda102a9c40ef5cf39daf2aaa1
d741808632113967a3db63c724f0f8fca09d0688b31573c0921fc76dbc611e71
d80faa165cf77d1356729dcbd0ee6def0e53bc5f32178f2fa84b935c98a12bd8
d83c385e4d351544a5da39bdd13660d637369e55307e5ef72ad065f076849d2f
db7b82eea8b15bab512f5cafed459adffdcbd2870e0bf80f4705bc897531e68c
dbf4fa73ce4f2bd113dde31b7f7eff7bfd3a1271f30ababad320f07033408f06
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5eb7f9692024874b4dbebd153c78e7f4051142c7fc4eaf197b5ebf1ac8b75
e4144363e80ea6c9546470acfc69a771e60eedf9428270d54d4143303e47b4ba
e560d81546bfb41e496160db8dfd4a4ee38a057b4723acb9f6fc8bdca956a784
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee33e52552e8d9ceb5f07b96dd439235eaf0c656df607992f48b0b27429a09da
eecf1ab48955d038171e70bcb1d70aa43af9e43094d1a814dae8bc3494d0acbb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1378192a3f06eebb903577e1a201d948372b78534e557c33ea5b7fcf7e3c842
f2586e53a14f8f55029c35f251d690e0e5e5bac6beeda32d493dfb4e424c86b9
f6c96b4b5b62c1dadd244bb3ca51f82f7960034c9e3bd8dca35cb7db5a5661a8
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
fe0e8c04567612055a024f39e667538799beee5208d97aeeafcf165cf6442ad9
fe74ddb6869386297a0c534cd56484be87d35341921211bad08ccb8074ac7f32
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e