urlscan.io logo urlscan.io
SecurityTrails logo

threatpost.com Open in urlscan Pro
35.173.160.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.sans.org/?qs=a59f57753742095dea1d84b2160e36feda36390313db8370b1ee3999937b452f22a3021dc21a2e00212003429003...
Effective URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Submission Tags: falconsandbox
Submission: On June 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 9 countries across 82 domains to perform 439 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com. The Cisco Umbrella rank of the primary domain is 152409.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.
This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.147.189.155 22606 (EXACT-7)
44 35.173.160.135 14618 (AMAZON-AES)
9 143.204.98.119 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
11 2600:9000:215... 16509 (AMAZON-02)
15 2606:2800:234... 15133 (EDGECAST)
9 2a00:1450:400... 15169 (GOOGLE)
1 185.85.15.31 200107 (KL-EXT)
5 108.156.255.76 16509 (AMAZON-02)
1 18 151.101.130.137 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.89.31.187 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
2 52.212.178.2 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 199.232.188.157 54113 (FASTLY)
1 64.140.160.2 18450 (WEBNX)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 18.158.112.46 16509 (AMAZON-02)
1 3 145.40.89.200 54825 (PACKET)
3 204.237.133.116 62713 (AS-PUBMATIC)
3 104.92.100.195 16625 (AKAMAI-AS)
5 18.156.195.47 16509 (AMAZON-02)
6 159.89.246.130 14061 (DIGITALOC...)
1 4 72.251.249.13 29791 (VOXEL-DOT...)
2 20 34.98.64.218 15169 (GOOGLE)
5 213.19.147.42 26120 (RHYTHMONE)
11 52.210.150.207 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 16 185.33.221.13 29990 (ASN-APPNEX)
4 2602:803:c004... 26667 (RUBICONPR...)
1 18.195.158.152 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
1 141.95.98.68 16276 (OVH)
5 104.244.42.136 13414 (TWITTER)
1 2600:9000:231... 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
8 18.118.40.180 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 34.241.232.111 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 1 63.32.153.188 16509 (AMAZON-02)
3 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 199.232.136.159 54113 (FASTLY)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
13 2a00:1450:400... 15169 (GOOGLE)
1 2 216.58.212.166 15169 (GOOGLE)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
3 2606:2800:134... 15133 (EDGECAST)
6 2a00:1450:400... 15169 (GOOGLE)
10 19 142.250.184.226 15169 (GOOGLE)
3 11 23.35.236.247 16625 (AKAMAI-AS)
2 104.89.28.165 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
5 142.250.186.162 15169 (GOOGLE)
17 151.139.128.11 20446 (STACKPATH...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
6 23.35.236.201 16625 (AKAMAI-AS)
3 151.101.1.108 54113 (FASTLY)
4 4 185.29.134.244 30419 (MEDIAMATH...)
5 5 37.157.6.248 198622 (ADFORM)
5 52.223.40.198 16509 (AMAZON-02)
1 143.204.98.77 16509 (AMAZON-02)
1 2620:1ec:40::45 8075 (MICROSOFT...)
1 13.248.245.213 16509 (AMAZON-02)
4 23.205.235.133 16625 (AKAMAI-AS)
1 35.186.253.211 15169 (GOOGLE)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 54.93.146.241 16509 (AMAZON-02)
5 5 3.122.174.248 16509 (AMAZON-02)
1 1 51.75.146.161 16276 (OVH)
5 5 52.209.163.249 16509 (AMAZON-02)
1 1 104.36.113.107 ()
3 3 198.148.27.139 ()
5 185.86.137.133 201081 (SMARTADSE...)
2 3 18.195.155.181 16509 (AMAZON-02)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 178.162.133.149 60781 (LEASEWEB-...)
2 2 35.157.154.128 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
6 52.215.230.177 16509 (AMAZON-02)
1 51.89.9.253 16276 (OVH)
1 2 185.86.139.102 201081 (SMARTADSE...)
1 5 69.173.144.165 26667 (RUBICONPR...)
1 1 216.52.2.39 29791 (VOXEL-DOT...)
1 1 54.85.65.24 14618 (AMAZON-AES)
4 4 213.19.147.45 3356 (LEVEL3)
3 5 209.54.180.3 16509 (AMAZON-02)
1 2 185.33.220.243 29990 (ASN-APPNEX)
2 35.244.174.68 15169 (GOOGLE)
2 2 135.125.160.160 16276 (OVH)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 13 34.247.233.198 16509 (AMAZON-02)
2 2 3.123.176.236 16509 (AMAZON-02)
3 3 64.202.112.127 23352 (SERVERCEN...)
1 8.43.72.97 ()
1 1 54.163.96.140 14618 (AMAZON-AES)
1 1 54.159.94.231 14618 (AMAZON-AES)
1 1 129.159.70.95 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 64.74.236.63 ()
1 1 69.192.160.219 ()
2 2 18.203.97.155 16509 (AMAZON-02)
1 1 151.101.194.49 54113 (FASTLY)
1 1 124.146.215.47 ()
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.75.240.210 16625 (AKAMAI-AS)
1 1 178.250.0.163 44788 (ASN-CRITE...)
5 5 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
439 95
1    136.147.189.155 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.sans.org
click.email.sans.org
44    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
threatpost.com
kasperskycontenthub.com
9    143.204.98.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net
tagan.adlightning.com
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2606:4700:3030::ac43:cf70 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
11    2600:9000:2156:b000:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.threatpost.com
15    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
9    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    185.85.15.31 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
5    108.156.255.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-76.dus51.r.cloudfront.net
c.amazon-adsystem.com
18    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
ins.connatix.com
vid.connatix.com
img.connatix.com
pl.connatix.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    52.212.178.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-178-2.eu-west-1.compute.amazonaws.com
dpm.demdex.net
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    18.158.112.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-112-46.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    204.237.133.116 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
6    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
4    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
20    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
teachingaids-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
5    213.19.147.42 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
11    52.210.150.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
16    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    18.195.158.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-158-152.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
lit.connatix.com
1    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
5    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:2315:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
8    18.118.40.180 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-40-180.us-east-2.compute.amazonaws.com
capi-tier-2-us-east-2.connatix.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
22    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    34.241.232.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-232-111.eu-west-1.compute.amazonaws.com
kaspersky.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
kaspersky.d3.sc.omtrdc.net
1    63.32.153.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-188.eu-west-1.compute.amazonaws.com
cm.everesttech.net
3    2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
2    199.232.136.159 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.syndication.twimg.com
3    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
13    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
9582686.fls.doubleclick.net
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
19    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
11    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4216:1045:b1b6:a84f:9c3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
17    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.d3sv.net
12    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    143.204.98.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-77.fra50.r.cloudfront.net
sync.serverbid.com
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    2a05:d018:d29:3605:147f:2b65:e703:1f4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    54.93.146.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-146-241.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    3.122.174.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-174-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.75.146.161 (France)

ASN16276 (OVH, FR)
PTR: de04.roqad.pl
ws.rqtrk.eu
5    52.209.163.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-163-249.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    104.36.113.107 (None, )

ASN- ()
image2.pubmatic.com
3    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
5    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    35.157.154.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-154-128.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    52.215.230.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    54.85.65.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-65-24.compute-1.amazonaws.com
x.yieldlift.com
4    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
5    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
13    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    3.123.176.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-176-236.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
3    64.202.112.127 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    54.163.96.140 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-96-140.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.159.94.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-94-231.compute-1.amazonaws.com
sync.ipredictive.com
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    64.74.236.63 (None, )

ASN- ()
b1sync.zemanta.com
1    69.192.160.219 (None, )

ASN- ()
stags.bluekai.com
2    18.203.97.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-97-155.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.47 (None, )

ASN- ()
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
Apex Domain
Subdomains		 Transfer
53 threatpost.com
threatpost.com — Cisco Umbrella Rank: 152409
media.threatpost.com — Cisco Umbrella Rank: 370210
771 KB
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
227 KB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
pubads.g.doubleclick.net — Cisco Umbrella Rank: 479
9582686.fls.doubleclick.net — Cisco Umbrella Rank: 341777
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271
247 KB
27 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3085
cds.connatix.com — Cisco Umbrella Rank: 3207
capi.connatix.com — Cisco Umbrella Rank: 3465
lit.connatix.com — Cisco Umbrella Rank: 6829
ins.connatix.com — Cisco Umbrella Rank: 4945
capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 4481
vid.connatix.com — Cisco Umbrella Rank: 3911
img.connatix.com — Cisco Umbrella Rank: 3790
pl.connatix.com — Cisco Umbrella Rank: 6086
2 MB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 550
secure.adnxs.com — Cisco Umbrella Rank: 391
75 KB
21 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 23635
us-u.openx.net — Cisco Umbrella Rank: 348
u.openx.net — Cisco Umbrella Rank: 699
eu-u.openx.net — Cisco Umbrella Rank: 1641
rtb.openx.net — Cisco Umbrella Rank: 1376
4 KB
21 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 643
syndication.twitter.com — Cisco Umbrella Rank: 881
analytics.twitter.com — Cisco Umbrella Rank: 506
497 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 445
eus.rubiconproject.com — Cisco Umbrella Rank: 530
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
pixel-us-east.rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 977
token.rubiconproject.com — Cisco Umbrella Rank: 644
29 KB
19 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1382
usersync.gumgum.com — Cisco Umbrella Rank: 1794
rtb.gumgum.com — Cisco Umbrella Rank: 1119
6 KB
17 d3sv.net
s.d3sv.net — Cisco Umbrella Rank: 156000
191 KB
16 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 381
maps.googleapis.com — Cisco Umbrella Rank: 304
972 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com — Cisco Umbrella Rank: 3316
8 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
5 KB
11 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 820
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 942
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
ads.yahoo.com — Cisco Umbrella Rank: 1013
4 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
dsum.casalemedia.com — Cisco Umbrella Rank: 1174
9 KB
10 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 416
ads.pubmatic.com — Cisco Umbrella Rank: 413
image2.pubmatic.com
36 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
s.amazon-adsystem.com — Cisco Umbrella Rank: 265
45 KB
9 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1201
sync.1rx.io — Cisco Umbrella Rank: 499
3 KB
9 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1378
208 KB
7 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1156
3 KB
7 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3133
sync.serverbid.com — Cisco Umbrella Rank: 6227
x.serverbid.com — Cisco Umbrella Rank: 7210
2 KB
7 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 24028
336 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
40 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 464
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 269
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 539
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 358
mug.criteo.com — Cisco Umbrella Rank: 2958
dis.criteo.com — Cisco Umbrella Rank: 679
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
www.linkedin.com — Cisco Umbrella Rank: 560
px4.ads.linkedin.com — Cisco Umbrella Rank: 5318
3 KB
5 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1417
pbs.twimg.com — Cisco Umbrella Rank: 724
246 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 575
ce.lijit.com — Cisco Umbrella Rank: 821
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
397 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 409
2 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
294 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 890
pixel.quantserve.com — Cisco Umbrella Rank: 412
11 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
155 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 706
1 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 837
485 B
3 contextweb.com
bh.contextweb.com
1 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 586
5 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 847
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6117
adservice.google.de — Cisco Umbrella Rank: 8526
1 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1087
1 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 953
337 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1742
mp.4dex.io — Cisco Umbrella Rank: 2245
24 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
kaspersky.demdex.net — Cisco Umbrella Rank: 265278
5 KB
3 gstatic.com
www.gstatic.com
maps.gstatic.com
357 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 649
695 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 622
623 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2296
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1244
850 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 300
id.rlcdn.com — Cisco Umbrella Rank: 555
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 460
624 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 883
956 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 684
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 802
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 918
344 B
2 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 923
sync-tm.everesttech.net — Cisco Umbrella Rank: 536
748 B
2 omtrdc.net
kaspersky.d3.sc.omtrdc.net — Cisco Umbrella Rank: 228867
561 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
eb2.3lift.com — Cisco Umbrella Rank: 372
646 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1452
id5-sync.com — Cisco Umbrella Rank: 600
12 KB
2 kasperskycontenthub.com
kasperskycontenthub.com — Cisco Umbrella Rank: 390628
1 KB
1 socdm.com
tg.socdm.com
694 B
1 bluekai.com
stags.bluekai.com
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 811
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1009
339 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 910
433 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 751
581 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2536
187 B
1 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3542
593 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 1571
513 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 848
183 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
3 KB
1 t.co
t.co — Cisco Umbrella Rank: 505
338 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 862
354 B
1 ipify.org
geo.ipify.org — Cisco Umbrella Rank: 63108
590 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 608
15 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1323
17 KB
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 135924
49 KB
1 sans.org
click.email.sans.org — Cisco Umbrella Rank: 248823
278 B
439 82
Domain Requested by
42 threatpost.com threatpost.com
22 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
tpc.googlesyndication.com
tagan.adlightning.com
www.googletagservices.com
19 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
u.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
17 s.d3sv.net tagan.adlightning.com
s.d3sv.net
16 ib.adnxs.com 5 redirects qd.admetricspro.com
cds.connatix.com
googleads.g.doubleclick.net
acdn.adnxs.com
ssum-sec.casalemedia.com
15 platform.twitter.com threatpost.com
tagan.adlightning.com
platform.twitter.com
13 usersync.gumgum.com 1 redirects g2.gumgum.com
13 tpc.googlesyndication.com tagan.adlightning.com
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
12 maps.googleapis.com www.google.com
maps.googleapis.com
11 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
11 media.threatpost.com threatpost.com
9 www.google.com threatpost.com
tagan.adlightning.com
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
s.d3sv.net
9 tagan.adlightning.com threatpost.com
tagan.adlightning.com
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
8 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
eu-u.openx.net
8 capi-tier-2-us-east-2.connatix.com cd.connatix.com
7 eu-u.openx.net u.openx.net
qd.admetricspro.com
eu-u.openx.net
7 vid.connatix.com cd.connatix.com
cds.connatix.com
7 qd.admetricspro.com threatpost.com
qd.admetricspro.com
6 ads.pubmatic.com cds.connatix.com
qd.admetricspro.com
sync.serverbid.com
public.servenobid.com
g2.gumgum.com
6 googleads.g.doubleclick.net 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
tagan.adlightning.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
threatpost.com
5 token.rubiconproject.com 5 redirects
5 rtb.gumgum.com g2.gumgum.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 pixel.rubiconproject.com 1 redirects public.servenobid.com
g2.gumgum.com
5 rtb-csync.smartadserver.com eu-u.openx.net
ssbsync.smartadserver.com
5 match.prod.bidr.io 5 redirects
5 x.bidswitch.net 5 redirects
5 match.adsrvr.org u.openx.net
sync.serverbid.com
ssum-sec.casalemedia.com
g2.gumgum.com
5 c1.adform.net 5 redirects
5 googleads4.g.doubleclick.net googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 syndication.twitter.com platform.twitter.com
threatpost.com
5 tag.1rx.io qd.admetricspro.com
cds.connatix.com
5 www.googletagmanager.com threatpost.com
www.googletagmanager.com
5 cds.connatix.com threatpost.com
cd.connatix.com
tagan.adlightning.com
5 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
4 sync.1rx.io 4 redirects
4 eus.rubiconproject.com qd.admetricspro.com
eus.rubiconproject.com
g2.gumgum.com
4 sync.mathtag.com 4 redirects
4 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
4 s0.2mdn.net imasdk.googleapis.com
tagan.adlightning.com
s.d3sv.net
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 fastlane.rubiconproject.com qd.admetricspro.com
4 ap.lijit.com 1 redirects qd.admetricspro.com
public.servenobid.com
4 securepubads.g.doubleclick.net tagan.adlightning.com
www.googletagservices.com
securepubads.g.doubleclick.net
4 www.googletagservices.com threatpost.com
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
3 sync.outbrain.com 3 redirects
3 cs.emxdgt.com 2 redirects sync.serverbid.com
3 x.serverbid.com sync.serverbid.com
3 bh.contextweb.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects eu-u.openx.net
3 acdn.adnxs.com cds.connatix.com
qd.admetricspro.com
3 js-sec.indexww.com cds.connatix.com
qd.admetricspro.com
3 pbs.twimg.com
3 px.ads.linkedin.com 2 redirects
3 unpkg.com 2 redirects
3 adservice.google.com imasdk.googleapis.com
tagan.adlightning.com
9582686.fls.doubleclick.net
3 pixel.quantserve.com 2 redirects threatpost.com
3 teachingaids-d.openx.net qd.admetricspro.com
cds.connatix.com
3 e.serverbid.com qd.admetricspro.com
sync.serverbid.com
3 c2shb.ssp.yahoo.com qd.admetricspro.com
3 htlb.casalemedia.com qd.admetricspro.com
cds.connatix.com
3 hbopenbid.pubmatic.com qd.admetricspro.com
cds.connatix.com
3 prebid.a-mo.net 1 redirects qd.admetricspro.com
cds.connatix.com
3 btlr.sharethrough.com qd.admetricspro.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 sync.go.sonobi.com sync.serverbid.com
public.servenobid.com
2 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
2 p.rfihub.com 2 redirects
2 pm.w55c.net 2 redirects
2 u.openx.net cds.connatix.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 9582686.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cdn.syndication.twimg.com platform.twitter.com
2 c2shb.pubgw.yahoo.com cds.connatix.com
2 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
2 www.google.de threatpost.com
2 stats.g.doubleclick.net www.google-analytics.com
2 img.connatix.com threatpost.com
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 dpm.demdex.net media.kaspersky.com
threatpost.com
2 www.gstatic.com www.google.com
2 kasperskycontenthub.com threatpost.com
1 id.rlcdn.com
1 ads.yahoo.com
1 dis.criteo.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pixel-us-east.rubiconproject.com g2.gumgum.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 x.yieldlift.com 1 redirects
1 ce.lijit.com 1 redirects
1 onetag-sys.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 image2.pubmatic.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 rtb.openx.net eu-u.openx.net
1 eb2.3lift.com qd.admetricspro.com
1 public.servenobid.com qd.admetricspro.com
1 sync.serverbid.com qd.admetricspro.com
1 maps.gstatic.com www.google.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 pl.connatix.com cd.connatix.com
1 adservice.google.de tagan.adlightning.com
1 cm.everesttech.net 1 redirects
1 kaspersky.demdex.net tagan.adlightning.com
1 analytics.twitter.com threatpost.com
1 t.co threatpost.com
1 rules.quantcount.com secure.quantserve.com
1 id5-sync.com cdn.id5-sync.com
1 ins.connatix.com cd.connatix.com
1 lit.connatix.com cd.connatix.com
1 tlx.3lift.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 geo.ipify.org qd.admetricspro.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 capi.connatix.com cd.connatix.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 cd.connatix.com 1 redirects
1 media.kaspersky.com threatpost.com
1 click.email.sans.org 1 redirects
439 146
Subject Issuer Validity Valid
threatpost.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
media.threatpost.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
kasperskycontenthub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
media.kaspersky.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-31 -
2023-03-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.consumableaudio.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.d3.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
cdn.syndication.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-30 -
2022-07-30		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
s.d3sv.net
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-17		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh

This page contains 59 frames:

Primary Page: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Frame ID: 69951B34C5242C5DEB8BE8D7C20A53B5
Requests: 150 HTTP requests in this frame

Frame: https://cds.connatix.com/p/164828/connatix.player.dc.js
Frame ID: FAF1D0FAB3267FCB78C3E059C1E8DDA8
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fthreatpost.com
Frame ID: BDDEABE0B4EA0FF72DA4278845AEBDC6
Requests: 2 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Frame ID: 57565F82692FEFB17D8DAAA6C908D653
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 9941E2BF7612B5924A7C7C06E653F0FE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 0593F3CED0EE910DBA7958CE74062E1B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: D7266282AB6FABD4C1C52D3AAD80C404
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BFF52380B801773DAFB326259501473C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DFECDFFA899D2C2CE13BF4DF6DB432B6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C06A0D8013D56BC58720E7C995369D18
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.bbd13993eb53d3a11ac08f5e8cf9d6a4.en.html
Frame ID: A64DDD5D9036D42B741E9413DD672596
Requests: 3 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: 339B4FD3E26DA53B9CB4B5EBA24476C4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
Frame ID: 53551841CB70DA29B4C2066B2EBB4D75
Requests: 16 HTTP requests in this frame

Frame: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 667035AC70AE2159AB771915DCB5C067
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E808C48F539D25DBD139B47352384C1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66D3D50B877C9F96D256F653BAD1895A
Requests: 2 HTTP requests in this frame

Frame: https://9582686.fls.doubleclick.net/activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F
Frame ID: 7C749550C40812DE8431C1E905FADD17
Requests: 2 HTTP requests in this frame

Frame: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B0FF1508C4C5FDD99E8DB22DEAC9117D
Requests: 17 HTTP requests in this frame

Frame: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F3BAE7BDA0B6FC714AD660B439FF9C1B
Requests: 17 HTTP requests in this frame

Frame: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C79C4028CFB7F8667F488D4AD75FA726
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGK2c6skBMAE&v=APEucNWXofNOOOyua0jD2ZnoECGy85Usi6qAKodlfyOdxJh_Ki85NKQwIXymUGmLMvf71csUWE1HuibVkT4HnmUF0Bcu0iOrY_W8E8aNOduDyFWWyjK3Suo
Frame ID: F082A8864E2C370B948E71281AFD4F84
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJSkgssBMAE&v=APEucNVQBPaQeJUzjZeDDuLcUkTB3Gsl8S8JF0Lbu0kWanqKDFkOMPQmRvK0qFgHi8T3vquoUbzyAb53YKQzGXhkvbZcL8sskMKLqK-CBRegsVAkoYNz0Nw
Frame ID: 7093421A7ADBEA437EE19E057A9CFBAB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGKq16MkBMAE&v=APEucNXc3UnqIEEUCtTq8Ya_IG4N39MPLMiG0RjbvMTCULUvrIU27B_rZdw_aIl3YcEz7UIzUKiS3txYvBMQ58pFMMbwWClpyjwg5jHMxx9HL3RQav4WDsY
Frame ID: D3C1239E3FD53D37C4BAFE55229BF180
Requests: 4 HTTP requests in this frame

Frame: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Frame ID: A2C32801AA1D4211423239D6279797AA
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F35949FBA45BFC4C71BC2093925A6903
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD0EF54E641B5321A56AF52E5B4F24DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyB2_BQ2w9O15iRSi5yF58_VM7RtACkDMtY&zoom=15&q=Aldi
Frame ID: 3FAF1191A1BA70EFC9D2067926108E62
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 32621AF2C72B65FE6A6FC6A12C03F435
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C156493E8DD8B644E5DC3776B597EDF0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 9DC44946FBEDF4E9FF006E41711E0008
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: E37A11B347AA2E56B9B87C4146B7796B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 88104650A47ABF0241F95071E7C5B527
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 48B19BC12C2246CA08081EAF69292A0B
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 13FCD6254B48DDD38B154FC4594C1479
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E0AD80A6EC0AD21FF1D23D77BF611024
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: C73E8101920BFB4EAAF9C9298126B13B
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: F979B175ED33F880D98CF57B53256C20
Requests: 7 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: 2EE1BD0CF68EF54214FB80D864890A45
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000891.html
Frame ID: 2A69DA385C5628AFD6D147057A42724D
Requests: 9 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 837BD994EA716714598F42CC80EA479A
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5C5402CDDA41B7B58E8CC46FD3553AEF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: DF7FF63E37206DB1070EA33E07D339F4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9F90FC1EF7FD88A5A6CAF121ADE1FC14
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 9D6E7883FC3206B321EBF71911D2520C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: B6F426D46EC4501538E3CEA47CB942FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: F8EFBDAFC97B4AA1DF06DB1751AE9A20
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 4065D89E86C6BC56EBF36697CCA11AAB
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3B11500D1076BB13ACD73745FFD59F02
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A9C6420B36BB9423EDD91AFA70A2AA3E
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 99979DBE77B56A415E65A1B58703219A
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
Frame ID: B83B565F2F8AC2E94406D7A43DF935BF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YpjULQAAAEYBLwNx&gdpr=0&gdpr_consent=
Frame ID: 8054BF82A9EE9114D25359547F79A848
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hNWFkZTYxNi1jOGU0LTRhOTMtYmM4MS01NDY2NmU5YzcxNTU=&gdpr=0&gdpr_consent=
Frame ID: 1A2B12599EE181A6073BCF7B6810B195
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: D56B7EC106C578A4746159DF88095DE3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 23202A5E9BE8329C034D058CD0F97164
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=6590622181990818442brt16931654182962700269f1
Frame ID: 68C505A721EF889B2ED5529A962EEE41
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YpjUM8Co8XwAALShMHcAAAAA
Frame ID: 57B5BB5464005F2848CD37CAD3B9EA85
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=Rrc4yU1NoOEUXxTzwKrL&pi=gumgum&tc=1
Frame ID: 34E3F6DD7136FFEF6E0C2C9DAAFFAE86
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D367D0060EBC9B7D22278A9FAA77CF4D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zero-Day 'Follina' Bug Lays Microsoft Office Open to Attack | Threatpost

Page URL History Show full URLs

  1. https://click.email.sans.org/?qs=a59f57753742095dea1d84b2160e36feda36390313db8370b1ee3999937b452f22a3021d... HTTP 302
    https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

439
Requests

85 %
HTTPS

28 %
IPv6

82
Domains

146
Subdomains

95
IPs

9
Countries

7592 kB
Transfer

17317 kB
Size

107
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.sans.org/?qs=a59f57753742095dea1d84b2160e36feda36390313db8370b1ee3999937b452f22a3021dc21a2e002120034290033ced9f76d3c68f3fc394 HTTP 302
    https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/164828/connatix.player.dc.js
Request Chain 154
  • https://cm.everesttech.net/cm/dd?d_uuid=87873501908330934513327221415360141467 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YpjULQAAAEYBLwNx
Request Chain 197
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@2.1.4 HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
Request Chain 207
  • https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F HTTP 302
  • https://9582686.fls.doubleclick.net/activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F
Request Chain 213
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1654182957889%26url%3Dhttps%253A%252F%252Fthreatpost.com%252Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%252F179756%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&liSync=true&e_ipv6=AQJDXdftIEMaGAAAAYEk_Nea12HpgJqdHZM4_Yqk4GcvwmNKkioOJxOGQdXWVWgAid2KfU6W87CoSETrCsQmvSgMu2tRCg
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
Request Chain 252
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpjUL1tre8NDckVAtP7hBAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBGTmPv-gBZubHNx-EAI2UM&google_cver=1
Request Chain 255
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU5MDYyMjE4MTk5MDgxODQ0Mg%3D%3D
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1&gdpr=0
Request Chain 257
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmIzN2YwMWUtMjM2ZC02NmExLTViNTctMzc4ZjM0NzJjNTZi
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMR7qKe66sho-v7MdKCkt1c&google_cver=1&gdpr=0
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEAqUGADlirk6cwWYrpfHDzw&google_cver=1&gdpr=0
Request Chain 324
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=b15UJnw3Y3ZMUlFEVFlmaEowY09jQ0J3U3lDVHExc0lVK2NDRkw4M1NGN1ZpdXJGMHZCY0FKbW1iclFmbzRTYUZjTHVGTlo1NTdnQ2NGTlRnTFpVMkFVSUVIZi9SUFhqUkRGMUY0VGZZV1plVHErc0taT3B0Y1BId0J5V3p5eFdCTjh2ZCtHa09oSmtwT0Vvdm9EbHBsTUZPUXRqMmE0WXRSNG1LUndueTJZVUZ6b1U1MWl3TkNLMmdtM0FjdmhMc0Njd3d6UjYzUXU1UE5ZNnNva2hiclJHTk9zVHR0R2xlSmVuY2NmQVZkbTFLNm5vPXw&cppv=2
Request Chain 334
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0c76298-d430-4800-8019-e9f12884cbbe
Request Chain 335
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
Request Chain 336
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162656064996822193
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
Request Chain 340
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=57356298-d430-4800-b152-8fcd46d5256f
Request Chain 341
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
Request Chain 342
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3420420966598526733
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
Request Chain 363
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=U7hxzFLq1NWMym5
Request Chain 364
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=d028240a-d86a-4a30-b09e-97c0499972ff&gdpr=&gdpr_consent=
Request Chain 365
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6590622181990818442
Request Chain 366
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGYTVrN0ZNYWdBQUZQRXVoMzY2dw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFa5k7FMagAAFPEuh366w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFa5k7FMagAAFPEuh366w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFa5k7FMagAAFPEuh366w&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFa5k7FMagAAFPEuh366w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Request Chain 368
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EvnzqBZH5c5lWNqLQj2oKBGR
Request Chain 370
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322123174932
Request Chain 371
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpjUL1tre8NDckVAtP7hBAAA%261203
Request Chain 372
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6590622181990818442
Request Chain 374
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPea39e3aa-e286-11ec-817a-0203e9286c5c HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPea39e3aa-e286-11ec-817a-0203e9286c5c
Request Chain 383
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6590622181990818442
Request Chain 384
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=EvnzqBZH5c5lWNqLQj2oKBGR
Request Chain 386
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMTcwZGFhMjEtMTI3MC00NTQ1LTk2OWQtZWI5ZTY0ZDA4N2QzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wMlQxNToxNjowMi44ODk4NTFaIn0=
Request Chain 387
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1654182962585 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 388
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5124322322123174932
Request Chain 390
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=ba175dff-c4d1-46ab-a47a-aaf2ee963679&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 391
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-iGvUInFE2uH6l10_5w7Jlh2L7q.FfrezLILH2d8-~A
Request Chain 393
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB&dcc=t
Request Chain 398
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 400
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1654269362&gdpr=1
Request Chain 402
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6590622181990818442
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a5ade616-c8e4-4a93-bc81-54666e9c7155&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=57345263-0eff-45fc-b51a-753f33361ea8&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=d028240a-d86a-4a30-b09e-97c0499972ff
Request Chain 404
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TynGsc2b3_AbMUEFSokCxj7VCqjNB5AlFV3uwi1Q87UKroxTgBSLW1TZnGE80QBP%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TynGsc2b3_AbMUEFSokCxj7VCqjNB5AlFV3uwi1Q87UKroxTgBSLW1TZnGE80QBP%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a5ade616-c8e4-4a93-bc81-54666e9c7155&obuid=ENC(TynGsc2b3_AbMUEFSokCxj7VCqjNB5AlFV3uwi1Q87UKroxTgBSLW1TZnGE80QBP) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
Request Chain 405
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=206587a4-c20f-0053-29cc-7ddb36c00a4d
Request Chain 406
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-702f5e18-786a-46b9-743c-53964b2e8e95$ip$217.64.151.8
Request Chain 407
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-fm2ECEpE2pd7ER._Zx1VroTKbxST1LhtyLBL~A
Request Chain 408
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ea8ff2e1-e286-11ec-9fcb-cf1fa735f99f
Request Chain 409
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 411
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a5ade616-c8e4-4a93-bc81-54666e9c7155&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=IFT7Dv0xtMsEAoQijHOl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SKGKQ3UI5RQPB2E242FIFXVC2LKJBHWYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SKGKQ3UI5RQPB2E242FIFXVC2LKJBHWYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=IFT7Dv0xtMsEAoQijHOl&us_privacy=1---
Request Chain 412
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=5f9a1a8c-6736-43b7-8e5b-e1eb5d79367c
Request Chain 413
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1654182962689 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 414
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=BXacHEXaaUej&ev=1&pid=558355
Request Chain 415
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6271143330456433706
Request Chain 417
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
Request Chain 418
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YpjULQAAAEYBLwNx&gdpr=0&gdpr_consent=
Request Chain 422
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6590622181990818442&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&uid=6590622181990818442brt16931654182962700269f1
Request Chain 423
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YpjUM8Co8XwAALShMHcAAAAA
Request Chain 424
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=Rrc4yU1NoOEUXxTzwKrL&pi=gumgum&tc=1
Request Chain 425
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 427
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3420420966598526733&gdpr=0&gdpr_consent=
Request Chain 428
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
Request Chain 429
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e7a4ff15-61ff-4a7f-ab69-1dc04192a48b&gdpr=0&gdpr_consent=
Request Chain 430
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=XXrTk1qW6goc&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 432
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3X5TM3J-19-AP1F&sigv=1&esig=2~8207bf3afbc487f80a4eb7720d0db83e024dd849&gdpr=0
Request Chain 433
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3X5TM3J-19-AP1F&gdpr=0
Request Chain 434
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE5NmQ1ODc3MzhlNDY5YmQ1Y2JkMDQyYmE1OGRkYTBlNThkYmMzZQ&gdpr=0
Request Chain 435
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYNVRNM0otMTktQVAxRg==&gdpr=0
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGq5HRNjS-PDnQZKj1HBtzs&google_cver=1
Request Chain 437
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4vdZa8MMyJ8Zy5-3XR4h4cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1638376238919931163
Request Chain 438
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ui42yymWTNWqIBim7VEplQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ui42yymWTNWqIBim7VEplQ&gdpr=0

439 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Redirect Chain
  • https://click.email.sans.org/?qs=a59f57753742095dea1d84b2160e36feda36390313db8370b1ee3999937b452f22a3021dc21a2e002120034290033ced9f76d3c68f3fc394
  • https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
89 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4892b885b03270be962024837c832f99411424f0bc7618c022ec29507658f67a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:15:55 GMT
link
<https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/179756>; rel="alternate"; type="application/json" <https://threatpost.com/?p=179756>; rel=shortlink
server
nginx/1.18.0
strict-transport-security
max-age=31536000; includeSubDomains
x-cache-hit
HIT
x-content-type-options
nosniff
x-debug-auth
off
x-frame-options
SAMEORIGIN
x-request-host
threatpost.com
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private
Connection
close
Content-Length
220
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Jun 2022 15:15:54 GMT
Location
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-3ca8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15528
museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-5124"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20772
museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-3dcc"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15820
museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-51a4"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20900
museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-5c74"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23668
museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-5194"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20884
museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-5bac"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23468
museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-51b8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20920
museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-5b34"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23348
museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-50c8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20680
op.js
tagan.adlightning.com/math-aids-threatpost/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cbfb7376243bd399bfbcf162e03c33fb1f98489b931a9bacb77c89df5fa84df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
LLO9YKqBP8XcFVu6FB_Wreby65pECAQd
content-encoding
gzip
etag
"9c1abf23d81194e5db00dcfd406ed964"
age
96
x-cache
Hit from cloudfront
content-length
18378
x-amz-meta-git_commit
7b120a5
last-modified
Thu, 02 Jun 2022 13:03:46 GMT
server
AmazonS3
date
Thu, 02 Jun 2022 15:15:55 GMT
content-type
application/javascript
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
OhyRWsLDXytVbP8VAaNUebuvUUVAJPwpEupe3hxOvp6DfX4mJ6DAPQ==
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d87354329b416c27dbedce735e80b54eab3e3050a12df9cfb94a6d384d0544e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28143
x-xss-protection
0
server
sffe
etag
"1232 / 801 of 1000 / last-modified: 1654168207"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Jun 2022 15:15:55 GMT
ros-layout.js
qd.admetricspro.com/js/threatpost/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3fcd53b20a6fdf183b0340f596a6431a280459adb871f43e617cecd5d57681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 16:11:01 GMT
server
cloudflare
etag
W/"679a-5dc26d73770fc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0JQx5X8HKNKcUNV0UNYA192MQ%2FNXMNCDbBLWoM1MEB2JaW%2BfD%2FQ0xdkr%2Bk3sTMIM0Jl%2B9u6FGYsDc1FTqo67hz8nGV%2F8eSGG4dSBMY4r%2FKjLKJzapMGdo3xO4xgxjlqOXmjZlxwlRVWI4gR%2FLH9zfpe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715125aecf06738b-MRS
expires
Thu, 02 Jun 2022 15:17:06 GMT
cmp.js
qd.admetricspro.com/js/threatpost/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TowbwsP72B2t5Vd9d796S6RXYlxkRJNFLXvAGjlrB7%2BfIsBEH04tX601%2BjM9tpYJnD6prk9PmB0DhPdCRShIyLEbedv%2FX0cnYeewzKTadw0vtqtamHEG4q1i%2FJMj0wwiUbM3%2BxXKgdLOoArsHhBC%2BPxH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715125b19c6f738b-MRS
expires
Thu, 02 Jun 2022 15:16:54 GMT
uspcmp.js
qd.admetricspro.com/js/threatpost/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=333U5TiGWCOpBFwUWAUQil3ye%2Bxowhko2pn6EuoLGxcaZDEq55vzL3vT7BcVJzt0Ofqy7PbsWBsQnqTFccnCEe7l35tG7sxdNRj8ixXrCV7mw3qWGDd7MzMF8MBsvN7kBclU40VqpxChNZrr409%2Byrq9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715125b19c71738b-MRS
expires
Thu, 02 Jun 2022 15:16:47 GMT
targeting.js
qd.admetricspro.com/js/threatpost/ 		393 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 21:50:12 GMT
server
cloudflare
etag
W/"189-5c8c2c96f96c7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwSeczkonwJ5Rn2zxrKKE30jBLZ4T96LGBKOO%2F%2BjNKmvG9u6LvdkrMmtBNPQCGz3Kt6On5XRbstGxoI5JG1upJrxTZP8qWihOdCUhkOyk3p5fXEK3z1NNoasKaN%2BhQLfKsyVFj%2FYfPC%2Bsita81bfIxj4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715125b19c73738b-MRS
expires
Thu, 02 Jun 2022 15:10:45 GMT
prebid.js
qd.admetricspro.com/js/threatpost/ 		459 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 May 2022 16:56:40 GMT
server
cloudflare
etag
W/"72c32-5de0a46b45676-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfJ%2FO%2FDauIeOvwsKyWRlvxJcefoM8RFpNCMjcIEsTUxDIikSNYQtOJy0s%2BPaPXD1YaQ0bsvNnNEQsvItvT%2FZAFgwyXpQDLMcO5pTjYYYGqtpkNvA5fwVonPrZoQ715qHOxJDtBol53V8ptL7duZ4YSE2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715125b19c75738b-MRS
expires
Thu, 02 Jun 2022 15:15:11 GMT
engine.js
qd.admetricspro.com/js/threatpost/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/engine.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Jan 2022 02:31:38 GMT
server
cloudflare
etag
W/"8cae-5d64ac49b9c1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl6jUmrjCYrspPQDu4kF%2BtBT9v7zlVMVIqAzqBaO0MzDJd4XntqtOdjBcSTZDXA52UzrFRRWEacy80TAfd1jpv8I%2FB9EOAwH6n5HdkWUpYhbIyCZJG1tb7zROQrssH3HTewOLa8V38lQ5jwXTiOW%2BZSq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715125aecf08738b-MRS
expires
Thu, 02 Jun 2022 15:21:23 GMT
/
threatpost.com/wp-content/plugins/bwp-minify/min/ 		294 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-cache-hit
HIT
x-debug-auth
off
x-request-host
threatpost.com
content-length
42696
expires
Fri, 03 Jun 2022 13:33:58 GMT
jquery-1.12.4-wp.js
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-17a56"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
lazyload.js
threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/lazyload.js?ver=202224051706
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3307268982e18bae27fb0691dea184c6a6ce845db0f6ce1f41ca63e948dde8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-1a91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
alert_text.js
threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/ 		107 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js?ver=1654152151
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-6b"
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
107
expires
Thu, 09 Jun 2022 15:15:55 GMT
alert.js
threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js?ver=1654152151
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-104a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
public.js
threatpost.com/wp-content/plugins/honeypot-comments/public/assets/js/ 		116 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/honeypot-comments/public/assets/js/public.js?ver=1.0.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
931dc539e87db7f509be9c77dfcc9b2baee0b91e5236aa04580ab14ed81e2cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-74"
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
116
expires
Thu, 09 Jun 2022 15:15:55 GMT
kaspersky-twitter-pullquote.js
threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/ 		599 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-257"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
loadmore.js
threatpost.com/wp-content/themes/threatpost-2018/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/loadmore.js?ver=5.9.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-11e7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
social-share.js
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js?ver=1.0.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-484d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
office-365.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/08/25155836/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2020/08/25155836/office-365.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a654478ab569465e3dfcc8df6297059a88a251514fd0c05636c37648be9af998

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:53:45 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Tue, 25 Aug 2020 19:58:38 GMT
server
AmazonS3
age
260531
etag
"9107ce6c2cd0604c23495637c00df4ef"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
146289
x-amz-cf-id
f01HmmhdEc1ezC8r3ZvbXzrV0nfSImw1EvxG1-xTaIknGL0WXJCDNg==
expires
Wed, 25 Aug 2021 19:58:36 GMT
infosec_insiders_in_article_promo.png
media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:44:34 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 20:58:17 GMT
server
AmazonS3
age
21465082
etag
"101ba02c43488b8b07cf42f9aa850f6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
20484
x-amz-cf-id
CD8mAJPaa-MZMpM-MHJ2jJN4eqqGdj4qu-65Vv8bn3JPHnlRY6tgVw==
expires
Wed, 10 Aug 2022 20:58:15 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC1) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:55 GMT
Content-Encoding
gzip
Age
71
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:06:46 GMT
Server
ECS (amb/6BC1)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
api.js
www.google.com/recaptcha/ 		852 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e5221f9ad8724e68770726288be421f845a83eb7f2fcb9f60c775ec5146dabf8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Thu, 02 Jun 2022 15:15:55 GMT
scripts.js
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 		2 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-828"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:56 GMT
api.js
www.google.com/recaptcha/ 		852 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b7cb1f60a7904347f454c8f41e18206d48d636574c61719e53184f254deb1353
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 02 Jun 2022 15:15:56 GMT
main.js
threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js?ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-ab4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
main.js
threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/ 		437 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/main.js?ver=202224051706
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0de5867fb96beb7a6df6147dea8d8f921d522b0822b0bdc46ac1af2277d3215c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-1b5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/ 		173 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.85.15.31 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
08ef1b0d0a5b28f6b46bf1ead021b06c3dbcae98046af12205b4d7d478d743d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"80ca4259a675d81:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
alt-svc
h3=":443"; ma=86400
content-length
49340
x-xss-protection
1; mode=block
last-modified
Wed, 01 Jun 2022 10:57:13 GMT
server
x-frame-options
SAMEORIGIN
date
Thu, 02 Jun 2022 15:15:55 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
fr2/FRA2
accept-ranges
bytes
x-content-type-options
nosniff
main.js
threatpost.com/wp-content/themes/threatpost-2018/assets/js/ 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/main.js?ver=202107061113
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4e0b5563ff1fc5175d65e11e1546bee1945486d65d76c9248bdd77487532dadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-1c643"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
regenerator-runtime.min.js
threatpost.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-195e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
wp-polyfill.min.js
threatpost.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-4b3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
dom-ready.min.js
threatpost.com/wp-includes/js/dist/ 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-4e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
hooks.min.js
threatpost.com/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-163a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
i18n.min.js
threatpost.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-28a7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
a11y.min.js
threatpost.com/wp-includes/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-bfd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
jquery.json.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-730"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
gravityforms.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
69f0ade8cca67112ef495f707fb73c68fd5099a6cd9c51d9ba9ceda8dcca16f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-abe0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
conditional_logic.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-213f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
placeholders.jquery.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-121f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 09 Jun 2022 15:15:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 02 Jun 2022 14:32:59 GMT
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 19:53:04 GMT
server
AmazonS3
age
2577
etag
W/"cc07895b7b7c30a55c948b849ccd5e56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, DUS51-P2
content-encoding
gzip
x-amz-cf-id
OXXYc-GRWu3PgxUUOFxmzTULQznl19ZxD6ioY4M-NcNZHhvR9ECUVw==
connatix.player.dc.js
cds.connatix.com/p/164828/ Frame FAF1
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/164828/connatix.player.dc.js
992 KB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164828/connatix.player.dc.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b117eb2dc1253f579e1169b3c31e462fc99ac325bce087c16779355a8506dcf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
br
last-modified
Thu, 02 Jun 2022 13:12:20 GMT
age
5520
etag
"8fb663e5d848198c9dcb4a32dc989b65"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
268555

Redirect headers

location
https://cds.connatix.com/p/164828/connatix.player.dc.js
date
Thu, 02 Jun 2022 15:15:55 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
/
kasperskycontenthub.com/ 		0
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=810222288&back=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-cache-hit
HIT
x-debug-auth
off
strict-transport-security
max-age=31536000; includeSubDomains
x-request-host
kasperskycontenthub.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		186 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
964faa03970d67756ea2522d6ea6ae4dbd0aba7f5c5baa0deaa9ba8e22059f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63493
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Jun 2022 15:15:56 GMT
gtm.js
www.googletagmanager.com/ 		486 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86ff8d7a6904d38dfb6c6483bd6604d172e31d4430754b713043a73d930b4476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117944
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 15:00:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Jun 2022 15:15:56 GMT
icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-328e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-328e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-4a32"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18994
expires
Thu, 09 Jun 2022 15:15:55 GMT
Sagar-Tiwari.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2022/04/28104006/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/04/28104006/Sagar-Tiwari.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e96563e92a6dfd2dc379e59ac92e0df0cd1833112fc57e5101b5bbf9306e6f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 04:59:34 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 12:48:19 GMT
server
AmazonS3
age
382582
etag
"d723616d84ea311db4196b201c8cee4d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
6005
x-amz-cf-id
QI7y0jH6EMECbkFhGkPHH_a-kKMu7Wrp-JTvn99PRhBwhP0sEm85wA==
expires
Fri, 05 May 2023 12:48:18 GMT
BlackCloack-0601-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2022/06/01093531/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/06/01093531/BlackCloack-0601-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e17043a652f5f8819c5be73850d2b2e9c40a77ad23ee2f951fe1b48c22a740c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 12:54:11 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Wed, 01 Jun 2022 13:35:36 GMT
server
AmazonS3
age
8505
etag
"99d34b17802f3560c83a5b2e0ee37cc1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
28529
x-amz-cf-id
gcrUzW-y4G-et53diCDOwx4CCRcOZxMDakwdruQJ4hM7T96G0gDIaQ==
expires
Thu, 01 Jun 2023 13:35:35 GMT
discord_mobile_app-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/11100300/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/11100300/discord_mobile_app-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75c0e0ea9be34d4a8e241025a05520108af17a87cba15af9ad61c9c9d633877d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:46:08 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 15:03:04 GMT
server
AmazonS3
age
12588
etag
"efdc3c666e9b44f47907fcd13dc4eea5"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
20921
x-amz-cf-id
AaLhAI9JJR0C3sG_BFHsKtpU_75N9duLf9aeDodVQLyEMyD7w0iMjQ==
expires
Fri, 11 Feb 2022 15:03:03 GMT
malware-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/02/02160341/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/02/02160341/malware-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6071600aa19773525efd4442285dd47099627b02e78b66c993ba4fcef3a74a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:06:44 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 21:03:45 GMT
server
AmazonS3
age
1739352
etag
"dc548f30824ec0d472fc36e775b7739a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA50-C1
accept-ranges
bytes
content-length
36473
x-amz-cf-id
RYuIT5mAVugcIeJBz5aIEzWKGo9xZjnDVouHhyAVSSi676eQ5mwGQg==
expires
Wed, 02 Feb 2022 21:03:44 GMT
ransomware-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/12/05152830/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2019/12/05152830/ransomware-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2a1df46bf3ce0a1a75cf6d24bf8881b30fa34d1ab2833f90c07366823cbd094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:09:52 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Thu, 05 Dec 2019 20:28:33 GMT
server
AmazonS3
age
7564
etag
"fbb8917c985091ae6283cc9874487ea6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
2492
x-amz-cf-id
vy7VPR-E6WI0KVnyNxJ1A1YlkiIwjJBAGtvDpQKgBUYJJjO6HNLbmg==
expires
Fri, 04 Dec 2020 20:28:30 GMT
zero-trust-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/06/11165310/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/06/11165310/zero-trust-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2601819d7387eaa39cdce9df2aac15559572e9974bfe2d83bfb89b5873cf638a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 12:50:25 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jun 2021 20:53:15 GMT
server
AmazonS3
age
872731
etag
"0dbac1a64b0c995eba2c1af030a0b84b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA50-C1
accept-ranges
bytes
content-length
2204
x-amz-cf-id
Jahmgiym-GPvx1pWHGJX1IkZT6szskMeZpXupx0qo1PWgBVIGx_GZg==
expires
Sat, 11 Jun 2022 20:53:14 GMT
honda-data-leak-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2019/07/31143348/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2019/07/31143348/honda-data-leak-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aed74ca5263f835a96dd0e79a8cb9ab61f5b52bbf136dfc51498771a8b6baef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 06:23:12 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2019 18:33:51 GMT
server
AmazonS3
age
463964
etag
"fe8ccf55bc2ee0c72c0e7f16dda11720"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA50-C1
accept-ranges
bytes
content-length
2001
x-amz-cf-id
YzGRuSXAlmjLLrrtxwyIyWr8LZPCjjwuBphof8ToT5di_ZhM3OXmfw==
expires
Thu, 30 Jul 2020 18:33:48 GMT
DDoS-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/10120505/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/10120505/DDoS-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc8ae1c2826f713cc3dff20cde6078ba57bec99397f4d61dae38cd82b0f5b48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 12 May 2022 11:59:29 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Fri, 10 Sep 2021 16:05:09 GMT
server
AmazonS3
age
1826187
etag
"a5c5593abb184fca0fb91da48fe02ef6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA50-C1
accept-ranges
bytes
content-length
1804
x-amz-cf-id
MVrXznt180ZLj_4pEN2KkuZT2PN1XYvKk8p8S1iR-EoqoQedDQo62g==
expires
Sat, 10 Sep 2022 16:05:08 GMT
cloud_web_app-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/01/05170820/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/01/05170820/cloud_web_app-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f8e26c6e3747211b9e868590efacffe3e5fda8c33df14ea69aeb09b0270064c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:00:36 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jan 2021 22:08:25 GMT
server
AmazonS3
age
2427320
etag
"467b7391215e33f5cb19813268f1a4cd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
2755
x-amz-cf-id
nqTalgfHzaSoBEOTaRNs6DJMpPTtqZO-TBlkQWZYmV6LmjcVxg7HkA==
expires
Wed, 05 Jan 2022 22:08:24 GMT
mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		828 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-33c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		868 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-364"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		812 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
W/"62985bd7-32c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jun 2022 15:15:55 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-260a"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
9738
expires
Thu, 09 Jun 2022 15:15:55 GMT
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
25046680
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ybZbTaZQcyBrwCgdpZxH8w0bNB-T2H30gGkiyfZLC6nAqm1SKJIUqA==
bl-fe8bb3e-0604ea50.js
tagan.adlightning.com/math-aids-threatpost/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-fe8bb3e-0604ea50.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff8e07213805ed0dd3cab5f58dacffba0671bc484c7fa74d019559a6146da68a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:12:46 GMT
content-encoding
gzip
age
7390
x-cache
Hit from cloudfront
content-length
19442
x-amz-meta-git_commit
fe8bb3e
last-modified
Thu, 02 Jun 2022 13:02:46 GMT
server
AmazonS3
etag
"825486e49fc3b88060a595cef4101f6c"
x-amz-version-id
zp0RV0fYFs86RC3SWUEBLux8TNKWg2VV
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
CreyEFkknyMonPA1shh27gMp3aOhST6tRIvDwUV-EF1Ne0xgOnKVlA==
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		318 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 03 May 2022 16:25:12 GMT
server
cloudflare
etag
W/"4f6fe-5de1df3ffe732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKbpBMsM%2F0YvyFnGVBlKc73CST9AUopkk6ms04fAOgM%2FZeR4c6bmGjDdBwMt9MoZZ31N9LeADW%2FzITXrHFvgy7kodUHoBdHW2%2BzvQLuPxN%2BxKUwBVvBhqOpTDD1rk1As9pGOhzDEmhRt270JOWnrhSY7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
715125b3394e59b3-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 02 Jun 2022 15:25:56 GMT
pubads_impl_2022052601.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 14:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127327
x-xss-protection
0
last-modified
Thu, 26 May 2022 08:35:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 02 Jun 2023 14:53:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		141 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4c4215f41a4bb6f12e0d100854eecc6bc5c57ef23af0e945b8359d7727ae94e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
expires
Thu, 02 Jun 2022 15:15:56 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/164828/ Frame FAF1 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
last-modified
Thu, 02 Jun 2022 13:12:21 GMT
age
5520
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
player.css
cds.connatix.com/p/164828/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164828/player.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
last-modified
Thu, 02 Jun 2022 13:12:21 GMT
age
5520
etag
"ea2f9ede807e1b050a71617a64dba818"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8709
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 14:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146184
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 14:44:11 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 12:24:30 GMT
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
server
Server
age
10285
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-length
662
x-amz-cf-id
elHb53x0HpEP0i3hdzENrwNfxRW8FIEtZIQei5QxFlSXxTK-PSEaaw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 00:57:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
51488
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 02 Jun 2022 00:57:09 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
RKExgWEujVvV594hCMSDkFaFA3mnC61Y-2x_TQ8-nV1zk2Ocls2OCA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 02 Jun 2022 15:30:56 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 14:17:19 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
698581996
gtm.js
www.googletagmanager.com/ 		434 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef2014dd9ffea5c6137fabcf6b10982f0f0d157dc659ba9a65e2b6ad8b1e4418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115139
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Jun 2022 15:15:56 GMT
pls
capi.connatix.com/core/ Frame FAF1 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f849535427c9f359ee79bc894a23eb43bec850b13650fbd6bc234ef69e92a95a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5955
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 		365 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 14:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 14:00:50 GMT
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1654182956349
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.178.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-178-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
53b54850180a898189aefbf64f7227472990e98265875574b99ce0cc8a4a2a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v033-08ff3a09e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
H3ETkuSMR04=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
312
Expires
Thu, 01 Jan 1970 00:00:00 UTC
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6070
date
Thu, 02 Jun 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Jun 2022 15:34:46 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Jun 2022 15:15:56 GMT
uwt.js
static.ads-twitter.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 19:44:22 GMT
etag
"37e15fed72b47b0100cbd5c7aaa9d3a0+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14634
x-served-by
cache-iad-kcgs7200157-IAD, cache-muc13962-MUC
flipboard.svg
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 		236 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-ec"
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
236
fontawesome-webfont.woff2
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v59
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
last-modified
Thu, 02 Jun 2022 06:42:31 GMT
server
nginx/1.18.0
etag
"62985bd7-12d68"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
v1
geo.ipify.org/api/ 		381 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
25f8a67a6dfb75916a6439d9f11924f77b849ee6ce42fc39841087b9baa8c5f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame BDDE 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fthreatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA0) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
66117
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Jun 2022 15:15:56 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Sun, 15 May 2022 20:03:39 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BA0)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
localstore.js
script.4dex.io/ 		483 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1878
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZUsAvfL3PmZ%2FrCuhzckcGFYQt8HiIwYzXMZbdyXPE4tS6ywSk8c%2BCrJlqEcjOJiJkjt%2FGLej%2BDiIzOCdbq3A69%2B4QaLF3a1i23Fdf8%2F%2BrmD6tbbLuY7URLeZcgn2ZJC0y2jKxaesbZ%2FQ7je"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
715125b65de683b2-MXP
expires
Thu, 02 Jun 2022 15:45:56 GMT
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.112.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-112-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.112.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-112-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:56 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.112.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-112-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:56 GMT
access-control-allow-credentials
true
vary
Origin
c
prebid.a-mo.net/a/ 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
279
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22145c06268b51b9c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22152ffb4237ed03f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%7D%2C%7B%22id%22%3A%2216445aba6f4fce4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%7D%2C%7B%22id%22%3A%221747a51a5809af8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7dd508a9c9f4c60f90ccdcb108403958f804cc40b0d062809f14a4628d05480f

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.8], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 02 Jun 2022 15:15:56 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
f9307328727e42da0de13338391f1cff53f24a67677c2bb1a76e66b87e2c30cf

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3acdfd105c0fc911b884c492163fc5ae526781b4a930461681b9dbf24d11d7d

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
77c1e0e24b999319be4b1e68db67a97a691ab94817084b10a4ff63e7422d6e3b

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
v2
e.serverbid.com/api/ 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.22.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7263a6be197019805788012930ed99d8c55d3cca8abde09ddec538427c009a63

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 02 Jun 2022 15:15:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
arj
teachingaids-d.openx.net/w/1.0/ 		174 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5aaeb5bf-1e73-4f20-aec8-b273975904e7%2C5aaeb5bf-1e73-4f20-aec8-b273975904e7%2C55371f89-9713-46a4-b28b-f3ee8f6c945b%2Cfe1a3c9c-3162-4fc5-b4d5-28e0c3830834%2Cfe1a3c9c-3162-4fc5-b4d5-28e0c3830834&nocache=1654182956502&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
40bc6611538ba185c6f27cfa57cadea21bd0580203fb864ac272dd275d23641d

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/216477/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=6.22,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
adreq
ads.servenobid.com/ 		598 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7752
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d8e2a4bd0ecfc5c0bd3ecf60e02f3235cc179f14bdd1aa1e79a45ac2f7280576

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		114 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f658cc149158605316d16326365d5659a46ff599d4e805e4bfd942b1344df0b

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
715125b67b2d23c7-ZRH
pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
prebid
ib.adnxs.com/ut/v3/ 		26 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b941c932bbcd72f6e48f5a85e40fc593b8e52341c54f7eede52bc1627781f579
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 02 Jun 2022 15:15:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4a8e4a38-405c-47cc-964d-e0247408a83b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		590 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=5aaeb5bf-1e73-4f20-aec8-b273975904e7&l_pb_bid_id=55c0c2279856d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF&slots=1&rand=0.4909363168392502
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4abc7225008099bf28371a7ec52dc31061a91d90297a1b7a461abd3197e2bc68

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
590
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		588 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=55371f89-9713-46a4-b28b-f3ee8f6c945b&l_pb_bid_id=56b3c05ce38b24f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF&slots=1&rand=0.8681190125543075
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3cd7bcd174f0d5b1f739075ea4832aa0d5a0f902525740a12d210ea7717d355

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
588
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		588 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=fe1a3c9c-3162-4fc5-b4d5-28e0c3830834&l_pb_bid_id=57ea04c7320d0bc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&slots=1&rand=0.32678913335836457
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0f216211e9ae3703e08d829cec849bf516ac6ac4061550c9e277273d1d5ddfee

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
588
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		588 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=fe1a3c9c-3162-4fc5-b4d5-28e0c3830834&l_pb_bid_id=584b723a256d1a5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&slots=1&rand=0.08988840626230488
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6dcc9bf410ab7f48320489036917c1bb759a0c64495e3fbecf1087ed3b73bdbf

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:56 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
588
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.22.0&referrer=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.158.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-158-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
accept-ch
user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&pid=XnewHLhSZN8jz&cb=0&ws=1600x1200&v=7.75.0&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
E4QRGWKGN67M33AH7HHV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
neztQSKzzN_wwKcLfSCo6aKvAfOoaY8_kV_p19GDyfGlROQWBrlsaQ==
blockedDomains_17.bin
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame FAF1 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_17.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aff26c2f3864a04ba6f021451c4b4102bf7fc57a4b09e24d9d621112c2fa5230

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 16:19:12 GMT
age
687312
etag
"cf08dcb50559f0eb8e982959bfbd3d7f"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1485
insights.bin
ins.connatix.com/ee5cd99834d304c24cee01beab30fff4/ Frame FAF1 		324 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/ee5cd99834d304c24cee01beab30fff4/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e486ee245b144281b83d788a30ec4f7e0b52db75e2a38c37f6f7abe14fc6835

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 08:06:10 GMT
age
182217
etag
"a0b61252c01d9ec342fdd808ac01584c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
213
724.json
id5-sync.com/g/v2/ 		213 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
13222d7e031dd6e9742f31fafa28ee134de4566efee24d89765db069328fa6e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:56 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
settings
syndication.twitter.com/ Frame BDDE 		331 B
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=5400d22d66d6c55930819e2fcd89dc48138c43f5
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fthreatpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
f83df770a7c9763424b29bfe7462c8f8e807d18dc0b4570f4ada501240007fda
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
111
date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 15:15:56 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
73199408b044748b9051df30c778bdd8bc1bcbf17e18d674ccef86c8d07f7881
content-length
193
rules-p-_7kVx0t9Jqj90.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:06:58 GMT
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
server
AmazonS3
age
537
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
eDN7ATvvqNrG3FiqNjkJ-0XScGEFe9he6VJ4TidbiSQUK4tHMH0nng==
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=235896a8-423e-425e-a596-874943d42de9
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
117
date
Thu, 02 Jun 2022 15:15:56 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
3944560483eb87be94b5509bd9b012ef1e0b4e082d656cdb187d65fa9b3d76e6
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=235896a8-423e-425e-a596-874943d42de9
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
116
date
Thu, 02 Jun 2022 15:15:56 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
69e27cac6061a7222e4917ae294353993f9f77ef9752fa72a891a8e89f94177c
content-length
43
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1239310541&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&ul=en-us&de=UTF-8&dt=Zero-Day%20%27Follina%27%20Bug%20Lays%20Microsoft%20Office%20Open%20to%20Attack%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1438620455&gjid=1867632614&cid=680018976.1654182957&tid=UA-35676203-21&_gid=130631136.1654182957&_r=1&gtm=2wg610PM29HLF&z=1630451625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1239310541&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&ul=en-us&de=UTF-8&dt=Zero-Day%20%27Follina%27%20Bug%20Lays%20Microsoft%20Office%20Open%20to%20Attack%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=680018976.1654182957&tid=UA-35676203-21&_gid=130631136.1654182957&gtm=2wg610PM29HLF&z=22028813
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 15:46:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84564
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
4ca8e1c1bdee1b954be0d8fd9c8aabbccee5acf8c355af96b4bcbbb5c7ced8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28137
x-xss-protection
0
server
sffe
etag
"1232 / 4 of 1000 / last-modified: 1654168207"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Jun 2022 15:15:56 GMT
2_media.bin
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		291 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7512a06a402970f17f9f475450ee30c338f344003fb5da802de313adc9a22d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:37:11 GMT
age
86786
etag
"c845fd4efeffc596c3f069c6147f205c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FAF1 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Thu, 02 Jun 2022 15:15:56 GMT
1.png
img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
age
1406828
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28329
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8a0e4b40f4914ae1af7ff-006298656c
x-amz-id-2
tx8a0e4b40f4914ae1af7ff-006298656c
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MesELP1yjlIzFbavKC2in8KSr8l5ZTBWJ5dVshSf3Ms8mCfls%2BXz4mO2F1GZFoasii5D2hENR9EF%2FET58H3VwviVp568woNCSxeFf5Fb9hM%2FzhPBZH%2BPTdVCtROXblig7TSFYQzv0BoYsOz9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
715125b7fa415a13-MXP
access-control-allow-headers
Authorization
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=680018976.1654182957&jid=1438620455&gjid=1867632614&_gid=130631136.1654182957&_u=YEBAAEAAAAAAAC~&z=808979733
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 02 Jun 2022 15:15:56 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/164828/ Frame FAF1 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
last-modified
Thu, 02 Jun 2022 13:12:21 GMT
age
5521
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
pixel;r=457415261;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;uht=2;fpan=1;fpa=P0-18181...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=457415261;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;uht=2;fpan=1;fpa=P0-1818193637-1654182956770;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;ref=;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1654182956770;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2020%2F08%2F25155836%2Foffic%2Ctype.article%2Ctitle.Zero-Day%20'Follina'%20Bug%20Lays%20Microsoft%20Office%20Open%20to%20Attack%2Cdescription.Malware%20loads%20itself%20from%20remote%20servers%20and%20bypasses%20Microsoft's%20Defender%20AV%20sc%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fzero-day-follina-bug-lays-older-microsoft-office-versions
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
button.e878ad6ba18f0bdda53d6861059b0edd.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e878ad6ba18f0bdda53d6861059b0edd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC1) /
Resource Hash
bd08180ec011a2cc6a193103b8279709370cedabcafe9ea5a7dd4a6ff23541d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:56 GMT
Content-Encoding
gzip
Age
66116
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
2358
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:31 GMT
Server
ECS (amb/6BC1)
Etag
"3a38d3766372da05b01a88837c3af509+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
horizon_tweet.c9df2d9b929da727d1e2e137e0482378.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.c9df2d9b929da727d1e2e137e0482378.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9D) /
Resource Hash
8993847fc5ab8598921a6022687d68c0efd65ba5e26f8b970ad2b83466edce8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:56 GMT
Content-Encoding
gzip
Age
66118
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
2476
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:31 GMT
Server
ECS (amb/6B9D)
Etag
"550f8d645a77f0ab50d361c5088aa0cf+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame FAF1 		804 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
1bca030c2de830e9ea754dc7a1283f17d052cad26811aab5089cc91af01f929c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
624
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&pid=XnewHLhSZN8jz&cb=1&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
851F0RMB396F3F426S9Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
0t7w0A2FQnx5eJqPKcCTQSfGeU6lv0V0vR7ykfTEv1aKpLMsFo_kdA==
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d03fc0d3e3ed8f5a95358db135956d2864385634638bf3c23798cb31e910d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
age
98025
etag
"DmGzuT5hUydZd3dhyUwZGhBwfsICJ5WGmlbS8kC2mRs"
access-control-max-age
86400
fastly-io-info
ifsz=80429 idim=2560x1440 ifmt=jpeg ofsz=7730 odim=400x225 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7310
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=680018976.1654182957&jid=1438620455&_u=YEBAAEAAAAAAAC~&z=98140341
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=680018976.1654182957&jid=1438620455&_u=YEBAAEAAAAAAAC~&z=98140341
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid6.20.0-1.js
cds.connatix.com/p/plugins/ Frame 5756 		433 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d92a11899a5768511f0431479d50a6fbabd9aa93099c062bc9f348fdb83be72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 09:02:01 GMT
age
1318419
etag
"d147c1dd13a25190e1aa7227401d9c91"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
115039
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 9941 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
155739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 20:00:17 GMT
expires
Wed, 31 May 2023 20:00:17 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FAF1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Jun 2022 15:15:56 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 0593 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
155739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 20:00:17 GMT
expires
Wed, 31 May 2023 20:00:17 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame D726 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
155739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 20:00:17 GMT
expires
Wed, 31 May 2023 20:00:17 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
playlist.m3u8
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		309 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/playlist.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:37:11 GMT
age
98020
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BFF5 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 02 Jun 2022 16:03:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DFEC 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 02 Jun 2022 16:03:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C06A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 02 Jun 2022 16:03:34 GMT
follow_button.bbd13993eb53d3a11ac08f5e8cf9d6a4.en.html
platform.twitter.com/widgets/ Frame A64D 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.bbd13993eb53d3a11ac08f5e8cf9d6a4.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC1) /
Resource Hash
9c02e3add7b3e4c9023eb7395d7a6de8b9447d081ebb5721b7e43e3a8b9eeb18

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
66096
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13633
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Jun 2022 15:15:56 GMT
Etag
"3d602482a4a6483897235786736cc8de+gzip"
Last-Modified
Sun, 15 May 2022 20:03:32 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC1)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/ 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22threatpost%22%2C%22widget_creator_screen_name%22%3A%22threatpost%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1654182956954%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5400d22d66d6c55930819e2fcd89dc48138c43f5
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Thu, 02 Jun 2022 15:15:57 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
73199408b044748b9051df30c778bdd8bc1bcbf17e18d674ccef86c8d07f7881
x-transaction
aef157d195ddb0e4
expires
Tue, 31 Mar 1981 05:00:00 GMT
dest5.html
kaspersky.demdex.net/ Frame 339B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.232.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-232-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v033-08a1b97de.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
J5STBrRmRhc=
content-encoding
gzip
date
Thu, 2 Jun 2022 15:15:57 GMT
last-modified
Thu, 26 May 2022 14:14:47 GMT
vary
accept-encoding
id
kaspersky.d3.sc.omtrdc.net/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=86221655327043023532339144544638514881&ts=1654182957009
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-df488f754-pxqrg
vary
Origin
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YpjULQAAAEYBLwNx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=87873501908330934513327221415360141467
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YpjULQAAAEYBLwNx
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YpjULQAAAEYBLwNx
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
HTTP/1.1
Server
52.212.178.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-178-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v033-0f0ca5749.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
q7s7jYURTts=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YpjULQAAAEYBLwNx
Date
Thu, 02 Jun 2022 15:15:57 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
integrator.js
adservice.google.com/adsid/ Frame FAF1 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Tweet.html
platform.twitter.com/embed/ Frame 5355 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B83) /
Resource Hash
1c5eb02e931ad044d1436aa973fbf6a980286cfb4e3b6f4c40c202b5640429da

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
519
Cache-Control
public, max-age=1800
Content-Length
487
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Jun 2022 15:15:57 GMT
Etag
"a39a3389ee179ebeb61a75270a37bf58"
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B83)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_tweet_result_migration_13979%22%2C%22bucket%22%3A%22tweet_result%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221530196847679401984%22%5D%2C%22item_details%22%3A%7B%221530196847679401984%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1654182957048%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_tweet_result_migration_13979%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=5400d22d66d6c55930819e2fcd89dc48138c43f5
Requested by
Host: threatpost.com
URL: https://threatpost.com/zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack/179756/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Thu, 02 Jun 2022 15:15:57 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
73199408b044748b9051df30c778bdd8bc1bcbf17e18d674ccef86c8d07f7881
x-transaction
0f0823dea234c071
expires
Tue, 31 Mar 1981 05:00:00 GMT
0.m3u8
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		664 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/0.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53c3f76a235a068d4755be5eeba79712c30871b5907fc6597a5e55485db61727

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:37:10 GMT
age
98020
etag
"a35f33af9b96bc830f09a9aaf06c4973"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
259
mvo
tag.1rx.io/rmp/233098/0/ Frame 5756 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/233148/0/ Frame 5756 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ Frame 5756 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cf28d607015e08d3fadb6da1ac9b0f8dcd850edfdfd26ee904e249305ed1b4fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:57 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f46d5b6-db82-447a-b573-99a98c26f5ae
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
teachingaids-d.openx.net/v/1.0/ Frame 5756 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e0ffd74d-36ac-48e3-8475-5ebec7d3759b&nocache=1654182957242&gdpr=0&pubcid=44fa0481-5e9b-4a80-8684-6494c4eb7947&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%2C%22minduration%22%3A0%2C%22skippable%22%3Atrue%2C%22placement%22%3A3%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225&aumfs=250
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
via
1.1 google
server
OXGW/eecec1e
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 5756 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/216475/0/ Frame 5756 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ Frame 5756 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
teachingaids-d.openx.net/v/1.0/ Frame 5756 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e88f8ab0-f805-4522-9353-d4dbeb292b97&nocache=1654182957251&gdpr=0&pubcid=44fa0481-5e9b-4a80-8684-6494c4eb7947&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%2C%22minduration%22%3A0%2C%22skippable%22%3Atrue%2C%22placement%22%3A3%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225&aumfs=250
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
via
1.1 google
server
OXGW/eecec1e
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 5756 		66 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
1cfe7e7b5af3c45e57e1729a0f2e233406361df9e2a9cd7cb05dce037475e617

Request headers

Referer
https://threatpost.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://threatpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://threatpost.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 02 Jun 2022 15:15:57 GMT
server
ATS/9.1.0.46
c
prebid.a-mo.net/a/ Frame 5756 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/216476/0/ Frame 5756 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 5756 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=435870&v=8.1&ac=j&sd=1&nf=1&t=900&r=%7B%22id%22%3A%2223cdc9088259498%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22245ccd7cd59bf72%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A3%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%22750b5255-3956-4e48-8c7f-135617cf2de8%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2244fa0481-5e9b-4a80-8684-6494c4eb7947%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e59e02c8f60423ea8fbc816d0e1319ee4bedf51f6a02b83b2b80280436b318f2

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.8], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 02 Jun 2022 15:15:57 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5756 		139 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9f34f348e10c2555387f62027234e86082aac7845e2f97727c9da301ffb736b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:57 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f84a39b-46b3-4c70-bd92-dd49bbed4458
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 5756 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=435871&v=8.1&ac=j&sd=1&nf=1&t=900&r=%7B%22id%22%3A%22274f3c1ff0d0cc2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228ddeb06c06d313%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A3%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%22750b5255-3956-4e48-8c7f-135617cf2de8%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2244fa0481-5e9b-4a80-8684-6494c4eb7947%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7a7d52ae7310201217753c1605c82c94ea63a6d4d4813b9cf92a97dce2495395

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.8], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 02 Jun 2022 15:15:57 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=742946448091356&correlator=3448506239998542&eid=31067856%2C31067773%2C31061165&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2&ifi=1&adks=4166723991%2C1414505084%2C1356251026%2C3771495681&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D643adfbfa9cc43e%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D643adfbfa9cc43e%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D65955f64ee7cef6%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D65955f64ee7cef6%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%252F179756%252F%26urlquery%3Dgoogfc%26contentid%3D179756%26category%3Dmalware-2%26contenttags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1654182957302&lmt=1654182957&dlt=1654182955241&idt=1123&biw=1600&bih=1200&adxs=436%2C1082%2C1082%2C0&adys=8%2C166%2C1206%2C8&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0&msz=728x0%7C300x0%7C300x0%7C1600x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=680018976.1654182957&ga_sid=1654182957&ga_hid=1239310541&ga_fc=true&btvi=0%7C0%7C1%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5be3d6c3662df315e355c8dc8306158d14aa3480c6a4e0df7029f5cfab7aaeaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15139
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6670 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Fri, 02 Jun 2023 15:15:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
pl.connatix.com/ Frame FAF1 		2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.connatix.com/
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
via
1.1 varnish
x-timer
S1654182957.355404,VS0,VE379
x-served-by
cache-hhn4067-HHN
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2
x-cache-hits
0
truncated
/ Frame A64D 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
info.json
cdn.syndication.twimg.com/widgets/followbutton/ Frame A64D 		234 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=en&screen_names=threatpost
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.bbd13993eb53d3a11ac08f5e8cf9d6a4.en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
464753a7747c8fac7f552b74a3dd69151baa9fe71edad36290476fee62bba679
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS
content-disposition
attachment; filename=jsonp.jsonp
content-length
179
x-xss-protection
0
x-served-by
cache-hhn11582-HHN
x-response-time
115
access-control-allow-origin
https://platform.twitter.com
last-modified
Thu, 02 Jun 2022 15:15:57 GMT
x-timer
S1654182957.390410,VS0,VE118
x-frame-options
SAMEORIGIN
date
Thu, 02 Jun 2022 15:15:57 GMT
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
via
1.1 varnish
cache-control
must-revalidate, max-age=600
x-connection-hash
6be80131931d6c97da0b6f43a4106da863a297786f581e17d810e4cf32255743
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 15:25:57 GMT
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
969110a06a8d583a36ad6d784878494dce9fe6f36bd196f75aab597cc67ae729

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=0-1361

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
last-modified
Tue, 18 May 2021 20:37:10 GMT
age
93806
etag
"54db197ffab91dbff3d916a960357185"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/5157094
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
embed.runtime.e1a0e5fcbc846d23478f.js
platform.twitter.com/embed/ Frame 5355 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.e1a0e5fcbc846d23478f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA2) /
Resource Hash
5559e9a49423efccb952585fbc32b19e3d09b36ad926a8816af579253ffcdf7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
4254
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6BA2)
Etag
"f14d7964652ee003acf33cc4f5b078ad+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.f34a0f34273ac52f3e51.js
platform.twitter.com/embed/ Frame 5355 		512 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.f34a0f34273ac52f3e51.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA0) /
Resource Hash
5e794d4a1df5f1c1035c15d1f24e115f9fdab9be376f12754239b981f61bf887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66118
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
171249
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6BA0)
Etag
"7490e7a386def1875edc794009edc560+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.58f3645101e687f24f08.js
platform.twitter.com/embed/ Frame 5355 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.58f3645101e687f24f08.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash
52c19e156be623c2b03edbf619561b9ce54fef7186e33dc7152bb17b7cc2f1ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
794
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6B95)
Etag
"cfb405c70f2f1c1a003ec96fa540cf30+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.94286ae4f47f2cda73e9.js
platform.twitter.com/embed/ Frame 5355 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.94286ae4f47f2cda73e9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B73) /
Resource Hash
ab1bd46ea15592bef2c5e2e2bfb90bbe7fb748a039acae35621f707e74e26b34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5637
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6B73)
Etag
"87bc8ca366bc73960cbda3ba6c14a44f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		619 KB
620 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66448cea230bdf30478fe18f2af9aacace411d05833b43424cf962b1457968f0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=1362-635369

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
last-modified
Tue, 18 May 2021 20:37:10 GMT
age
93806
etag
"54db197ffab91dbff3d916a960357185"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-635369/5157094
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
634008
embed.vendors~ondemand.en-js.acec6ae280b2e2f6ef87.js
platform.twitter.com/embed/ Frame 5355 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.acec6ae280b2e2f6ef87.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e1a0e5fcbc846d23478f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAD) /
Resource Hash
931750573d4728b1437a7a6769a62596c3f1f011554e2e3f401c7dfd9fb18d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
13145
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6BAD)
Etag
"d2f883c771ed4b1c0f62ad00c6ca3a69+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.5ab403453815af8885c8.js
platform.twitter.com/embed/ Frame 5355 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.5ab403453815af8885c8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e1a0e5fcbc846d23478f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBD) /
Resource Hash
735f1abaa77b0fb510261c9e7aa05ad695af92b888f85b6604f44d8653ce79dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1293
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6BBD)
Etag
"06f8c27a0df1bb9d1d88f152801cdda4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.1e1be839d2d2b69bdf78.js
platform.twitter.com/embed/ Frame 5355 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.1e1be839d2d2b69bdf78.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e1a0e5fcbc846d23478f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA8) /
Resource Hash
7a4645fb7bd66c6fa3088677ee1a517deea83df27006a147e3dcd64387761ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1294
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6BA8)
Etag
"152e5ac13ebd99eabd94a11d7061d9ff+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
ads
pubads.g.doubleclick.net/gampad/ Frame 9941 		156 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C22677468627%2FCNX_VIDEO%2F1234-12&description_url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&tfcd=0&%5BNPA%5D&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3169617292748298&cust_params=domains%3Dthreatpost.com&ad_type=video&vad_type=linear&sdkv=h.3.517.2&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&ptt=20&adk=478629382&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=C9E1C217-706D-4287-8BF3-46C9F744B3E9&nel=0&eid=44760950%2C44761692%2C44762462&top=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&loc=about%3Ablank&dlt=1654182955357&idt=1875&dt=1654182957475&cookie_enabled=1&scor=1984422220194136&ged=ve4_td2_tt0_pd2_la2000_er1007.1246.1166.1552_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.vendors~ondemand.Tweet.064ef547621667f0c5ed.js
platform.twitter.com/embed/ Frame 5355 		450 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.064ef547621667f0c5ed.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e1a0e5fcbc846d23478f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B94) /
Resource Hash
2dd03edf39ceb2293a5942ee1925932d1efc47ac74080ca2e2ddd0fd2d35741c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66115
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
128827
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6B94)
Etag
"b9859d36946babed962152b2268dec32+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.4cd63c8ef3750a883330.js
platform.twitter.com/embed/ Frame 5355 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.4cd63c8ef3750a883330.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.e1a0e5fcbc846d23478f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC0) /
Resource Hash
f00aa84d2267a95c2e4d5883ccdb8df2a6a1049369257f6081d84ef43bbe0fc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=threatpost&dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X3Jlc3VsdF9taWdyYXRpb25fMTM5NzkiOnsiYnVja2V0IjoidHdlZXRfcmVzdWx0IiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1530196847679401984&lang=en&origin=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&sessionId=5400d22d66d6c55930819e2fcd89dc48138c43f5&siteScreenName=threatpost&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=500px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Age
66119
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
17406
x-tw-cdn
VZ
Last-Modified
Wed, 01 Jun 2022 20:51:06 GMT
Server
ECS (amb/6BC0)
Etag
"5fb9948c2f3c29a66f96eaca743187e2+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		572 KB
572 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9035732dd9e89d497fef48955eddf8fa0a054483da917b0ad08fbc4188561ee1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=635370-1220826

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
last-modified
Tue, 18 May 2021 20:37:10 GMT
age
93806
etag
"54db197ffab91dbff3d916a960357185"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 635370-1220826/5157094
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
585457
mq
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
tweet-result
cdn.syndication.twimg.com/ Frame 5355 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_refsrc_session%3Aoff%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_tweet_result_migration_13979%3Atweet_result&id=1530196847679401984&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.f34a0f34273ac52f3e51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
c2d9b7670c98bbd7bdfd1f095b862a3d545e08d7146cee81bec0fba86093a0ef
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-powered-by
Express
x-cache
MISS
date
Thu, 02 Jun 2022 15:15:57 GMT
vary
Origin, Accept-Encoding
content-length
832
x-xss-protection
0
x-served-by
cache-hhn11582-HHN
x-response-time
141
access-control-allow-origin
https://platform.twitter.com
x-timer
S1654182958.585094,VS0,VE168
x-frame-options
SAMEORIGIN
etag
W/"63d-FmkzAyNTePMdHCWcnS6BkVtByuo"
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
ef39040c633136110a42c58fdad71e36b758fba73450c91a2013bc23ce4371c1
accept-ranges
bytes
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05fadc95abf954b340b41f141d1270cbd435628929b030fc90d88a9c9ddd6b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10701
x-xss-protection
0
web-vitals.umd.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@2.1.4
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
11451813
fly-request-id
01FSX6G1QVHCEFQ5K9M6V6JX3K
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
715125bd9eb001db-ZRH

Redirect headers

date
Thu, 02 Jun 2022 15:15:57 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FSX6G1H6HMMGWM8JDB016PND
server
cloudflare
age
11451813
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
715125bd5e3101db-ZRH
access-control-allow-origin
*
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1239310541&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&dp=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&ul=en-us&de=UTF-8&dt=Zero-Day%20%27Follina%27%20Bug%20Lays%20Microsoft%20Office%20Open%20to%20Attack%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1650869288&gjid=364671557&cid=680018976.1654182957&uid=86221655327043023532339144544638514881&tid=UA-63997723-2&_gid=130631136.1654182957&_r=1&gtm=2wg610WZ7LJ3&cd14=no_locale&cd15=86221655327043023532339144544638514881&cd53=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&cd16=680018976.1654182957&z=36767529
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6071
date
Thu, 02 Jun 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Jun 2022 15:34:46 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
662
Date
Thu, 02 Jun 2022 15:15:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=65282
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9582686
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b13fb4f8d917550921299c7658ca8414a6597b856072a9b2bbe37bf491e12032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39146
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Jun 2022 15:15:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 15:15:57 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63997723-2&cid=680018976.1654182957&jid=1650869288&uid=86221655327043023532339144544638514881&gjid=364671557&_gid=130631136.1654182957&_u=aEDAAEABAAAAAC~&z=1494355037
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 02 Jun 2022 15:15:57 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		191 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YP1JLG57CH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd5932fe5db379e35cbe77fac5f4def975eb264dcb4bbcfd5ddf904b7c76595e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70052
x-xss-protection
0
expires
Thu, 02 Jun 2022 15:15:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E808 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
851
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:01:46 GMT
expires
Fri, 02 Jun 2023 15:01:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 66D3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7710b2e35e91afa78dfa322c1787d6568a9138ed4a1e95d98d5cef3b06f5a9fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jjNil4_fxeu_DsbfwcBG5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-jjNil4_fxeu_DsbfwcBG5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Thu, 02 Jun 2022 15:15:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follin...
9582686.fls.doubleclick.net/ Frame 7C74
Redirect Chain
  • https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-foll...
  • https://9582686.fls.doubleclick.net/activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=...
756 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9582686.fls.doubleclick.net/activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
522ecd3d4f574f4335281081176e17cadec9e639010723b132dd52a00c330aee
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
475
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Thu, 02 Jun 2022 15:15:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9582686.fls.doubleclick.net/activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B0FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Fri, 02 Jun 2023 15:15:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F3BA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Fri, 02 Jun 2023 15:15:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C79C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:57 GMT
expires
Fri, 02 Jun 2023 15:15:57 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-2&cid=680018976.1654182957&jid=1650869288&_u=aEDAAEABAAAAAC~&z=1840528193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-2&cid=680018976.1654182957&jid=1650869288&_u=aEDAAEABAAAAAC~&z=1840528193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1654182957889%26url%3Dhttps%253A%252F%252Fthreatpost.com%252Fzero-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&l...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&liSync=true&e_ipv6=AQJDXdftIEMaGAAAAYEk_Nea12HpgJqdHZM4_Yqk4GcvwmNKkioOJxOGQdXWVWgAid2KfU6W87CoSETrCsQmvSgMu2tRCg
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2B9283E4B8C042F687EA6683C7EFBE68 Ref B: VIEEDGE1917 Ref C: 2022-06-02T15:15:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgeHuuy6kHLf13roKo9Q==
x-li-fabric
prod-lor1

Redirect headers

date
Thu, 02 Jun 2022 15:15:59 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0C62E88C90F14088916161ECA68FA31D Ref B: FRAEDGE1311 Ref C: 2022-06-02T15:15:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1654182957889&url=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&liSync=true&e_ipv6=AQJDXdftIEMaGAAAAYEk_Nea12HpgJqdHZM4_Yqk4GcvwmNKkioOJxOGQdXWVWgAid2KfU6W87CoSETrCsQmvSgMu2tRCg
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgeHup8iuDYbfWEX0lGw==
jot
syndication.twitter.com/i/ Frame 5355 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1654182957936%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22threatpost%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22threatpost%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22318c87e534b24%3A1654034374875%22%2C%22item_ids%22%3A%5B%221530196847679401984%22%5D%2C%22item_details%22%3A%7B%221530196847679401984%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Thu, 02 Jun 2022 15:15:57 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
73199408b044748b9051df30c778bdd8bc1bcbf17e18d674ccef86c8d07f7881
x-transaction
8f6aa1e9e6c2f881
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YP1JLG57CH&gtm=2oe610&_p=1239310541&_z=ccd.tdB&cid=680018976.1654182957&ul=en-us&sr=1600x1200&_s=1&sid=1654182957&sct=1&seg=0&dl=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&dt=Zero-Day%20%27Follina%27%20Bug%20Lays%20Microsoft%20Office%20Open%20to%20Attack%20%7C%20Threatpost&en=page_view&_fv=1&_ss=1&ep.pageType=other&ep.businessType=b2c&ep.siteType=Default&ep.siteClass=Websites&ep.siteLocale=%5BNULL%5D&ep.pageName=websites%20%3E%20zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756&ep.campaign=&ep.acCampaignId=&ep.omnitureVisitorId=86221655327043023532339144544638514881
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YP1JLG57CH&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pFzs4Bqo_normal.jpg
pbs.twimg.com/profile_images/930817201476534272/ Frame 5355 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/930817201476534272/pFzs4Bqo_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC6) /
Resource Hash
4b297de379c8bb71a89e1ac546e383523f34ff536cf69ac8aaac601d64461175
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
age
328900
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
2111
x-response-time
115
surrogate-key
profile_images profile_images/bucket/3 profile_images/930817201476534272
last-modified
Wed, 15 Nov 2017 15:16:09 GMT
server
ECS (amb/6BC6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4f05d7173893110ed3f2bb5b2a496551512354a5a9f52a3b7cf5224accc5ac09
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FTxZpn_akAIKdfz
pbs.twimg.com/media/ Frame 5355 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FTxZpn_akAIKdfz?format=png&name=240x240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBF) /
Resource Hash
a2787e303b11b7bee58f89cf88397dae91631bdae15ec6839602dea000ff714d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
age
352775
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
content-length
38584
x-response-time
261
surrogate-key
media media/bucket/0 media/1530196545043599362
last-modified
Fri, 27 May 2022 14:35:40 GMT
server
ECS (amb/6BBF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
cdbc462749d2d9d01ed9402c1e2a9addbe603629f3bf76077e49d92c1e6287d7
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=*;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-off...
adservice.google.com/ddm/fls/z/ Frame 7C74 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=*;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F
Requested by
Host: 9582686.fls.doubleclick.net
URL: https://9582686.fls.doubleclick.net/activityi;dc_pre=CP_d39yHj_gCFQZBHQkdpk0M8w;src=9582686;type=globalc;cat=globa0;ord=8701680378249;gtm=2od610;auiddc=1008390368.1654182958;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F;u6=;u7=86221655327043023532339144544638514881-680018976.1654182957;u9=_zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack_179756_;~oref=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9582686.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-fe8bb3e-0604ea50.js
tagan.adlightning.com/math-aids-threatpost/ Frame B0FF 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-fe8bb3e-0604ea50.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff8e07213805ed0dd3cab5f58dacffba0671bc484c7fa74d019559a6146da68a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:12:46 GMT
content-encoding
gzip
age
7393
x-cache
Hit from cloudfront
content-length
19442
x-amz-meta-git_commit
fe8bb3e
last-modified
Thu, 02 Jun 2022 13:02:46 GMT
server
AmazonS3
etag
"825486e49fc3b88060a595cef4101f6c"
x-amz-version-id
zp0RV0fYFs86RC3SWUEBLux8TNKWg2VV
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
uUDDCASsV3CPeuE6v118db2oO68bfMNCA0qZXR7eqToAybH2sP0XLA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame B0FF 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
25046683
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
aLni8kAb0adDt8JbsRAaS3lAFiqBelMLMgKXcVOsmq9zROi6uf7DjA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0FF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5Xi31zKslyqz8ZKRPW8KJCskz0ng0VvibHHOxAPx43JdGW83KJvsPPgTSY-McoJ4wetgGGqeh2tylByttEaITc5IBsTqgO44a8oOJEg5LwnG78lc
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame B0FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:11:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame B0FF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:12:32 GMT
l
www.google.com/ads/measurement/ Frame B0FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwzYrByjfrNv1LcEPuKCnbtkkDkueNXynaz0JC3LjtgkTCkOmWWn99ha9JpSpOQ34SyUHYx9A5CJjyr_dk17JbZC_wNA
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0FF 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 15:15:58 GMT
bl-fe8bb3e-0604ea50.js
tagan.adlightning.com/math-aids-threatpost/ Frame F3BA 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-fe8bb3e-0604ea50.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff8e07213805ed0dd3cab5f58dacffba0671bc484c7fa74d019559a6146da68a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:12:46 GMT
content-encoding
gzip
age
7393
x-cache
Hit from cloudfront
content-length
19442
x-amz-meta-git_commit
fe8bb3e
last-modified
Thu, 02 Jun 2022 13:02:46 GMT
server
AmazonS3
etag
"825486e49fc3b88060a595cef4101f6c"
x-amz-version-id
zp0RV0fYFs86RC3SWUEBLux8TNKWg2VV
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ql15ZdCEzzOnw_LG0CyNWugp_uV2Ay4XjAyZbMFBXWTz8ukSXp4aag==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame F3BA 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
25046683
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
YQQEOMt6eoOhKr5TUw6oYX6ZfQTPyv717Kga2ChbH-EDuAvKEvqntA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame F3BA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C40ORIiBINimRCT8JR8FoRcZlKGSMrmA0HAGN8iZbCjf2yGvNncmmj4ER5FX9JoRc4RPtPPSl3TK_VQaR9l7JNGarT9N8qdRpgTgcns7T1phHYJYk
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame F3BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:11:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame F3BA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:12:32 GMT
l
www.google.com/ads/measurement/ Frame F3BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe_TSAbqiO4hiEC8qZp0AN4sL4TaBkPN7AnnaxMdVyl550ABqE3Dwd36v3FHpoZUyQdNX5yjYY2-lUeqYsfIla-LhKCg
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3BA 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 15:15:58 GMT
bl-fe8bb3e-0604ea50.js
tagan.adlightning.com/math-aids-threatpost/ Frame C79C 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-fe8bb3e-0604ea50.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff8e07213805ed0dd3cab5f58dacffba0671bc484c7fa74d019559a6146da68a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:12:46 GMT
content-encoding
gzip
age
7393
x-cache
Hit from cloudfront
content-length
19442
x-amz-meta-git_commit
fe8bb3e
last-modified
Thu, 02 Jun 2022 13:02:46 GMT
server
AmazonS3
etag
"825486e49fc3b88060a595cef4101f6c"
x-amz-version-id
zp0RV0fYFs86RC3SWUEBLux8TNKWg2VV
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-hrbelTh0T_Y8iX3gUFTlW_zZx0_LWjSryECAknIWfcfGw9xLJfi9Q==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame C79C 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
25046683
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ezn5Y4K4Imri6mszlEh6EFcoMKu9X_2mVjn2LyzmQGGTJaXPsSNK1g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame C79C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkJ4mj5FBwvU4xflc_0mH-mkXfRaKalvpgV5RW6-UamazIXm_Ik_oglnKNK8unMG_cnqzRF5zt-M06DvDhGHGjfXQCoov6XAzKSxV1me20twM9haY
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame C79C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:11:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame C79C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:12:32 GMT
l
www.google.com/ads/measurement/ Frame C79C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM1WOv0fQ66W7dNwn4qITkXz0fnzfB4NVkz8eU6YS8JLP4SJ11P630adD7LzlhPQRnPLJLSqQw_hs6gq9dPeL_RmN5JA
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C79C 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 15:15:58 GMT
FTxZpn_akAIKdfz
pbs.twimg.com/media/ Frame 5355 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FTxZpn_akAIKdfz?format=png&name=small
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBF) /
Resource Hash
09bc4d37995ae9ef321e36d5293c560dd2eed3502542cc9ae72a73635580712b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
age
520622
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=3
content-length
208203
x-response-time
250
surrogate-key
media media/bucket/0 media/1530196545043599362
last-modified
Fri, 27 May 2022 14:35:40 GMT
server
ECS (amb/6BBF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
c8052102c498fb06e964032ccec872834f457da52613b7351b31de740fe2261f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sodar
pagead2.googlesyndication.com/pagead/ Frame 66D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052601&jk=742946448091356&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame E808 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 13:56:31 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F082 		499 B
694 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGK2c6skBMAE&v=APEucNWXofNOOOyua0jD2ZnoECGy85Usi6qAKodlfyOdxJh_Ki85NKQwIXymUGmLMvf71csUWE1HuibVkT4HnmUF0Bcu0iOrY_W8E8aNOduDyFWWyjK3Suo
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
237
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B0FF 		56 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwMYjNoj3PmLp7bHXB9DlQzeWRefkBsEluayKXUJnk1ISfquC-g7Mm8CdA3IiNJHeVr3mN07kOZmgjSSV1xSEKfghoMA&cry=1&dbm_d=AKAmf-AIC2egYChAXIs7Fx3KL-e_prd5g1J5x_ekag2JFA_SFG4en741_l157uEq4aRL99I1Ki9zKshMfR9z3PeEr1yGsYUyTKZMZd0RUUjI-ZST-nVdMArDRNv71IFCz8eGbLaR0cYoobfjsl1OzBk1estZRRh473UeH3xTx-xg_yxdayay_036FOBISoISnKtd9LO7vGLGvJ-OiPs2n-9LwwyaKj51gqxOqgiXIbl6WuT-TFOoeL2ksWMf8iE2xezHuUFSwMUzLuBAuIIgayunDxUlkhqa94scXMy7dQWFAWY3gd_9ls8rdLU2XJGKtuvHJxssqSCDw4kgxZWnYezEdAn5-K5REymWTEi3FeYcKF62HT_EuYsQjlMqNV9825tVS_RkxtrHSm7uoRfuYs_fP8QDM3aIZLEIt04kEaS9VpnrZqSA6Bv8OMo-crDBpC8im548RxrZnEhlwJcz1GryVXzq3iNSQgYdHipKTZAFwck0IS8Bv7NiqIynDOMLK7v58dBGnj-pt3qKP76bV1xAJHRd8Eyy_ojG3gjS9YM244xofubAg-TwpQdaCqeS1sndyaSMqcQycNT0909QiEhq6MC9AztuMYWLj9UwjNPDaNC6adyRkHbjEF0u-x58NiIc2kDvFzd5olJwEbVvzV9dORZ6nykNlAPR9R1OiG2NYQNugQ_Yh9KKWn2dimgQc4Q_ZuaBz49A9S-Gyg43d2eZFCB_3ev5UrcO1TsaM391HY4XnSl7elxozK4R-lMtbXP2b-ylz1buoaBAVe0PwDH_UzL8HJCc2s5qhnXVFKGeEg-J9tbZnppqVqkL6s4f_IuWwg2GvYH0joSOjkLbHNE-oAP6BIeXKN3EhgRCWgBF6hadz_4Y3jCLSA42oe6bt01WTB8YkByuTxbj94aF_GYZ6ShBm26h_k5DVe-Czl4gBTtvfkmvVkyR6xAh5w_lB3hfP_stL9D-uZbP_Gn-jhd-0O1ZvXWlkaxaJGZT4lo1ti0LDvIc5sJGcVbNHSf_RZgUu_I5_rg3bFUlD1FwCVXy6yeQfEDiKieuBQ07G2obHuMru7bRojBvUtw0udE_JzH-wr24VbEnYW34_fvO-zGmSj9NSH90yWc5sSa4PkqsihsVMTSSQ6fTt4CsH5IaEUgd1lbGqChJpf_VdkOohP__LcHdFYW0D7kgBMI3Y-yC5Tr1NSwb_mwu4sVWymq5--KYSPRI3-XS0vZ7hnCG-Gn2OQcxvl5OArGaj3IVAiBIRrdjnniB7wniDKsoVk3JutjNEN1Sc1tT7Psng1QsaVTGPJlU1DBhKt0AVoYFvyWB8A7njA-oDVK0tzyNs4eHoHv_IXqRoRdIDsxk5w2MIk_DinjDCdPMbjmbIaEYMaeC3OQFWGfMVkPtlrAPyeq7voJPDb6VRhMtKjCBh1k-RabYbRQhh8FYgs2Ud_hls5ONGMAl3sQ-H57rh5d16tKYAaSyB6mknsoj_18NJXy2y1SGZKO73i7b_bmrSda1QQ4SlSBM5ZuV_dCYNsIY9vpzp0eqvLL3Tqs-AHY3tC2oy7qFpQyQ8894yk_HjNkqLnOe4BcuMTvHrlW4vpAchncIYN-81nwADHMFfCnMfu_fAu5AJtYC1S94edLbFWDozAMjv4rMXzdgGOMDnFykkW0ZrN-BeDW4CuPSjbLfAiei3bs-NHWpN_ADPW1mvMRucZs3QxjRA7OpfsajsNdpF5m54wrPbwXhd3BbznrIfUnFg0Sc049wuZBznYSQPyNSyZTvbz8kTFrCu30ry8nomrArYuqqcVLnHgqGXhlxe-2Q57DNo89WVaHOmWQ7bhuoj51noQB1SsFuVV8aFHPO9ytVaJz6yIC-A0jH_yTGldt29MPHMlkMexCPEydz9LxapqCKX8qIGni8x5lzzt6XCHipCpElYi9YgDyC-oE9gXEo-9ARlICt-3wrwsLm05G_C4jzy2IxB_3sazTXN6RZx9mJ8dTY19XaZPCx4HdyvVPlFs1n9JzcXQwvzOFq2ohLE2PgnaAIEMRS0U2fNjElKbgbfv91X91srkXO2G9zZ701mhzNKxRVeDPVoqhe-DNJ229hQXlz7u5FzZOmnxvdETQGOUnVxdNd-EiwQe7NRtIs29LRRoZepK8gjgZhu2NFVkq4ncDAgV7DIEGGnBaR79dg0v9jOVCSewBcnGYpWYvVXktRCDYoh3wnpqRc1kgfV9atLebeDFmF2x7pT2AKz3czhVpSOMnXU5IR-qRWw9uzhAgUmsl7mXecNGmq0Km-aae9lFsEl0BMLuqw4ou4jvKgqSVbDFgmhCdaeW4fPGo-TaFttR1yRqVaXYY5MoaO9drwZ9rAlZEmvHI_NkKsSXm3X7donlzvIW0Hsn43S9cIjV4V06qB8Xeqc74u-eQxzFKA44e4dQmC7yOEZKjzuOmqz4JqwokKR8c70FCynL7DM_LxPSU7gtCn5b-0Jnkb-75lyvr_HuOGu32bMUoqap5_UJoJ4hhp0DVeVQ-6fxTzo4z2aHX_DhNFNGTD2NJXaD3XARndfeZOqwDMoQjUB8EGGAml9PiisI323Jww_7ae3g8xqlQJDl-LDH-1r864JjlyoGzI7QoEs2p9K8WKKl4ec-EsvUwX4CX28AzNIMIkuoxZPis_ZBgYfHtjavDF7CjkncCd5FFwd5OmwSWcJZ3ZM2qTYrbRg80h1oV441Y2Xqc6S9hYWejOgHke6AQV8RHa6Tr0OgQSQY_ctkSEFsi_ToII6VX5l-14nJfYKBNoiEKQ9q2ZqzoY-Ygerr3fHki1on4x4A_sKb45D580Y9MimI9ojA-knTnJW3L_CKUq_RAUstBvpMG4VE5U1zNV5erYRqTYOBzoFlTGid8qzhUXwKM_sj0iTnwPLUtWx-77EE2Ir64DeiUtSmaBMUG2FK7GDeLQhWYrzZ4rKyXpW-RwkHZ1gmxHE67-2zEHwYSz19fXdSXa_8bVf2_wh5kd6su7vaGSHdntSwxiGLUxqx4TM0khSm7qVuYeiJuxmWtdRvDfwhYXG-Wj09AaCk1ECQ57tXRv8xM58er8NLloS8LHz_cSJ68ThmWkCdUucM29uGe_K_ftSEZarYd-XeYrVu_qHJmFMMl-uI5ldgpIkxyQymmkrm8zh1A4s0HP8oy2npCp80xVPK6O9_PEripWl4-FXO1A3ElcTqdzlZgelnS3lnXqkV9w8Li3&cid=CAASJ-RoeHSjS01VnMYx0L4oiWpw_M_ISZzOC7egUYhi3yFvj8wCVmZvCQ&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
033712b3500fbccc6b3f2f67276f7d7755ed6e0cb5c58edaaf1ea009f410449d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27282
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7093 		632 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJSkgssBMAE&v=APEucNVQBPaQeJUzjZeDDuLcUkTB3Gsl8S8JF0Lbu0kWanqKDFkOMPQmRvK0qFgHi8T3vquoUbzyAb53YKQzGXhkvbZcL8sskMKLqK-CBRegsVAkoYNz0Nw
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C79C 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtpMlrLw4QZ5NmthnqdPUujkDWAVxqvT5gzGH7cHneYuwB2mbCRogLUG4oiO95ZIhoGqNgX0APX_iCEsEAzK4kjuXLgn_54KCJOpXV_bi-5teZ2HBlix9AkBVVVQ3IWH4H4OhtYOGhTkNAAdCQUjojfeXt1A&dbm_d=AKAmf-AWTTYJlmwYomnDfsY-J9HzeCrHEnNV7L5kpEzT6mxT4J7ia9gNm85DU1zjl4z95duTaIAUw5ioMmUycdilylfsJzrpWvrmJ4nWSURrRPYjKVUzcvi9LhWSoP0EdRyWZLHVFxgRZmE9MZBnWy6ASrmWJVGeo0Ui8bHdnRn_IolJl87Iq0bTS5_5rV9g-t9QrwHe8F-6Sl89F_uXJ0c6KIafp5b7fAmAB9YUGay4XtXNFub2xmqDIyeiSjFbEdmz5Vzfdj2P3iuB0imJgqIwoxsqP0TGO-jN88MGqA6tuHzBfvQN1a5ZRrA7BSmpsluy05ih2JiwMu5x3YAG_rbqyRSr8IMcV-XsdRkK39v9rtznXQx5XyeLDIuhqWLp9KbS7BtnwnSA4Kz30wopIUtJYU30M6SaFtnO7-lCoWCMeJ3l28ij8c8vDKFdOxe2ysOgmsEDNud28Wu0YqFBxnySJhFmP-4wWvquGbV8qN7dU8QPQtNm_mrW6ntJu2A8_QODAew7_djhZHnFRwwQNZl2lNw5BoN_fUl50SiCXvnmwsfFcXX_U1P3HTOniViuB3jnWuhDD-eF20ivFtrlCIkGsQNzfpSmdSSvWVhtfrNVcnmnqnqD55HcSCQkgVONS6O-11jBHaduHxm_ZaXA1EXbta3JClgYlt2LoEdLdXh2vaqaHRtiDEWZmiyEbphH4BMjIR7WuUJMxwh-j7eCXYjjLsnm2_buUT4GsNdhxqggcEDuhNPxFq80bqwZb2htM2TZfVqSCjfQAmTfCzLIkB3W09Yw6ZKcKRUuTqDOCbJ9HoP8fjXyBeQlXooS5U1D6IT7u-f3yeOq8HviNAmKcVoFDsrYYIejpW19k0t288bL8cAlCBySPbmOdI710SNW9wpUvLXkmwp92fTVEpUGCVTkJH_bwavFW8merM9X1iTBA-iu7EaY48ZCp2WZqSoHkn9kbm8WMJoa6IfCozTkpgDAql7fREePZPHPyzcpcVuIkCWtVUUNEZXoPiIrUK_RIphMNY8J-YPsswgvFLDZPjJ7Rw91GZYQGhRTysped73HJI50TI9oFvZwITHGlBImOmtNJBKh4AGWdxNf7VRNvtz3SFQF-QD8tz0V8W0MdgYtlSzwJO7PmIFEjjzeGQ2J30JQqYNubD8mSwxmoq_k57ltUDLr0iWkwPrKmkTSkuH8c9g3gVmjhFMCkfOqSYdBV7cvX0cg9GSd830FiDjarYGpaO_u1eWEUlGU1leXVii53--ycFDngtqaVLTJ9bJ6rRnUqjWHCyChumhzTW3AzaHZe11dUYxvuwNSQHDYxJjFHBPohfCQF9EsTnWfNiJ1RMnpR2uXoPe3UE38J56-jlwzlg_TVaIdfV6nPTcNV7OCkPFudYcGF2rbClkJe4QtrepRKtehc733bIlqu-jVBk1HeocjrfK3jRAz_X_8emprbkZtRzb4LM2mQqRV0klQBKA9jeBe6kjasp1rlZVhvwRMTcWroUr_CRl6EgOEW3bCbdEEieViIyHy4-06A2fmqgKxFk_JSKrbqoszApuh8hLpKJMSYVmke_S_ZoJ1F15bhrWhVzB5zL_PjEN3vbk00J76fDNmrTavBRKDDRgZhWOWjpY1G-bUGqfzbyJOEWiyQh2xWXOledhcBW7qW-sGzaEP57FoPSsyOZA462JDONqt6XVVGcQu6F_o2XPF0JbabtZpnURAnlSV4_VEdinXMi4JbPbJVW-w-jaiVDvLCSu_AjIvFEoDBKjuEXY8qN4iB2Kg15bx0XBCmNixqwmm61B63ydTdcfLrkYPCGDXAwe7Y7zcLY00AAxJg1cxwuKgQMBeDqGjBlLYlwY1PAmRbvU5aqk2rKIkqHeb8J3g8sl6gOVtBKH5GqyQ7-5LqcEa53ms2OP-iuYWWY2OEIDci87_ENXCrNsECxfb3Puj6Rg3ZG7WdsS9_MwxBRbyNeir9J1L6XT96ri3C-a2BCcO4DK3asqq3vJHP4KE38MgbpNrbsrVOCaVaIyl-Q4c5FifUKL7t47v-3eEWA7EtuopinuvIuWqguMmJTP_A796ZTBONG7znO-aTRygwVHtevnXPrICCos3J5cw2Q4ojUFQ8Kz34hwY4FX29Igc3qifyVWSXdLXran0HJRL1bODeTpq3QALAywEVA_XHozotGneYFzNnc0PWQSi4-knLX__5GK4Ac9eL3quI1czFDqsikSh9Gyxv1ec6zStDuyVoNwgWwRNZcJHkh7OV0Hu1FWyqy8yftfkZtcuLxBlPeuoCdbCK2NMiRadm4Pclz2uW7NgyPW6ew6c71m9pU_EDakBTWMnXlX7FzHEYBbZsq7y70jXB7n6ZlmCdAh-O3aBMF_Qgy_cm8gYr3S_oHNLeOiIN4zmUu-XoEw4WMcauQ7RaCkMAsdUkluOtVV7hmOBBu4sVjDoI-GRTRmxyoP9jSQzS8lqi91LPGFHLb39LcO-gHTFZfl-kdsNeIS8Jlbr2dKi4t_Ar4YDRH4pdxQUDPnbacFhlNerfWXLGD5M0m4R4ArX0tL6TKks1EO9pu-7D4_MJ4e0PZb8DW2kzcTgVDJEPUA4Amwe6smuR-hc0kIdgRpkDQy7mCXB15R51LRMo76OlO_L8wJvF3YJze8lD6P7hVIHs1leVV-cS1gB7ncSE6neCBNGXFhNEBX0ZAJr2U92Zd8uZUrAXTBM9F9rOV5IY6KQ1-lwY5NVUHQs7gQEvsqX15pRS37JCcL5YPw8E5I32OIOg9G5WV18CCvpuMPyxnporGiFa1lUAZprGNjNcjpclyoqogeIvf9xp9qiorqXBB_tdzTssjfMxztlN6YIW6AJiHd_8iBD5eBtYeaBqvhgjq4SWBaZodRPGjNQC2NUJ6526IQwW_6Odi_l7R8ajAL-wWRg5O_i0ZnM1A5TuwVcBCDWc4KTJ4MR_Msfa-Z7azVTqFRR4Ewv4yvwGx5xKPDI47BOPmJZYle8mOQWFSNXCR_XyVtWJ5VIWQFDay390ytqo5d8IBil5Jjc1Y7nbhOmUVNLB5FbdY-hMv-PGR7JGvZPKa7YNcV43-vGRN5C8XdK1E1B6F2gMt5APlnifLMgBnyDI1vcOshrqFahMIqXtMcxz_zJjhzl-lBufsn5gl8P7bsIkQJJ_tY211mmVOhuQqRKBlsD6C4LKflMh0grY3i_7-mT7n-TWSuYmPalfDsIMiXC9zwS1AynFb8OvOIHuPuBC1bcxw&cid=CAASJ-RoQa96pkhz_djVk6sthWIo9IYQde0_UKozo2AdZGSnmicZcHP_bw&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
695062f732a37600c550c62e7461a4ee20b5ed8d8102e2e253e554a2b7a82569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19090
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s53381854102799
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s53381854102799?AQB=1&ndh=1&pf=1&t=2%2F5%2F2022%2015%3A15%3A58%204%200&mid=86221655327043023532339144544638514881&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=websites%20%3E%20zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756&g=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&cc=USD&ch=websites&server=threatpost.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=other&c3=b2c&v3=websites%20%3E%20zero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756&v9=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&c20=url&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20220601%3A290%3ANextGen%3A%5BNULL%5D&c31=https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=%5BNULL%5D&v57=D%3Dc57&c58=Zero-Day%20%27Follina%27%20Bug%20Lays%20Microsoft%20Office%20Open%20to%20Attack%20%7C%20Threatpost&v71=v1%3APage%20View%3A%5BNULL%5D&v113=86221655327043023532339144544638514881&v116=680018976.1654182957&v125=0.5549567227859533_1654182956350&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
x-content-type-options
nosniff
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 03 Jun 2022 15:15:58 GMT
server
jag
xserver
anedge-df488f754-vtwb6
etag
3552330853958909952-4619429325929766992
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 01 Jun 2022 15:15:58 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D3C1 		462 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGKq16MkBMAE&v=APEucNXc3UnqIEEUCtTq8Ya_IG4N39MPLMiG0RjbvMTCULUvrIU27B_rZdw_aIl3YcEz7UIzUKiS3txYvBMQ58pFMMbwWClpyjwg5jHMxx9HL3RQav4WDsY
Requested by
Host: 31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
URL: https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
232
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:15:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F3BA 		56 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dobiwl-GYhPyOWMVcUSi2XgyzP4jvyEbhiCXHBw0xvSA3OM-7Y3sWZf6AmbvH6y7U6MleuPHojBNlO8S-o1Dg80f1Vbg&cry=1&dbm_d=AKAmf-CRnGkZ34qYQEOHpDa2nbnbatR_SDqMI0NGUYg23Btjnew7ruagAQvjYSCTwOhwkgwzEVf02rrQmmY1zMhiI-SR39KoZwxQGfae8shSVxG122RSwEyWzn9zUa6gavQAtyJbe7nIc1uyAW4T0RePDVDQsN2_IG-30FPZTRv6q4oPtcX06HbsSFyar7AJO3wBt9_Gg4R4A8vlNOf7Q7gNNGmQFs2bcVVBhj_6P_r5Vaczxx4WfkeIGrwDshlmoJiA_Vv6CYeO88qFIv9T0DxdXnAiKmnEKNfpRDOd9_SP5GcVDkR0LicyLkXEioTTAgaKuT72pwMsSbIAxwtJag5kTlcQgucbpIvHss8MhqoRNdInWJsPXFF_CV-4CV2Q-lyHN_12oZbc85v887XQgVMjuCCYKKVZbFFVANospnRq7cG883ruQCoVcf21NQj8yF35XHYq7ddeDyVU9XDhWrXsihvxBZDWgFvlrGVQ5d_q8FIAaZVnrMZ7GatLOTFpnXwb9t5SjPx6txyP7m93Uv0WNaEl9tO4xveAJvM1IftKP_t0WSbq3xuEj-LwNZUbMoYqAUfzHa3zQ6MP7O3BwXSkuMK1hFyD_NRw1ZZWSVJSD9Cyb9gycyzeYV8mphhYDXmhcZL2bjK7DMks4o0ELBDPrKwdwm1TOEz_dZsdu_SoUiOuq9SZmrBJ1D9kz888-bWOCzncUlNk3vFklwFpVYBZZyRjN8QoFz_l1VD85HVxodsBVxV9sQGDYV1e0VqGQD3SdTggRVTk3xaZF8AGpoI8hpsHD05MnGFkO5p7M1nEWPatQZrk_dLuBAhr0sKtsalyUTEXMXVdJ5w1mSIK46rp0vz11c69h9DuDMZE21_33zey0hERtErp3ob1kboSgxLVfRhqxinwdqZ_Xohxq-V5TkHpPC8lufcQnnHAafnDdHGCr_UBaojdxYlmgDObZ83ST4GlG7kJPcPdkYsF3XTayYh8z9cSjNFG1XPt0Qgt-jrAhhtpARAqfHgyKpM-z2Q0uupWJCNQ0WggSnjdJCJrmVK-KlPA9AtD5qI0jrMPQFSr4kxsvUF4ZoNaFrzNFDtgJgaCb8UeesDrSvNX4st5xpcir9pEUYO_gDjYyrzliuSB4NfJYTE85HeL1akg8gDLw3LUDNkoxy-PJHuBIriJRHT9Kr68_240E1HcLg0S1HxwBVQsHpKgYwW1il4Z7EiQqtePJ8yjGtnVkgUVyqztb5OZUC3LHeP-AHbLEzK1o4jXqrGgRlQhhjPxSG3Rh08fitSCQVEjpmE-vW_OWj8ObyCavQVPRAzzPuo9r-Zfh0VlFninDDRPsXXvl8ez3eyTEgR4MneOqoz04WTegWGcvNyXX56fRYK09nHNXn6qKIsrgVbHlU-k7xJWHUSRVxOf91C9KUbJozOCDeoqdwbzooJoUttk6fl-sLRQVukmSsV5QGMcJyHeuQO32OXUWSuMFFo8qEhIltRRtR_pZVG_78FA1jkQANVMmq3i3fEkAMR80e6al-iHE_yqEBgPFkKneNhz-RUx6DLIzqG51CypNdu781Ol6NDP16_HXHV5dOlFar3zN_I4qB4By_nedzyGZz1JToxZRRtaTCD-D48tb_OvtRuYjka_IrJlr9_L9_4pnOQiSN1DBE2F0WOsyNArJ34ZGEsRAtE3zjUdlsCVqoypyJCOjuYb1w-QAsv2qNw5j-qYHmJzOPnAL01fVPlsJWQJQNI7OILy5IEa7nHXoE1h-CVtfxT3GwSqUbS0OEhjXZWX9XwiztYLMarYPtD-Ce0u2uAvh14PnC22sB2LSdsaqYTQ9EqLqtrLRBv4NT394U1GNZ3v6xrj3nqvAkW65rd0k0KptlpKC4G6p1EdYkil4CaRjAIB6gmYzONlsQDuTdi7hZTdZLAXKIQ1jAa97cYbEEIusVvTIzURArkX6E_4PqRMYQnzOAh7Ob3TjHw4tcjD5KtaZUjjyKYhOArgPLtEP_RjsOn3LcxRRTX02v-ZWBWB9nWYiMYi1bKha3s3hPvQZNYiixhJVjanSu8oMgz2BPtlqEsVnkrslwg6-RRaZpGisuJnUQECEeGVBEpXkAuxuos8ja3Yz3NmG618nkqVz9uZVEy_cFd0tYRKJ1h7cz7C3-SSEhq13JylmJzEWD4fKo-FEZOS6GD9VWcS0gBzhvksZtQu65SApSKESSO6mi13ZdWiDvcsuGxepwv6Mae8SaEN4Bv-ipmyPg2QP5Z0Gihg2kmVU6cb6HR_yj2ejYv0t0yYhFkCAHNUuPEmHkfpQcOEK2MTuuA7QrGCuWLhhPZb3yjXx8q-TTIFx3AdSyyeokm5E86Jflcz9AGxr5uuO-FzxhSFdEL7QCKdgB5d4_ADkL4ZzyJLvA2A7LQkwdr1rIFtwNP97PQzPfuXVzSlKRf40tooka9J_UnVzYXW1c4UCYHhnlb9uI46E_h16GLwLBNHQKErkJ-fZslSiZk1TbToPqgL7EcuZSsmz3RRPs7qI09_PpHT2TeORPJz8MHg7_RWv-FNP3IQ4ZDZgKsTUNOD663uZlvEY5upKGUmyUD8EO-xaSlq4F7Lu3jHEm6WtgDGkfbjolsWTjYyKXBGaHbBjadQmitvYrGSdUGoiKNrKEudeoHpsl8BToR1Vwi_LV3a2YihZi6OK05EErumBr1eiGyXP5xfK13Dl4P3jttf3KRLM-2fjTI_NgFBnRbt-geWmr4dpmwIWMdkHbHRmcTqbDkcjQLhWcittXAiXWhBjTlCULrdduu78zI70QnEeUFJfQF_WyLTUECC6oJ9Fxy9tU0jfPzuJhJsVy8zRooDz8zKDySOqe0uxPi4Bs3LZV_CVBj0futqoghoO_mQb7xBR4nQN6E7YUZakNhFGn4S_CQUD0MrK0E1rHDVeBYAyaBck1-xtbhqF5LPQMEIczpx4wLVBnrJCrp_2qECYXm4apzFOx3Pv7PEnOvE12ildHWlfNMqWyFIlFFe1OVLAPWKUu7TT1Orn4rRchk--9ehN46bu3jbetBQMEyhCiNGOb37IRVi3IAR6S65yHmxGa8orEei1CKsJH5EQ_IDGJU8Tu5SkZQ8ZpvLOIMFetyLYrBIegA9F9nvATfg5GXk7u0QrqulvJ8dqiBWAKV-1p5bVxf_dHYmqMtqjeusF46ux-HuNa3_ueuzaFoAG98_gM80COJa9CcgrP1I4Ohlrr97&cid=CAASJ-RoSTqSSY0reWCOU2q99Yw3gs0LF1ogL3ZvdrP82Rk4chX-OwK03g&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9413c6849c58c75e5b6dd97574a052413890e40821049a04d0ddfd22b4ce4f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F082 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGK2c6skBMAE&v=APEucNWXofNOOOyua0jD2ZnoECGy85Usi6qAKodlfyOdxJh_Ki85NKQwIXymUGmLMvf71csUWE1HuibVkT4HnmUF0Bcu0iOrY_W8E8aNOduDyFWWyjK3Suo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F082
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGK2c6skBMAE&v=APEucNWXofNOOOyua0jD2ZnoECGy85Usi6qAKodlfyOdxJh_Ki85NKQwIXymUGmLMvf71csUWE1HuibVkT4HnmUF0Bcu0iOrY_W8E8aNOduDyFWWyjK3Suo
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Jun 2022 15:15:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F082
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpjUL1tre8NDckVAtP7hBAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGK2c6skBMAE&v=APEucNWXofNOOOyua0jD2ZnoECGy85Usi6qAKodlfyOdxJh_Ki85NKQwIXymUGmLMvf71csUWE1HuibVkT4HnmUF0Bcu0iOrY_W8E8aNOduDyFWWyjK3Suo
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 02 Jun 2022 15:15:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPz1VsbIkBsCKQ_RtNAparI&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sv
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:15:58 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
setuid
ib.adnxs.com/ Frame 7093
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBGTmPv-gBZubHNx-EAI2UM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBGTmPv-gBZubHNx-EAI2UM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJSkgssBMAE&v=APEucNVQBPaQeJUzjZeDDuLcUkTB3Gsl8S8JF0Lbu0kWanqKDFkOMPQmRvK0qFgHi8T3vquoUbzyAb53YKQzGXhkvbZcL8sskMKLqK-CBRegsVAkoYNz0Nw
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:59 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a7ce9dcd-e3a4-4e5b-b9bf-fd7c102f5bba
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBGTmPv-gBZubHNx-EAI2UM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7093
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU5MDYyMjE4MTk5MDgxODQ0Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU5MDYyMjE4MTk5MDgxODQ0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJSkgssBMAE&v=APEucNVQBPaQeJUzjZeDDuLcUkTB3Gsl8S8JF0Lbu0kWanqKDFkOMPQmRvK0qFgHi8T3vquoUbzyAb53YKQzGXhkvbZcL8sskMKLqK-CBRegsVAkoYNz0Nw
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:15:59 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bb35f252-ae78-4fb3-9938-901027d88a58
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU5MDYyMjE4MTk5MDgxODQ0Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7093
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJSkgssBMAE&v=APEucNVQBPaQeJUzjZeDDuLcUkTB3Gsl8S8JF0Lbu0kWanqKDFkOMPQmRvK0qFgHi8T3vquoUbzyAb53YKQzGXhkvbZcL8sskMKLqK-CBRegsVAkoYNz0Nw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7093
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmIzN2YwMWUtMjM2ZC02NmExLTViNTctMzc4ZjM0NzJjNTZi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmIzN2YwMWUtMjM2ZC02NmExLTViNTctMzc4ZjM0NzJjNTZi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJSkgssBMAE&v=APEucNVQBPaQeJUzjZeDDuLcUkTB3Gsl8S8JF0Lbu0kWanqKDFkOMPQmRvK0qFgHi8T3vquoUbzyAb53YKQzGXhkvbZcL8sskMKLqK-CBRegsVAkoYNz0Nw
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmIzN2YwMWUtMjM2ZC02NmExLTViNTctMzc4ZjM0NzJjNTZi
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame D3C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEMR7qKe66sho-v7MdKCkt1c&google_cver=1&gdpr=0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMR7qKe66sho-v7MdKCkt1c&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGKq16MkBMAE&v=APEucNXc3UnqIEEUCtTq8Ya_IG4N39MPLMiG0RjbvMTCULUvrIU27B_rZdw_aIl3YcEz7UIzUKiS3txYvBMQ58pFMMbwWClpyjwg5jHMxx9HL3RQav4WDsY
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 02 Jun 2022 15:15:59 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEMR7qKe66sho-v7MdKCkt1c&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D3C1 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGKq16MkBMAE&v=APEucNXc3UnqIEEUCtTq8Ya_IG4N39MPLMiG0RjbvMTCULUvrIU27B_rZdw_aIl3YcEz7UIzUKiS3txYvBMQ58pFMMbwWClpyjwg5jHMxx9HL3RQav4WDsY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 02 Jun 2022 15:15:59 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
sync
partners.tremorhub.com/ Frame D3C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEAqUGADlirk6cwWYrpfHDzw&google_cver=1&gdpr=0
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEAqUGADlirk6cwWYrpfHDzw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMr9xPwCEOXgtpkDGKq16MkBMAE&v=APEucNXc3UnqIEEUCtTq8Ya_IG4N39MPLMiG0RjbvMTCULUvrIU27B_rZdw_aIl3YcEz7UIzUKiS3txYvBMQ58pFMMbwWClpyjwg5jHMxx9HL3RQav4WDsY
Protocol
H2
Server
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEAqUGADlirk6cwWYrpfHDzw&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame B0FF 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10539
x-xss-protection
0
server
cafe
etag
1532328290632562463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:14:19 GMT
8036028958285507088
s0.2mdn.net/simgad/ Frame B0FF 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8036028958285507088
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbd13ef8e15fe3a2864b71c31c00edf5c3bbf0bff120febfdc53ff1593395cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 12:34:19 GMT
x-content-type-options
nosniff
age
268900
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166968
x-xss-protection
0
last-modified
Thu, 05 May 2022 11:43:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 May 2023 12:34:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame B0FF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:15:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B0FF 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIqAtKUccCZyCNjG0mhYPCQ5hrcI5CwR3Pu_voucw6NVryVq90lu6JAvb7a115NkD88bZYgINOeOHjNOXc7_YoFVk_BuUoDd2ZEPasg4J7jGzb3IigsKfFJ9-Me-NVx3IR0Y9k3wX1cpGVShdLPa6wivkttz1xDiHudec_gogUs6274ZNSLsMUz4oCVy1VXBXpSSMkONhMBeGvc0YzTSEBlj9mD4c_w7ZIpnYHYBzNSkZRyw8jC7OEDuWn6o7x0B-nW3GpB9QA31IJQTQ6VtbaVDT3pm7nytE18scQ3spVHDmp-bsczGqdvwaMPlUhc7S5gbtWP0DD7A1Fa96LSoXBcNsBwiHemx2MBUbez6pUZpJRUx9EZw9qqpKQAA8kg6W4d3ZoWAiY7ysAdvN51kep8BsPoxJgrBRkaa-MOKW5YGjmjqjsEDmH4-6P-l-kWhDW9ziywFCGUsVPP7mfo5hW6J54XHvXlhahPiLZSyA6j1F3g8gBYuA-FdDnklntuivAC3-LQGTbHHY1XEIGHElWVvcYwVnBVmwrRy3U1LATDVmcMXjZuDLX5IBtBf2jxyqCMD9qgHdNYaky8vSRQJ9NbQ-3ZqPUpnPyuSHcLmGYF8Qvn87hvyi5eYznrNANju1l2b1mXJ4ntn-KlZ_GOg0PMhfQ4Uqe01XqmuBv6ofFpBLXyYFn9GgzySa_WsiD4ZbSZOoFRCLdoAuNTLA-6-XK31tRUuUpGk4gBxc5zPFBuPPC1aw7zFMnAwEzKwVfiCrairAQeKA-rnKj5CDVQoXPuCyHU6-e41dQb4Vq_0P1ACoEPvb1gfxahytcah5C_U_naqGf42G0lap6aJGC73sS2IOVtNkdTkwJhCaBidrVFi33LP6eTE38EaaK8AqwnDMfpTZEAhPwqdcLBn1LvAbkWwwGIoFkVUZOldgqo-OtCDsOcpd0_YoeZCP6M9mDlqAfxV9CUn4LzaON3YlND9IxOejY5pjqCS0FqA-aOMq8EPr84b5afgOLgKokBpKZYeBh_DVWVGaaCcpaA5_rgXTazIl-Pb97qSPzM5hhXDIUzZ-lrvp1P5XwGktQPewkDW8sYWlzGappRLhbK2VHJMj5EKJeU5ZxRAPJ9naau7bH0_m6R_CFc88zf1OS_yUn2mc&sai=AMfl-YTsh90b9bnUjr9ScOKCmEQeW0ql1v0o9bk-9LPWakvuQ4f4y6RerC-5hHRfz2L8OAHTqShxg4asEnOi6hF0qroDLMYB_SJne3XNsy287WYX2FOnoi0Vrvu1L4C8Dgw_LTRghMJp1C7JFwEI59qFT87zcGZhJI0xCtdDF1UW9W5Zjxj4un6J744YJX-6X2s8JaDDgXZkK_fQu3moKPqAqmzDl2xs1As&sig=Cg0ArKJSzGgNxEr1vj7AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220531.13509&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwMYjNoj3PmLp7bHXB9DlQzeWRefkBsEluayKXUJnk1ISfquC-g7Mm8CdA3IiNJHeVr3mN07kOZmgjSSV1xSEKfghoMA&cry=1&dbm_d=AKAmf-AIC2egYChAXIs7Fx3KL-e_prd5g1J5x_ekag2JFA_SFG4en741_l157uEq4aRL99I1Ki9zKshMfR9z3PeEr1yGsYUyTKZMZd0RUUjI-ZST-nVdMArDRNv71IFCz8eGbLaR0cYoobfjsl1OzBk1estZRRh473UeH3xTx-xg_yxdayay_036FOBISoISnKtd9LO7vGLGvJ-OiPs2n-9LwwyaKj51gqxOqgiXIbl6WuT-TFOoeL2ksWMf8iE2xezHuUFSwMUzLuBAuIIgayunDxUlkhqa94scXMy7dQWFAWY3gd_9ls8rdLU2XJGKtuvHJxssqSCDw4kgxZWnYezEdAn5-K5REymWTEi3FeYcKF62HT_EuYsQjlMqNV9825tVS_RkxtrHSm7uoRfuYs_fP8QDM3aIZLEIt04kEaS9VpnrZqSA6Bv8OMo-crDBpC8im548RxrZnEhlwJcz1GryVXzq3iNSQgYdHipKTZAFwck0IS8Bv7NiqIynDOMLK7v58dBGnj-pt3qKP76bV1xAJHRd8Eyy_ojG3gjS9YM244xofubAg-TwpQdaCqeS1sndyaSMqcQycNT0909QiEhq6MC9AztuMYWLj9UwjNPDaNC6adyRkHbjEF0u-x58NiIc2kDvFzd5olJwEbVvzV9dORZ6nykNlAPR9R1OiG2NYQNugQ_Yh9KKWn2dimgQc4Q_ZuaBz49A9S-Gyg43d2eZFCB_3ev5UrcO1TsaM391HY4XnSl7elxozK4R-lMtbXP2b-ylz1buoaBAVe0PwDH_UzL8HJCc2s5qhnXVFKGeEg-J9tbZnppqVqkL6s4f_IuWwg2GvYH0joSOjkLbHNE-oAP6BIeXKN3EhgRCWgBF6hadz_4Y3jCLSA42oe6bt01WTB8YkByuTxbj94aF_GYZ6ShBm26h_k5DVe-Czl4gBTtvfkmvVkyR6xAh5w_lB3hfP_stL9D-uZbP_Gn-jhd-0O1ZvXWlkaxaJGZT4lo1ti0LDvIc5sJGcVbNHSf_RZgUu_I5_rg3bFUlD1FwCVXy6yeQfEDiKieuBQ07G2obHuMru7bRojBvUtw0udE_JzH-wr24VbEnYW34_fvO-zGmSj9NSH90yWc5sSa4PkqsihsVMTSSQ6fTt4CsH5IaEUgd1lbGqChJpf_VdkOohP__LcHdFYW0D7kgBMI3Y-yC5Tr1NSwb_mwu4sVWymq5--KYSPRI3-XS0vZ7hnCG-Gn2OQcxvl5OArGaj3IVAiBIRrdjnniB7wniDKsoVk3JutjNEN1Sc1tT7Psng1QsaVTGPJlU1DBhKt0AVoYFvyWB8A7njA-oDVK0tzyNs4eHoHv_IXqRoRdIDsxk5w2MIk_DinjDCdPMbjmbIaEYMaeC3OQFWGfMVkPtlrAPyeq7voJPDb6VRhMtKjCBh1k-RabYbRQhh8FYgs2Ud_hls5ONGMAl3sQ-H57rh5d16tKYAaSyB6mknsoj_18NJXy2y1SGZKO73i7b_bmrSda1QQ4SlSBM5ZuV_dCYNsIY9vpzp0eqvLL3Tqs-AHY3tC2oy7qFpQyQ8894yk_HjNkqLnOe4BcuMTvHrlW4vpAchncIYN-81nwADHMFfCnMfu_fAu5AJtYC1S94edLbFWDozAMjv4rMXzdgGOMDnFykkW0ZrN-BeDW4CuPSjbLfAiei3bs-NHWpN_ADPW1mvMRucZs3QxjRA7OpfsajsNdpF5m54wrPbwXhd3BbznrIfUnFg0Sc049wuZBznYSQPyNSyZTvbz8kTFrCu30ry8nomrArYuqqcVLnHgqGXhlxe-2Q57DNo89WVaHOmWQ7bhuoj51noQB1SsFuVV8aFHPO9ytVaJz6yIC-A0jH_yTGldt29MPHMlkMexCPEydz9LxapqCKX8qIGni8x5lzzt6XCHipCpElYi9YgDyC-oE9gXEo-9ARlICt-3wrwsLm05G_C4jzy2IxB_3sazTXN6RZx9mJ8dTY19XaZPCx4HdyvVPlFs1n9JzcXQwvzOFq2ohLE2PgnaAIEMRS0U2fNjElKbgbfv91X91srkXO2G9zZ701mhzNKxRVeDPVoqhe-DNJ229hQXlz7u5FzZOmnxvdETQGOUnVxdNd-EiwQe7NRtIs29LRRoZepK8gjgZhu2NFVkq4ncDAgV7DIEGGnBaR79dg0v9jOVCSewBcnGYpWYvVXktRCDYoh3wnpqRc1kgfV9atLebeDFmF2x7pT2AKz3czhVpSOMnXU5IR-qRWw9uzhAgUmsl7mXecNGmq0Km-aae9lFsEl0BMLuqw4ou4jvKgqSVbDFgmhCdaeW4fPGo-TaFttR1yRqVaXYY5MoaO9drwZ9rAlZEmvHI_NkKsSXm3X7donlzvIW0Hsn43S9cIjV4V06qB8Xeqc74u-eQxzFKA44e4dQmC7yOEZKjzuOmqz4JqwokKR8c70FCynL7DM_LxPSU7gtCn5b-0Jnkb-75lyvr_HuOGu32bMUoqap5_UJoJ4hhp0DVeVQ-6fxTzo4z2aHX_DhNFNGTD2NJXaD3XARndfeZOqwDMoQjUB8EGGAml9PiisI323Jww_7ae3g8xqlQJDl-LDH-1r864JjlyoGzI7QoEs2p9K8WKKl4ec-EsvUwX4CX28AzNIMIkuoxZPis_ZBgYfHtjavDF7CjkncCd5FFwd5OmwSWcJZ3ZM2qTYrbRg80h1oV441Y2Xqc6S9hYWejOgHke6AQV8RHa6Tr0OgQSQY_ctkSEFsi_ToII6VX5l-14nJfYKBNoiEKQ9q2ZqzoY-Ygerr3fHki1on4x4A_sKb45D580Y9MimI9ojA-knTnJW3L_CKUq_RAUstBvpMG4VE5U1zNV5erYRqTYOBzoFlTGid8qzhUXwKM_sj0iTnwPLUtWx-77EE2Ir64DeiUtSmaBMUG2FK7GDeLQhWYrzZ4rKyXpW-RwkHZ1gmxHE67-2zEHwYSz19fXdSXa_8bVf2_wh5kd6su7vaGSHdntSwxiGLUxqx4TM0khSm7qVuYeiJuxmWtdRvDfwhYXG-Wj09AaCk1ECQ57tXRv8xM58er8NLloS8LHz_cSJ68ThmWkCdUucM29uGe_K_ftSEZarYd-XeYrVu_qHJmFMMl-uI5ldgpIkxyQymmkrm8zh1A4s0HP8oy2npCp80xVPK6O9_PEripWl4-FXO1A3ElcTqdzlZgelnS3lnXqkV9w8Li3&cid=CAASJ-RoeHSjS01VnMYx0L4oiWpw_M_ISZzOC7egUYhi3yFvj8wCVmZvCQ&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 02 Jun 2022 15:15:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B0FF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 04:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 04:50:03 GMT
jot
syndication.twitter.com/i/ Frame 5355 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1654182959066%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthreatpost.com%2Fzero-day-follina-bug-lays-older-microsoft-office-versions-open-to-attack%2F179756%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22threatpost%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22threatpost%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22318c87e534b24%3A1654034374875%22%2C%22item_ids%22%3A%5B%221530196847679401984%22%5D%2C%22item_details%22%3A%7B%221530196847679401984%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1959%7D&dnt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Thu, 02 Jun 2022 15:15:59 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
73199408b044748b9051df30c778bdd8bc1bcbf17e18d674ccef86c8d07f7881
x-transaction
e0881febedb41b56
expires
Tue, 31 Mar 1981 05:00:00 GMT
index.html
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		170 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7f56f0076a0b9d476c370c56306047595d6a2056a4cab70197d11f7acb594242

Request headers

Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=86400
content-encoding
gzip
content-length
37805
content-type
text/html
date
Thu, 02 Jun 2022 15:15:59 GMT
etag
W/"628b3e2e-2a6dc"
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
x-hw
1654182959.cds077.lo4.hn,1654182959.cds210.lo4.c
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame C79C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10539
x-xss-protection
0
server
cafe
etag
1532328290632562463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:14:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame C79C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:15:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C79C 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyIQhBs_4Y-HN0pTz-ngrS1k1ynBtCjUIjWYCGWNVMrN6VplxQPhXieGAMylICePeFYUTAnS-cawzd9iZrw7IiHaO7r8ZPLDnQLdOU7UaGu4mPmu4EOMZ5DOwEzfwWJRS1cBOoZmUtmhAoF9bSIPnjx1n6A0c76bTBm2YpJ4_2wG_-ymbABU4c18l_vFieyA98ACc0gLDjM3E7mC4LwFU7RPGF4Hw9a5Kz3Lyf3qosoiSyZNVbB5GWYmZEGt-U-vq3OdbOGgobB2A7JtqSgWNYjjmprenLgCauOHzA5P7XiljMgA1mtSiJNaHswK2vzRaeqp6KIj5hvyQyNy1hj9orAeBIroOwcrl1oFjYBuSwwjwvpXBraj5Evu5FX02r0ZE_Ti98shSo84p4QlsaqJNHAOK_ltJkepBX-E8bjjw75qymO5jZBorpJ5dH6q4FVZNbxkEIEzwMJOMjEQCHgplz0creJN9OYpSGGcVjM5U5PT6mEqGwnWE3aeUXm2uHiVT78w3Zl0AH9m75gpq3uDyawA4PsAvuAIau69XJGTlig1GhiF5Qh2CI2o_rutF-mM54KdqEBO6A6iYr-sQ5dZhG0GQ4lNPqlhU7Zw3qelPUoDxDVhB-GskA250f_qVEBMokhmckFq9CkP-Y3dKbMLPV6WSER7LXfdcDiIz9UYnglcV0ZNdoG4OnxFqKnZ-BBo-2jywE0zPa4QX7Uj3_rwS0c3HWM5yRkNBlEjkyxVPz_8OEvW5Zp3gBQ71IGWEZdlSImtya2D0rLtx1Vz0kyHwFhRA8ocl3Sha7ab__ZUn5wiHLHlqxaTIqdNGGkJQgh8fmfX6QCBGNgGZsA372Um8aTTRBhu1YouSGxdmAA39ZUjtGE99_Y7qeZe4IFEVetwwwkYWxGTqSX3vNPVovHr4dS0HiuySFc2FT4U7JRnLmfLV3G83Uaaza9uYKQ_UpCwNuWE99WdyYXBT1PgzKW3OJQc16B2WYxKzyYH8pResZfBm0-qz9vsolY4-j_0tseA71PVvXiaAwO3bZ-NeaM7jJXU9zt47uROwmTEVOXJrNgcM_aGPgYoWdVV3mB_yZ6D3EPGyGyPFxN2UHt7U3OC_88kgBJBRkRYyHV28VcyOuLyjcQGxdQoc2eIM3q-Z6Lw34z0OgTr7pHt3AJQX7A0FtA5DNSjShpg4wzC-r6Z5MgLP8BLA1TfF-TnC_OxcoVQ&sai=AMfl-YQjgz8jQcGYSxGUmN6eY-FqkACYkQLFzKhui-DUDkSNfH2tmluXcMPPabGzQGX1y_y-ugOSuwhPu4K6KfSgBJF_8fvURbVTlYSnNBKZKlzTIUso8LjBNOs6mOSkpRaEgoYRnOLQ7LZJPtVMbFZo9bFQkf6snhhY2VcwNT4m225ZFbMvE9bzYwt5W8UO2XHnrR8IW7baLYSDZ-S40twHcL_aQr_bVhM&sig=Cg0ArKJSzFqW1bA9QXVrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=2&dett=2&cstd=0&cisv=r20220531.14559&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtpMlrLw4QZ5NmthnqdPUujkDWAVxqvT5gzGH7cHneYuwB2mbCRogLUG4oiO95ZIhoGqNgX0APX_iCEsEAzK4kjuXLgn_54KCJOpXV_bi-5teZ2HBlix9AkBVVVQ3IWH4H4OhtYOGhTkNAAdCQUjojfeXt1A&dbm_d=AKAmf-AWTTYJlmwYomnDfsY-J9HzeCrHEnNV7L5kpEzT6mxT4J7ia9gNm85DU1zjl4z95duTaIAUw5ioMmUycdilylfsJzrpWvrmJ4nWSURrRPYjKVUzcvi9LhWSoP0EdRyWZLHVFxgRZmE9MZBnWy6ASrmWJVGeo0Ui8bHdnRn_IolJl87Iq0bTS5_5rV9g-t9QrwHe8F-6Sl89F_uXJ0c6KIafp5b7fAmAB9YUGay4XtXNFub2xmqDIyeiSjFbEdmz5Vzfdj2P3iuB0imJgqIwoxsqP0TGO-jN88MGqA6tuHzBfvQN1a5ZRrA7BSmpsluy05ih2JiwMu5x3YAG_rbqyRSr8IMcV-XsdRkK39v9rtznXQx5XyeLDIuhqWLp9KbS7BtnwnSA4Kz30wopIUtJYU30M6SaFtnO7-lCoWCMeJ3l28ij8c8vDKFdOxe2ysOgmsEDNud28Wu0YqFBxnySJhFmP-4wWvquGbV8qN7dU8QPQtNm_mrW6ntJu2A8_QODAew7_djhZHnFRwwQNZl2lNw5BoN_fUl50SiCXvnmwsfFcXX_U1P3HTOniViuB3jnWuhDD-eF20ivFtrlCIkGsQNzfpSmdSSvWVhtfrNVcnmnqnqD55HcSCQkgVONS6O-11jBHaduHxm_ZaXA1EXbta3JClgYlt2LoEdLdXh2vaqaHRtiDEWZmiyEbphH4BMjIR7WuUJMxwh-j7eCXYjjLsnm2_buUT4GsNdhxqggcEDuhNPxFq80bqwZb2htM2TZfVqSCjfQAmTfCzLIkB3W09Yw6ZKcKRUuTqDOCbJ9HoP8fjXyBeQlXooS5U1D6IT7u-f3yeOq8HviNAmKcVoFDsrYYIejpW19k0t288bL8cAlCBySPbmOdI710SNW9wpUvLXkmwp92fTVEpUGCVTkJH_bwavFW8merM9X1iTBA-iu7EaY48ZCp2WZqSoHkn9kbm8WMJoa6IfCozTkpgDAql7fREePZPHPyzcpcVuIkCWtVUUNEZXoPiIrUK_RIphMNY8J-YPsswgvFLDZPjJ7Rw91GZYQGhRTysped73HJI50TI9oFvZwITHGlBImOmtNJBKh4AGWdxNf7VRNvtz3SFQF-QD8tz0V8W0MdgYtlSzwJO7PmIFEjjzeGQ2J30JQqYNubD8mSwxmoq_k57ltUDLr0iWkwPrKmkTSkuH8c9g3gVmjhFMCkfOqSYdBV7cvX0cg9GSd830FiDjarYGpaO_u1eWEUlGU1leXVii53--ycFDngtqaVLTJ9bJ6rRnUqjWHCyChumhzTW3AzaHZe11dUYxvuwNSQHDYxJjFHBPohfCQF9EsTnWfNiJ1RMnpR2uXoPe3UE38J56-jlwzlg_TVaIdfV6nPTcNV7OCkPFudYcGF2rbClkJe4QtrepRKtehc733bIlqu-jVBk1HeocjrfK3jRAz_X_8emprbkZtRzb4LM2mQqRV0klQBKA9jeBe6kjasp1rlZVhvwRMTcWroUr_CRl6EgOEW3bCbdEEieViIyHy4-06A2fmqgKxFk_JSKrbqoszApuh8hLpKJMSYVmke_S_ZoJ1F15bhrWhVzB5zL_PjEN3vbk00J76fDNmrTavBRKDDRgZhWOWjpY1G-bUGqfzbyJOEWiyQh2xWXOledhcBW7qW-sGzaEP57FoPSsyOZA462JDONqt6XVVGcQu6F_o2XPF0JbabtZpnURAnlSV4_VEdinXMi4JbPbJVW-w-jaiVDvLCSu_AjIvFEoDBKjuEXY8qN4iB2Kg15bx0XBCmNixqwmm61B63ydTdcfLrkYPCGDXAwe7Y7zcLY00AAxJg1cxwuKgQMBeDqGjBlLYlwY1PAmRbvU5aqk2rKIkqHeb8J3g8sl6gOVtBKH5GqyQ7-5LqcEa53ms2OP-iuYWWY2OEIDci87_ENXCrNsECxfb3Puj6Rg3ZG7WdsS9_MwxBRbyNeir9J1L6XT96ri3C-a2BCcO4DK3asqq3vJHP4KE38MgbpNrbsrVOCaVaIyl-Q4c5FifUKL7t47v-3eEWA7EtuopinuvIuWqguMmJTP_A796ZTBONG7znO-aTRygwVHtevnXPrICCos3J5cw2Q4ojUFQ8Kz34hwY4FX29Igc3qifyVWSXdLXran0HJRL1bODeTpq3QALAywEVA_XHozotGneYFzNnc0PWQSi4-knLX__5GK4Ac9eL3quI1czFDqsikSh9Gyxv1ec6zStDuyVoNwgWwRNZcJHkh7OV0Hu1FWyqy8yftfkZtcuLxBlPeuoCdbCK2NMiRadm4Pclz2uW7NgyPW6ew6c71m9pU_EDakBTWMnXlX7FzHEYBbZsq7y70jXB7n6ZlmCdAh-O3aBMF_Qgy_cm8gYr3S_oHNLeOiIN4zmUu-XoEw4WMcauQ7RaCkMAsdUkluOtVV7hmOBBu4sVjDoI-GRTRmxyoP9jSQzS8lqi91LPGFHLb39LcO-gHTFZfl-kdsNeIS8Jlbr2dKi4t_Ar4YDRH4pdxQUDPnbacFhlNerfWXLGD5M0m4R4ArX0tL6TKks1EO9pu-7D4_MJ4e0PZb8DW2kzcTgVDJEPUA4Amwe6smuR-hc0kIdgRpkDQy7mCXB15R51LRMo76OlO_L8wJvF3YJze8lD6P7hVIHs1leVV-cS1gB7ncSE6neCBNGXFhNEBX0ZAJr2U92Zd8uZUrAXTBM9F9rOV5IY6KQ1-lwY5NVUHQs7gQEvsqX15pRS37JCcL5YPw8E5I32OIOg9G5WV18CCvpuMPyxnporGiFa1lUAZprGNjNcjpclyoqogeIvf9xp9qiorqXBB_tdzTssjfMxztlN6YIW6AJiHd_8iBD5eBtYeaBqvhgjq4SWBaZodRPGjNQC2NUJ6526IQwW_6Odi_l7R8ajAL-wWRg5O_i0ZnM1A5TuwVcBCDWc4KTJ4MR_Msfa-Z7azVTqFRR4Ewv4yvwGx5xKPDI47BOPmJZYle8mOQWFSNXCR_XyVtWJ5VIWQFDay390ytqo5d8IBil5Jjc1Y7nbhOmUVNLB5FbdY-hMv-PGR7JGvZPKa7YNcV43-vGRN5C8XdK1E1B6F2gMt5APlnifLMgBnyDI1vcOshrqFahMIqXtMcxz_zJjhzl-lBufsn5gl8P7bsIkQJJ_tY211mmVOhuQqRKBlsD6C4LKflMh0grY3i_7-mT7n-TWSuYmPalfDsIMiXC9zwS1AynFb8OvOIHuPuBC1bcxw&cid=CAASJ-RoQa96pkhz_djVk6sthWIo9IYQde0_UKozo2AdZGSnmicZcHP_bw&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 02 Jun 2022 15:15:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame F3BA 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10539
x-xss-protection
0
server
cafe
etag
1532328290632562463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:14:19 GMT
7944437249456333481
s0.2mdn.net/simgad/ Frame F3BA 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7944437249456333481
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59bd74609ebd48bd8515935e60c5285088e5b90406282122613531d84dce9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 11:50:59 GMT
x-content-type-options
nosniff
age
271500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70679
x-xss-protection
0
last-modified
Thu, 05 May 2022 11:43:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 May 2023 11:50:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame F3BA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 15:15:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F3BA 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_lvr3m4sBJR6QYTLkxLVzHc4FdbdH9N_V8RDY8wyhFXxJpj98k4Rs6euNDUQNhTwkA56qIBWPm5AWVYFLDli6JcrqMQIUUw_q08IUq9WI9p3kmm_cd72nZ7bR71RfAIO1Gr6fTlJg1md-gBZfZwTUQVbJOAHjkUvRLlp9isdvWVlBJjdTjEDnBjZ66tsEL9dhe7E7sULjYkOO2mdjs12nGfwSRULFbE5OJxM3qZ_fG2kqZV4Fb7a_8NnqRvNWiE7rG-ozu2glJ2qvcbB9_NcaNGIGEfbnfU2NdfbZ6lzSWYuA3LSzx4BMg-82M05dKpe-9fLXfEauDB3Fh6WrKx1saxfr0sWBT39IiSbTEPP30MQNlMPSEWITjDfB0JYgTHvyRdTLckbc13wM4AEHeNwsSqJNo4xpub2CmE5-mzmUN0JBeKH-9gaaUn1MEUIcwWJoyTehlXm5X1TO1DUUfBaUU0q064SSIVOft8ZmZAhbR2ah14LZmYA1NMaN5xXnDDf4raafLO3CzqFAMf4kiXpdUgSn2oVpnCHoOdquZuhET6KZ52MAst8xDZhHdrmeiquXD5LD1MwTfx4G4qOU-E_8y1dNx0Vh_6JEu6s8UqE9Pjc6mzBYZTBF5AbDDdSc5ghvZUCEmomuXn9GnGjYsawlD6h5AIo1Z-TfiUL5HFZVyn7yuNIrmnLaNHQ_jQYbsk0JNggCFxJrz_upjKLhZri6aVkMTicVniAdB8exbAuiy9MxxIvIEC7F7D2bEzlK5yRXnZz2c0t8BdAB6-LZm53c878avQr1-QAgZUlIfNpl9YpVD4UKrOWoVMpzfE6RRtHp4mk4bSOG6J9UxOc3t_saYVR8giA8rJbr8pOMdLbILS-m2m6H2z8kxN3S7m4Gv0MGKRFnTu4xix_ifyaLk7CPVuGwH0T8bM39QWcagLOllHZ8Uk111E_ufTE2C90e4mYsRMavFEJX0TAv0TBeqBEZB7v_ir0Nf5lHAoi50O5Vli42Fm4mqUEhpAdlGlVI4MwQTMopDwyrE9ANgAFp0gTMVORBouJkaROEThW_LBykMoJjWsRj9ckPomZWDhaVzdZqU0e0N-Q6vQddULLDNJUYaK8wk8BfZosQzsXuCEjXUkk-kqezyJK2_ISJrPmAPOFS_r14rYgxroWTwJ4&sai=AMfl-YQDOmEW53DtBThxGpJVH_aRup5s66_n6iMysS95PXKeHigEQWsxonYj3mcaM4hbJFqqvYYx8m4KUgpZHH0wpFMez84QHXoyqfWAB0T6VItVeh_uDzoy5OJT5lQPikMem7EJTHXpFxLaa3mH7czIduSlx4ESA3U1c_UYtlcp-UBgy_gm6btmj7AiKrtk7aYc6xYoBxXxpwGI1yy8RmycMGs-E0q4ZMo&sig=Cg0ArKJSzNwbsKceM41dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220531.44518&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dobiwl-GYhPyOWMVcUSi2XgyzP4jvyEbhiCXHBw0xvSA3OM-7Y3sWZf6AmbvH6y7U6MleuPHojBNlO8S-o1Dg80f1Vbg&cry=1&dbm_d=AKAmf-CRnGkZ34qYQEOHpDa2nbnbatR_SDqMI0NGUYg23Btjnew7ruagAQvjYSCTwOhwkgwzEVf02rrQmmY1zMhiI-SR39KoZwxQGfae8shSVxG122RSwEyWzn9zUa6gavQAtyJbe7nIc1uyAW4T0RePDVDQsN2_IG-30FPZTRv6q4oPtcX06HbsSFyar7AJO3wBt9_Gg4R4A8vlNOf7Q7gNNGmQFs2bcVVBhj_6P_r5Vaczxx4WfkeIGrwDshlmoJiA_Vv6CYeO88qFIv9T0DxdXnAiKmnEKNfpRDOd9_SP5GcVDkR0LicyLkXEioTTAgaKuT72pwMsSbIAxwtJag5kTlcQgucbpIvHss8MhqoRNdInWJsPXFF_CV-4CV2Q-lyHN_12oZbc85v887XQgVMjuCCYKKVZbFFVANospnRq7cG883ruQCoVcf21NQj8yF35XHYq7ddeDyVU9XDhWrXsihvxBZDWgFvlrGVQ5d_q8FIAaZVnrMZ7GatLOTFpnXwb9t5SjPx6txyP7m93Uv0WNaEl9tO4xveAJvM1IftKP_t0WSbq3xuEj-LwNZUbMoYqAUfzHa3zQ6MP7O3BwXSkuMK1hFyD_NRw1ZZWSVJSD9Cyb9gycyzeYV8mphhYDXmhcZL2bjK7DMks4o0ELBDPrKwdwm1TOEz_dZsdu_SoUiOuq9SZmrBJ1D9kz888-bWOCzncUlNk3vFklwFpVYBZZyRjN8QoFz_l1VD85HVxodsBVxV9sQGDYV1e0VqGQD3SdTggRVTk3xaZF8AGpoI8hpsHD05MnGFkO5p7M1nEWPatQZrk_dLuBAhr0sKtsalyUTEXMXVdJ5w1mSIK46rp0vz11c69h9DuDMZE21_33zey0hERtErp3ob1kboSgxLVfRhqxinwdqZ_Xohxq-V5TkHpPC8lufcQnnHAafnDdHGCr_UBaojdxYlmgDObZ83ST4GlG7kJPcPdkYsF3XTayYh8z9cSjNFG1XPt0Qgt-jrAhhtpARAqfHgyKpM-z2Q0uupWJCNQ0WggSnjdJCJrmVK-KlPA9AtD5qI0jrMPQFSr4kxsvUF4ZoNaFrzNFDtgJgaCb8UeesDrSvNX4st5xpcir9pEUYO_gDjYyrzliuSB4NfJYTE85HeL1akg8gDLw3LUDNkoxy-PJHuBIriJRHT9Kr68_240E1HcLg0S1HxwBVQsHpKgYwW1il4Z7EiQqtePJ8yjGtnVkgUVyqztb5OZUC3LHeP-AHbLEzK1o4jXqrGgRlQhhjPxSG3Rh08fitSCQVEjpmE-vW_OWj8ObyCavQVPRAzzPuo9r-Zfh0VlFninDDRPsXXvl8ez3eyTEgR4MneOqoz04WTegWGcvNyXX56fRYK09nHNXn6qKIsrgVbHlU-k7xJWHUSRVxOf91C9KUbJozOCDeoqdwbzooJoUttk6fl-sLRQVukmSsV5QGMcJyHeuQO32OXUWSuMFFo8qEhIltRRtR_pZVG_78FA1jkQANVMmq3i3fEkAMR80e6al-iHE_yqEBgPFkKneNhz-RUx6DLIzqG51CypNdu781Ol6NDP16_HXHV5dOlFar3zN_I4qB4By_nedzyGZz1JToxZRRtaTCD-D48tb_OvtRuYjka_IrJlr9_L9_4pnOQiSN1DBE2F0WOsyNArJ34ZGEsRAtE3zjUdlsCVqoypyJCOjuYb1w-QAsv2qNw5j-qYHmJzOPnAL01fVPlsJWQJQNI7OILy5IEa7nHXoE1h-CVtfxT3GwSqUbS0OEhjXZWX9XwiztYLMarYPtD-Ce0u2uAvh14PnC22sB2LSdsaqYTQ9EqLqtrLRBv4NT394U1GNZ3v6xrj3nqvAkW65rd0k0KptlpKC4G6p1EdYkil4CaRjAIB6gmYzONlsQDuTdi7hZTdZLAXKIQ1jAa97cYbEEIusVvTIzURArkX6E_4PqRMYQnzOAh7Ob3TjHw4tcjD5KtaZUjjyKYhOArgPLtEP_RjsOn3LcxRRTX02v-ZWBWB9nWYiMYi1bKha3s3hPvQZNYiixhJVjanSu8oMgz2BPtlqEsVnkrslwg6-RRaZpGisuJnUQECEeGVBEpXkAuxuos8ja3Yz3NmG618nkqVz9uZVEy_cFd0tYRKJ1h7cz7C3-SSEhq13JylmJzEWD4fKo-FEZOS6GD9VWcS0gBzhvksZtQu65SApSKESSO6mi13ZdWiDvcsuGxepwv6Mae8SaEN4Bv-ipmyPg2QP5Z0Gihg2kmVU6cb6HR_yj2ejYv0t0yYhFkCAHNUuPEmHkfpQcOEK2MTuuA7QrGCuWLhhPZb3yjXx8q-TTIFx3AdSyyeokm5E86Jflcz9AGxr5uuO-FzxhSFdEL7QCKdgB5d4_ADkL4ZzyJLvA2A7LQkwdr1rIFtwNP97PQzPfuXVzSlKRf40tooka9J_UnVzYXW1c4UCYHhnlb9uI46E_h16GLwLBNHQKErkJ-fZslSiZk1TbToPqgL7EcuZSsmz3RRPs7qI09_PpHT2TeORPJz8MHg7_RWv-FNP3IQ4ZDZgKsTUNOD663uZlvEY5upKGUmyUD8EO-xaSlq4F7Lu3jHEm6WtgDGkfbjolsWTjYyKXBGaHbBjadQmitvYrGSdUGoiKNrKEudeoHpsl8BToR1Vwi_LV3a2YihZi6OK05EErumBr1eiGyXP5xfK13Dl4P3jttf3KRLM-2fjTI_NgFBnRbt-geWmr4dpmwIWMdkHbHRmcTqbDkcjQLhWcittXAiXWhBjTlCULrdduu78zI70QnEeUFJfQF_WyLTUECC6oJ9Fxy9tU0jfPzuJhJsVy8zRooDz8zKDySOqe0uxPi4Bs3LZV_CVBj0futqoghoO_mQb7xBR4nQN6E7YUZakNhFGn4S_CQUD0MrK0E1rHDVeBYAyaBck1-xtbhqF5LPQMEIczpx4wLVBnrJCrp_2qECYXm4apzFOx3Pv7PEnOvE12ildHWlfNMqWyFIlFFe1OVLAPWKUu7TT1Orn4rRchk--9ehN46bu3jbetBQMEyhCiNGOb37IRVi3IAR6S65yHmxGa8orEei1CKsJH5EQ_IDGJU8Tu5SkZQ8ZpvLOIMFetyLYrBIegA9F9nvATfg5GXk7u0QrqulvJ8dqiBWAKV-1p5bVxf_dHYmqMtqjeusF46ux-HuNa3_ueuzaFoAG98_gM80COJa9CcgrP1I4Ohlrr97&cid=CAASJ-RoSTqSSY0reWCOU2q99Yw3gs0LF1ogL3ZvdrP82Rk4chX-OwK03g&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 02 Jun 2022 15:15:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F3BA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 04:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 04:50:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B0FF 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIqAtKUccCZyCNjG0mhYPCQ5hrcI5CwR3Pu_voucw6NVryVq90lu6JAvb7a115NkD88bZYgINOeOHjNOXc7_YoFVk_BuUoDd2ZEPasg4J7jGzb3IigsKfFJ9-Me-NVx3IR0Y9k3wX1cpGVShdLPa6wivkttz1xDiHudec_gogUs6274ZNSLsMUz4oCVy1VXBXpSSMkONhMBeGvc0YzTSEBlj9mD4c_w7ZIpnYHYBzNSkZRyw8jC7OEDuWn6o7x0B-nW3GpB9QA31IJQTQ6VtbaVDT3pm7nytE18scQ3spVHDmp-bsczGqdvwaMPlUhc7S5gbtWP0DD7A1Fa96LSoXBcNsBwiHemx2MBUbez6pUZpJRUx9EZw9qqpKQAA8kg6W4d3ZoWAiY7ysAdvN51kep8BsPoxJgrBRkaa-MOKW5YGjmjqjsEDmH4-6P-l-kWhDW9ziywFCGUsVPP7mfo5hW6J54XHvXlhahPiLZSyA6j1F3g8gBYuA-FdDnklntuivAC3-LQGTbHHY1XEIGHElWVvcYwVnBVmwrRy3U1LATDVmcMXjZuDLX5IBtBf2jxyqCMD9qgHdNYaky8vSRQJ9NbQ-3ZqPUpnPyuSHcLmGYF8Qvn87hvyi5eYznrNANju1l2b1mXJ4ntn-KlZ_GOg0PMhfQ4Uqe01XqmuBv6ofFpBLXyYFn9GgzySa_WsiD4ZbSZOoFRCLdoAuNTLA-6-XK31tRUuUpGk4gBxc5zPFBuPPC1aw7zFMnAwEzKwVfiCrairAQeKA-rnKj5CDVQoXPuCyHU6-e41dQb4Vq_0P1ACoEPvb1gfxahytcah5C_U_naqGf42G0lap6aJGC73sS2IOVtNkdTkwJhCaBidrVFi33LP6eTE38EaaK8AqwnDMfpTZEAhPwqdcLBn1LvAbkWwwGIoFkVUZOldgqo-OtCDsOcpd0_YoeZCP6M9mDlqAfxV9CUn4LzaON3YlND9IxOejY5pjqCS0FqA-aOMq8EPr84b5afgOLgKokBpKZYeBh_DVWVGaaCcpaA5_rgXTazIl-Pb97qSPzM5hhXDIUzZ-lrvp1P5XwGktQPewkDW8sYWlzGappRLhbK2VHJMj5EKJeU5ZxRAPJ9naau7bH0_m6R_CFc88zf1OS_yUn2mc&sai=AMfl-YTsh90b9bnUjr9ScOKCmEQeW0ql1v0o9bk-9LPWakvuQ4f4y6RerC-5hHRfz2L8OAHTqShxg4asEnOi6hF0qroDLMYB_SJne3XNsy287WYX2FOnoi0Vrvu1L4C8Dgw_LTRghMJp1C7JFwEI59qFT87zcGZhJI0xCtdDF1UW9W5Zjxj4un6J744YJX-6X2s8JaDDgXZkK_fQu3moKPqAqmzDl2xs1As&sig=Cg0ArKJSzGgNxEr1vj7AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&vt=11&dtpt=92&dett=2&cstd=0&cisv=r20220531.13509&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwMYjNoj3PmLp7bHXB9DlQzeWRefkBsEluayKXUJnk1ISfquC-g7Mm8CdA3IiNJHeVr3mN07kOZmgjSSV1xSEKfghoMA&cry=1&dbm_d=AKAmf-AIC2egYChAXIs7Fx3KL-e_prd5g1J5x_ekag2JFA_SFG4en741_l157uEq4aRL99I1Ki9zKshMfR9z3PeEr1yGsYUyTKZMZd0RUUjI-ZST-nVdMArDRNv71IFCz8eGbLaR0cYoobfjsl1OzBk1estZRRh473UeH3xTx-xg_yxdayay_036FOBISoISnKtd9LO7vGLGvJ-OiPs2n-9LwwyaKj51gqxOqgiXIbl6WuT-TFOoeL2ksWMf8iE2xezHuUFSwMUzLuBAuIIgayunDxUlkhqa94scXMy7dQWFAWY3gd_9ls8rdLU2XJGKtuvHJxssqSCDw4kgxZWnYezEdAn5-K5REymWTEi3FeYcKF62HT_EuYsQjlMqNV9825tVS_RkxtrHSm7uoRfuYs_fP8QDM3aIZLEIt04kEaS9VpnrZqSA6Bv8OMo-crDBpC8im548RxrZnEhlwJcz1GryVXzq3iNSQgYdHipKTZAFwck0IS8Bv7NiqIynDOMLK7v58dBGnj-pt3qKP76bV1xAJHRd8Eyy_ojG3gjS9YM244xofubAg-TwpQdaCqeS1sndyaSMqcQycNT0909QiEhq6MC9AztuMYWLj9UwjNPDaNC6adyRkHbjEF0u-x58NiIc2kDvFzd5olJwEbVvzV9dORZ6nykNlAPR9R1OiG2NYQNugQ_Yh9KKWn2dimgQc4Q_ZuaBz49A9S-Gyg43d2eZFCB_3ev5UrcO1TsaM391HY4XnSl7elxozK4R-lMtbXP2b-ylz1buoaBAVe0PwDH_UzL8HJCc2s5qhnXVFKGeEg-J9tbZnppqVqkL6s4f_IuWwg2GvYH0joSOjkLbHNE-oAP6BIeXKN3EhgRCWgBF6hadz_4Y3jCLSA42oe6bt01WTB8YkByuTxbj94aF_GYZ6ShBm26h_k5DVe-Czl4gBTtvfkmvVkyR6xAh5w_lB3hfP_stL9D-uZbP_Gn-jhd-0O1ZvXWlkaxaJGZT4lo1ti0LDvIc5sJGcVbNHSf_RZgUu_I5_rg3bFUlD1FwCVXy6yeQfEDiKieuBQ07G2obHuMru7bRojBvUtw0udE_JzH-wr24VbEnYW34_fvO-zGmSj9NSH90yWc5sSa4PkqsihsVMTSSQ6fTt4CsH5IaEUgd1lbGqChJpf_VdkOohP__LcHdFYW0D7kgBMI3Y-yC5Tr1NSwb_mwu4sVWymq5--KYSPRI3-XS0vZ7hnCG-Gn2OQcxvl5OArGaj3IVAiBIRrdjnniB7wniDKsoVk3JutjNEN1Sc1tT7Psng1QsaVTGPJlU1DBhKt0AVoYFvyWB8A7njA-oDVK0tzyNs4eHoHv_IXqRoRdIDsxk5w2MIk_DinjDCdPMbjmbIaEYMaeC3OQFWGfMVkPtlrAPyeq7voJPDb6VRhMtKjCBh1k-RabYbRQhh8FYgs2Ud_hls5ONGMAl3sQ-H57rh5d16tKYAaSyB6mknsoj_18NJXy2y1SGZKO73i7b_bmrSda1QQ4SlSBM5ZuV_dCYNsIY9vpzp0eqvLL3Tqs-AHY3tC2oy7qFpQyQ8894yk_HjNkqLnOe4BcuMTvHrlW4vpAchncIYN-81nwADHMFfCnMfu_fAu5AJtYC1S94edLbFWDozAMjv4rMXzdgGOMDnFykkW0ZrN-BeDW4CuPSjbLfAiei3bs-NHWpN_ADPW1mvMRucZs3QxjRA7OpfsajsNdpF5m54wrPbwXhd3BbznrIfUnFg0Sc049wuZBznYSQPyNSyZTvbz8kTFrCu30ry8nomrArYuqqcVLnHgqGXhlxe-2Q57DNo89WVaHOmWQ7bhuoj51noQB1SsFuVV8aFHPO9ytVaJz6yIC-A0jH_yTGldt29MPHMlkMexCPEydz9LxapqCKX8qIGni8x5lzzt6XCHipCpElYi9YgDyC-oE9gXEo-9ARlICt-3wrwsLm05G_C4jzy2IxB_3sazTXN6RZx9mJ8dTY19XaZPCx4HdyvVPlFs1n9JzcXQwvzOFq2ohLE2PgnaAIEMRS0U2fNjElKbgbfv91X91srkXO2G9zZ701mhzNKxRVeDPVoqhe-DNJ229hQXlz7u5FzZOmnxvdETQGOUnVxdNd-EiwQe7NRtIs29LRRoZepK8gjgZhu2NFVkq4ncDAgV7DIEGGnBaR79dg0v9jOVCSewBcnGYpWYvVXktRCDYoh3wnpqRc1kgfV9atLebeDFmF2x7pT2AKz3czhVpSOMnXU5IR-qRWw9uzhAgUmsl7mXecNGmq0Km-aae9lFsEl0BMLuqw4ou4jvKgqSVbDFgmhCdaeW4fPGo-TaFttR1yRqVaXYY5MoaO9drwZ9rAlZEmvHI_NkKsSXm3X7donlzvIW0Hsn43S9cIjV4V06qB8Xeqc74u-eQxzFKA44e4dQmC7yOEZKjzuOmqz4JqwokKR8c70FCynL7DM_LxPSU7gtCn5b-0Jnkb-75lyvr_HuOGu32bMUoqap5_UJoJ4hhp0DVeVQ-6fxTzo4z2aHX_DhNFNGTD2NJXaD3XARndfeZOqwDMoQjUB8EGGAml9PiisI323Jww_7ae3g8xqlQJDl-LDH-1r864JjlyoGzI7QoEs2p9K8WKKl4ec-EsvUwX4CX28AzNIMIkuoxZPis_ZBgYfHtjavDF7CjkncCd5FFwd5OmwSWcJZ3ZM2qTYrbRg80h1oV441Y2Xqc6S9hYWejOgHke6AQV8RHa6Tr0OgQSQY_ctkSEFsi_ToII6VX5l-14nJfYKBNoiEKQ9q2ZqzoY-Ygerr3fHki1on4x4A_sKb45D580Y9MimI9ojA-knTnJW3L_CKUq_RAUstBvpMG4VE5U1zNV5erYRqTYOBzoFlTGid8qzhUXwKM_sj0iTnwPLUtWx-77EE2Ir64DeiUtSmaBMUG2FK7GDeLQhWYrzZ4rKyXpW-RwkHZ1gmxHE67-2zEHwYSz19fXdSXa_8bVf2_wh5kd6su7vaGSHdntSwxiGLUxqx4TM0khSm7qVuYeiJuxmWtdRvDfwhYXG-Wj09AaCk1ECQ57tXRv8xM58er8NLloS8LHz_cSJ68ThmWkCdUucM29uGe_K_ftSEZarYd-XeYrVu_qHJmFMMl-uI5ldgpIkxyQymmkrm8zh1A4s0HP8oy2npCp80xVPK6O9_PEripWl4-FXO1A3ElcTqdzlZgelnS3lnXqkV9w8Li3&cid=CAASJ-RoeHSjS01VnMYx0L4oiWpw_M_ISZzOC7egUYhi3yFvj8wCVmZvCQ&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B0FF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
637a769769a1d3b60ea54551859e9d75313267cb80c0810044abce176f4e6884

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame F3BA 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_lvr3m4sBJR6QYTLkxLVzHc4FdbdH9N_V8RDY8wyhFXxJpj98k4Rs6euNDUQNhTwkA56qIBWPm5AWVYFLDli6JcrqMQIUUw_q08IUq9WI9p3kmm_cd72nZ7bR71RfAIO1Gr6fTlJg1md-gBZfZwTUQVbJOAHjkUvRLlp9isdvWVlBJjdTjEDnBjZ66tsEL9dhe7E7sULjYkOO2mdjs12nGfwSRULFbE5OJxM3qZ_fG2kqZV4Fb7a_8NnqRvNWiE7rG-ozu2glJ2qvcbB9_NcaNGIGEfbnfU2NdfbZ6lzSWYuA3LSzx4BMg-82M05dKpe-9fLXfEauDB3Fh6WrKx1saxfr0sWBT39IiSbTEPP30MQNlMPSEWITjDfB0JYgTHvyRdTLckbc13wM4AEHeNwsSqJNo4xpub2CmE5-mzmUN0JBeKH-9gaaUn1MEUIcwWJoyTehlXm5X1TO1DUUfBaUU0q064SSIVOft8ZmZAhbR2ah14LZmYA1NMaN5xXnDDf4raafLO3CzqFAMf4kiXpdUgSn2oVpnCHoOdquZuhET6KZ52MAst8xDZhHdrmeiquXD5LD1MwTfx4G4qOU-E_8y1dNx0Vh_6JEu6s8UqE9Pjc6mzBYZTBF5AbDDdSc5ghvZUCEmomuXn9GnGjYsawlD6h5AIo1Z-TfiUL5HFZVyn7yuNIrmnLaNHQ_jQYbsk0JNggCFxJrz_upjKLhZri6aVkMTicVniAdB8exbAuiy9MxxIvIEC7F7D2bEzlK5yRXnZz2c0t8BdAB6-LZm53c878avQr1-QAgZUlIfNpl9YpVD4UKrOWoVMpzfE6RRtHp4mk4bSOG6J9UxOc3t_saYVR8giA8rJbr8pOMdLbILS-m2m6H2z8kxN3S7m4Gv0MGKRFnTu4xix_ifyaLk7CPVuGwH0T8bM39QWcagLOllHZ8Uk111E_ufTE2C90e4mYsRMavFEJX0TAv0TBeqBEZB7v_ir0Nf5lHAoi50O5Vli42Fm4mqUEhpAdlGlVI4MwQTMopDwyrE9ANgAFp0gTMVORBouJkaROEThW_LBykMoJjWsRj9ckPomZWDhaVzdZqU0e0N-Q6vQddULLDNJUYaK8wk8BfZosQzsXuCEjXUkk-kqezyJK2_ISJrPmAPOFS_r14rYgxroWTwJ4&sai=AMfl-YQDOmEW53DtBThxGpJVH_aRup5s66_n6iMysS95PXKeHigEQWsxonYj3mcaM4hbJFqqvYYx8m4KUgpZHH0wpFMez84QHXoyqfWAB0T6VItVeh_uDzoy5OJT5lQPikMem7EJTHXpFxLaa3mH7czIduSlx4ESA3U1c_UYtlcp-UBgy_gm6btmj7AiKrtk7aYc6xYoBxXxpwGI1yy8RmycMGs-E0q4ZMo&sig=Cg0ArKJSzNwbsKceM41dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=70&vt=11&dtpt=69&dett=2&cstd=0&cisv=r20220531.44518&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dobiwl-GYhPyOWMVcUSi2XgyzP4jvyEbhiCXHBw0xvSA3OM-7Y3sWZf6AmbvH6y7U6MleuPHojBNlO8S-o1Dg80f1Vbg&cry=1&dbm_d=AKAmf-CRnGkZ34qYQEOHpDa2nbnbatR_SDqMI0NGUYg23Btjnew7ruagAQvjYSCTwOhwkgwzEVf02rrQmmY1zMhiI-SR39KoZwxQGfae8shSVxG122RSwEyWzn9zUa6gavQAtyJbe7nIc1uyAW4T0RePDVDQsN2_IG-30FPZTRv6q4oPtcX06HbsSFyar7AJO3wBt9_Gg4R4A8vlNOf7Q7gNNGmQFs2bcVVBhj_6P_r5Vaczxx4WfkeIGrwDshlmoJiA_Vv6CYeO88qFIv9T0DxdXnAiKmnEKNfpRDOd9_SP5GcVDkR0LicyLkXEioTTAgaKuT72pwMsSbIAxwtJag5kTlcQgucbpIvHss8MhqoRNdInWJsPXFF_CV-4CV2Q-lyHN_12oZbc85v887XQgVMjuCCYKKVZbFFVANospnRq7cG883ruQCoVcf21NQj8yF35XHYq7ddeDyVU9XDhWrXsihvxBZDWgFvlrGVQ5d_q8FIAaZVnrMZ7GatLOTFpnXwb9t5SjPx6txyP7m93Uv0WNaEl9tO4xveAJvM1IftKP_t0WSbq3xuEj-LwNZUbMoYqAUfzHa3zQ6MP7O3BwXSkuMK1hFyD_NRw1ZZWSVJSD9Cyb9gycyzeYV8mphhYDXmhcZL2bjK7DMks4o0ELBDPrKwdwm1TOEz_dZsdu_SoUiOuq9SZmrBJ1D9kz888-bWOCzncUlNk3vFklwFpVYBZZyRjN8QoFz_l1VD85HVxodsBVxV9sQGDYV1e0VqGQD3SdTggRVTk3xaZF8AGpoI8hpsHD05MnGFkO5p7M1nEWPatQZrk_dLuBAhr0sKtsalyUTEXMXVdJ5w1mSIK46rp0vz11c69h9DuDMZE21_33zey0hERtErp3ob1kboSgxLVfRhqxinwdqZ_Xohxq-V5TkHpPC8lufcQnnHAafnDdHGCr_UBaojdxYlmgDObZ83ST4GlG7kJPcPdkYsF3XTayYh8z9cSjNFG1XPt0Qgt-jrAhhtpARAqfHgyKpM-z2Q0uupWJCNQ0WggSnjdJCJrmVK-KlPA9AtD5qI0jrMPQFSr4kxsvUF4ZoNaFrzNFDtgJgaCb8UeesDrSvNX4st5xpcir9pEUYO_gDjYyrzliuSB4NfJYTE85HeL1akg8gDLw3LUDNkoxy-PJHuBIriJRHT9Kr68_240E1HcLg0S1HxwBVQsHpKgYwW1il4Z7EiQqtePJ8yjGtnVkgUVyqztb5OZUC3LHeP-AHbLEzK1o4jXqrGgRlQhhjPxSG3Rh08fitSCQVEjpmE-vW_OWj8ObyCavQVPRAzzPuo9r-Zfh0VlFninDDRPsXXvl8ez3eyTEgR4MneOqoz04WTegWGcvNyXX56fRYK09nHNXn6qKIsrgVbHlU-k7xJWHUSRVxOf91C9KUbJozOCDeoqdwbzooJoUttk6fl-sLRQVukmSsV5QGMcJyHeuQO32OXUWSuMFFo8qEhIltRRtR_pZVG_78FA1jkQANVMmq3i3fEkAMR80e6al-iHE_yqEBgPFkKneNhz-RUx6DLIzqG51CypNdu781Ol6NDP16_HXHV5dOlFar3zN_I4qB4By_nedzyGZz1JToxZRRtaTCD-D48tb_OvtRuYjka_IrJlr9_L9_4pnOQiSN1DBE2F0WOsyNArJ34ZGEsRAtE3zjUdlsCVqoypyJCOjuYb1w-QAsv2qNw5j-qYHmJzOPnAL01fVPlsJWQJQNI7OILy5IEa7nHXoE1h-CVtfxT3GwSqUbS0OEhjXZWX9XwiztYLMarYPtD-Ce0u2uAvh14PnC22sB2LSdsaqYTQ9EqLqtrLRBv4NT394U1GNZ3v6xrj3nqvAkW65rd0k0KptlpKC4G6p1EdYkil4CaRjAIB6gmYzONlsQDuTdi7hZTdZLAXKIQ1jAa97cYbEEIusVvTIzURArkX6E_4PqRMYQnzOAh7Ob3TjHw4tcjD5KtaZUjjyKYhOArgPLtEP_RjsOn3LcxRRTX02v-ZWBWB9nWYiMYi1bKha3s3hPvQZNYiixhJVjanSu8oMgz2BPtlqEsVnkrslwg6-RRaZpGisuJnUQECEeGVBEpXkAuxuos8ja3Yz3NmG618nkqVz9uZVEy_cFd0tYRKJ1h7cz7C3-SSEhq13JylmJzEWD4fKo-FEZOS6GD9VWcS0gBzhvksZtQu65SApSKESSO6mi13ZdWiDvcsuGxepwv6Mae8SaEN4Bv-ipmyPg2QP5Z0Gihg2kmVU6cb6HR_yj2ejYv0t0yYhFkCAHNUuPEmHkfpQcOEK2MTuuA7QrGCuWLhhPZb3yjXx8q-TTIFx3AdSyyeokm5E86Jflcz9AGxr5uuO-FzxhSFdEL7QCKdgB5d4_ADkL4ZzyJLvA2A7LQkwdr1rIFtwNP97PQzPfuXVzSlKRf40tooka9J_UnVzYXW1c4UCYHhnlb9uI46E_h16GLwLBNHQKErkJ-fZslSiZk1TbToPqgL7EcuZSsmz3RRPs7qI09_PpHT2TeORPJz8MHg7_RWv-FNP3IQ4ZDZgKsTUNOD663uZlvEY5upKGUmyUD8EO-xaSlq4F7Lu3jHEm6WtgDGkfbjolsWTjYyKXBGaHbBjadQmitvYrGSdUGoiKNrKEudeoHpsl8BToR1Vwi_LV3a2YihZi6OK05EErumBr1eiGyXP5xfK13Dl4P3jttf3KRLM-2fjTI_NgFBnRbt-geWmr4dpmwIWMdkHbHRmcTqbDkcjQLhWcittXAiXWhBjTlCULrdduu78zI70QnEeUFJfQF_WyLTUECC6oJ9Fxy9tU0jfPzuJhJsVy8zRooDz8zKDySOqe0uxPi4Bs3LZV_CVBj0futqoghoO_mQb7xBR4nQN6E7YUZakNhFGn4S_CQUD0MrK0E1rHDVeBYAyaBck1-xtbhqF5LPQMEIczpx4wLVBnrJCrp_2qECYXm4apzFOx3Pv7PEnOvE12ildHWlfNMqWyFIlFFe1OVLAPWKUu7TT1Orn4rRchk--9ehN46bu3jbetBQMEyhCiNGOb37IRVi3IAR6S65yHmxGa8orEei1CKsJH5EQ_IDGJU8Tu5SkZQ8ZpvLOIMFetyLYrBIegA9F9nvATfg5GXk7u0QrqulvJ8dqiBWAKV-1p5bVxf_dHYmqMtqjeusF46ux-HuNa3_ueuzaFoAG98_gM80COJa9CcgrP1I4Ohlrr97&cid=CAASJ-RoSTqSSY0reWCOU2q99Yw3gs0LF1ogL3ZvdrP82Rk4chX-OwK03g&rfl=1%2Chttps%253A%252F%252Fthreatpost.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jun 2022 15:15:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame C79C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb3bc71ff0c9c45292889bf315b9ac37fcd416aca661d868dfcc6bfb9b653936

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F3BA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24f20b6bf5c1f7027a61ac82591807cfbe1732ea163634a4979d4a6b6a0b6ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F359 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21902
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 09:10:57 GMT
expires
Fri, 02 Jun 2023 09:10:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD0E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21902
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 09:10:57 GMT
expires
Fri, 02 Jun 2023 09:10:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler.js
s0.2mdn.net/ads/studio/ Frame A2C3 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Jun 2022 15:18:26 GMT
generate_204
tpc.googlesyndication.com/ Frame E808 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?i-eDEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame F359 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 13:56:31 GMT
1.js
s.d3sv.net/adsrv/lib/adlib/ Frame A2C3 		3 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.d3sv.net/adsrv/lib/adlib/1.js
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
704cf19dd688b0b00c19faf54b2ebb8833de2ec463e1a93c1aabd45d3974d91f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 14:05:00 GMT
server
nginx
etag
"6231ee8c-aa7"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds103.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
873
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame FD0E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 13:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 13:56:31 GMT
CTA_1.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/CTA_1.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
6889892c2e822b05bd24b0c0f04f6765f47cd5f1866d2f765eff9f0f9be20f44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-ff0"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds313.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1090
logo-erazer-medion.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/logo-erazer-medion.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1eedcfe0071f501ad0ccb2475b59af051129daec37cf248b6bc2e0ccddbcc4e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-b11"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds217.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1428
date_1.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/date_1.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b03b8df2be0a2271266314601e9e1265d2db4cff98ba50bd414204748af6a5f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-ada"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds327.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1155
prod-info_3.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/prod-info_3.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
79e2cbb1056876c6c5682a2b9da270046d02ab530b32a4f7538c4bf9a93408da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-2c7b"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds214.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3737
price_1.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		2 KB
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/price_1.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
16ca45e9a38c42142fbc03ffa80fbe527bada23ea3f736cc682f1364e9938d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-7b3"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds222.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
727
card-3.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/card-3.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4a8ed41cfb4461d676b09465d8cc00d0e8c437c7ca24e1723acd4d4c6354cf9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-1c46"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds003.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2423
card-2.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/card-2.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9f96ddd77a2833656cbc3c7f577fb5dd570444c7e284e4f5e091a5b65ac78a79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-2ae2"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds250.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3407
card-1_1.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/card-1_1.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
41c8c9f34538c48ae2070835c63e4891c488abbfc663e386ef7805915be4c6fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-2ecc"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds264.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3124
h1_1.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/h1_1.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a12948ecc0e00590c1405f032f6d834e6a064bcd86b91617ffefd17a14074b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-1cc3"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds042.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2099
disclaimer_2.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		17 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/disclaimer_2.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
d98c5d1b4c97819e7374e56f5a7dca5b1d83e0245e95d5fb64423fb7d906f379

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-44c0"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds224.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
5250
logo-intel.png
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/logo-intel.png
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e3a3b27abe7e8538a98431bb7c684eb6d19248ac87d6189ac8d34c80b217772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-2e51"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds087.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
11857
Aldi_Nord.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		2 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/Aldi_Nord.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c8ca9a5cffd88a2953176dbfd62d95bfe867769d35e8642bbf44fe3d4f889d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-7e3"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds224.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
916
img-pc-2.png
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/img-pc-2.png
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b7804e8db834a6389e3467be54923d505f1a28c87e6b22e21cca956a60725be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-ecc5"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds250.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
60613
img-pc.png
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/img-pc.png
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
318f35760cdde89fc86bd6de9db82a6d326dc05700ea5e181e4d26be6e487c97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-dee2"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds066.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
57058
BG.svg
s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/ Frame A2C3 		474 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/BG.svg
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
2fe4d76fad9097c2337080e896fb869dd6ad6d90af3227c964b5f58a6079814a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:15:59 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 07:56:30 GMT
server
nginx
etag
"628b3e2e-1da"
x-hw
1654182959.cds077.lo4.hn,1654182959.cds291.lo4.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
278
place
www.google.com/maps/embed/v1/ Frame 3FAF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyB2_BQ2w9O15iRSi5yF58_VM7RtACkDMtY&zoom=15&q=Aldi
Requested by
Host: s.d3sv.net
URL: https://s.d3sv.net/ops/Medion/2022/Medion_Aldi_WKZ_Multimedia/KW22_DTS/Nord/V1/300x600/index.html?clickTag=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuMIdvbGUpfI2XEgMKfZrwMfWSvZI4xxonk_PPwtyjiSYcM6dijDiP0h96j6IeazjwHEHUgFCX0datRkYdIltzimfoEFiJjnvSI75x1D8hFHtSpviWjrHIR0JzuS1MhChX5N3i99zThz7WYMbLZWxykCB3vr0PQcRQHY20RZfVl5NVjjSmlSa8aab5mju97F7ksy4j0TMO7NCKEtjbyHVgGOe9CK1u4Odo0u8KBLIONxkesUDLUIiifQTNMtj-7evHtzqswVSoJJ-qg-dE0HrJf20jrVeTZ3yk7tm7bFU4f0tXpOPRKJnSBLvGKfRjAT2aOLJHcHdh9rG1q_OhOCYRvr7pIxvFdANwqrrdLWgeUDFcTy_1n9zfjUdCVIiuIIejW2Or2ITgDzKJdZ39qzAQoW4Z8nslH1wPM9tI4l4vF58Wl4iUQd_sy95wvQLMp_YlAJHj8Tr8pb8Ov5JqEMzLpZUJhC0fTmuvAQOPSQGhK-q8GFnHr34zxKh-4_mr9Guu5idWVnbfeqeqPW_92zb3N5eTu6ETdqcTn-aCbTBXnz43nn7Mk3lpsZk7gau0R_ChhFnkPxZ2yeegKXHirjHeuOYIRKxHCejKKPYmbWZFIlGwAg90QZujW7Lcj-gofAw5AqnLTukbLf2h7IDlGvwKBpajl8m6tmhziIfcZOZrUaJI-swnxgotsVPIinAZqex0Imo4dXhKY-F3N3oBa2H5bVVKxQgpnZw00nbSh4iacsB2QVKqSvhj3lqD6Rm6hJvwBLb3Vk0Rjcvxd_r06dGLndnHPAPRNkA5H_DTCHdz6VMjGDFP4A-ybHWxnGDtubEYg6Zw5iTiyzbWb78TefRAl9Ph7XDWgQlojIaqEdCRRLJTRyXkQyONezalDQFF8uuNi0CY0g9UF6jR7ey4z79vCy7Cnd6h5k2DFotbSBK1JWy5Ck5TuBfmosEU8k8O-4L1MOH99YgPSsyBny_ZqxB7fwTRVJkWQRfsNOtlRGF6y4BegRCJGAdSqplhlkgTv4aay82JKVrNbI2g7ybmuufzc-0Qo3JAkgBR8lHM_SSdH7lRM7fai4vVsmqYGpTBxugpndp-Ob_kesuxqmQZGKsqeg3NQw5jmyLpEFBvuAGz4RHeja-mnN_UdJRLavPLTEpV7gLQEJBJChcNpphEsCtYJ8W2NRn9fb6VUGC5x%26sai%3DAMfl-YRKwTA6d2JAqv6z0y-sjuJwAWLbPP1onSTd4ToQxGxWvaemCDmoBFregCHOPp3VVzQKkJuVuyhRlTcqXi-ozcQSudHE3VjQqQR4879p6WyG8hGiTi2JuTIcImIoJU_3K3LW0ZfOZ8RGppbV2WvB4IBYr41j7RLEqhwq7ZKAFjJWI36_ZKL7gxi-QDmOlr89Zi6uC1HSaTZw0tua_kipMUCBuN2SYFFUm2T6pxdgPw%26sig%3DCg0ArKJSzHQQMVPhaLP3EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&ct=DE&st=&city=5672&dma=0&zp=&bw=4&adId=528617444&advId=9342312&campId=27855750&crId=171877520&cb=172645617&exitPrefix=exit-&3p=1&exit-exit_ad=https%3A%2F%2Fwww.medion.com%2Faldi%2Fpcs%2Fmd34470-nord-de%2F%3Fwt_mc%3Dde.display.md34470adn.prfav_KW22&width=300&height=600&env=dcm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
88f32177cfbcc059ccbb2adbf55ce792cec33cefa20e2666b7fde1ae5b3aedec
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-YbnqurhORdNaTgdD7sCrYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.d3sv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1763
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-YbnqurhORdNaTgdD7sCrYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A2C3 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame F359 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0E6jLtSYYr79O8LV7_UP7ImRmAwAAAAAOAHgBAI&bg=!BgWlBUHNAAao8wy8iPM7ACkAdvg8WmhuMuQDFCua6ncYapYDuXbcxBIHPP4E0mYRJVxBp591tC1aYAIAAACmUgAAAAJoAQeZAy5ddLERw1310AMr53f-AoR_a0ia0iSaVMA0PBSd8R0znc_RwrmksvBUVKTl5D8_rt3dWfFgP4_9apc4KejgyoGcDWjmKmPBybuk6zCx69Tg18S_Jwn2nMYtqu_i6B78yKzqrH65F1_2-WjQpHg4In3o8BULyRfmPUmZVqoap2T4Y58SnAGo5A2AfN31uBb9uq83IUP43LgCRByP0wGmC0MNVVvAFjei47-ZfZ4XuU34R_5eZUopTQdj-Ca9gAQTaXn6sM3VbR3j4cERIzAtcynfLIeo-LiweFsUFk_BAv0Jfzsdwl1sCRLq5ElrUoyssjF5q_LQ_nyN_AClR08gfFWOd_Te17Ow7DGlWOzPt0j1BlBHv-mjnnJab8w76OeJWzkLFRARTE42WjGDizy0SwlFLzZ3QXkpXlJRsyqZetxluIU0vL1Gyeeh_MkRJx7mBU8iWx4s8mp0BIfOc9Kb-mWJV-QCx0fFlsTgOGVg2AFSWi4dB4kRVxRaSIJaftvnEAUYYtt0e7CbO09YWhcRpcmkHmzP0XTf3-ICFpr4LOrONpgdarwCOXKlxmvGyujHDolIvX2oqBKpQrK0tQnlzAmP0SGZP9AxfiqsjXj9n4tF-Gh-Phk40tNMuJBELqByXUKtW-z8_jYhLO7eLKNLXWFUXGVdxLVbmniaVHDbbdEs45pf8B0d9pJDK3AoA8TcXrWyXBGC6i-tU1QnivgmilTQdY6AcEmxnBAPCVLTKKViFPPg74P73zVJAFxwck_9aKKAEUqFXAF15J745YuyHwhOiG4I2xC4NOWfsGD19fityKPyUFIDTKbKYxE-CyCfDnX3tYUAOM7EI0U3IRpVgb4X06Ks3akcP9cy3AWVm--CujYTfPm2MvX3v0AMqxL4Mtacy_bB4KCG5rqAAYYVlXe3nar0zhs04tSa6rL0DepQSXm731FglM9bP1Tg54kyOpVNE9-A0UAhvi6kA2RnRwDYw1EDlR9Rc82DWoglz-p0WuOxMXxl8wlPLU-pEyzD3IxEw55N_nD6yT7dVYEa29sUhnXxy_ZiBzajfAhcar6cE14g7V5OugqitO972haR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD0E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br-oTLtSYYpLVGpXP7_UPj4O70AUAAAAAOAHgBAI&bg=!uLulu__NAAao8wy8iPM7ACkAdvg8WuW3xp91s6iCFw28Qs-1LLlHUix8daWuOeq2nCNgpSd66LrK9gIAAACZUgAAAAFoAQcKAFwVR54CkcbrORCZrHPI8S29Ogf-tcNK6UGp-l_MQfdM0LXqM6TfNVR1pqPEX_GpWnk23jUq0KAYOG474HkdMARiuhKdGPq7KcprrfFPhEI0zvF8JjYVJJrPcHo4bZkDFnL3eB2n3Jw8tjAMwdZ3zeY1xDbUpFrRM7i8YQE_glEB5V4zQT0k4hFIZhLCzgRuqRKo_DdEhGEtz8EjpYV5pDE8G2j-yjyfBZf27F28FeUDCqI-cLEB8ofzRQXqEAGsuOI6g6t9ETn-XpizR-97RZQLEcmwBtR4jY5RHbuf_DJmMORjRINu8nNdRf0GMKAP-9YswAKBJqBN4CV8ZrgTVhF8onIdmgXqXPlife8_mOmqLc-nMPZjRyPk9vxu-OcfuH-jtwnG8chk2ZpvZoK_POHaSxy4xHquCh6Afgm6PWqIoL6MLctJ2BUzxnLeI12kZAiPIFy83uiUabNKlKOaUlDzEwHHPTftfrX1GWanDclbM97MlthXigonBBs3MQej-XUuETsqkq4s-KJmyt4radTWSxcc5QG79xZq0zYYNVUmvWkkLuNNkMEfEkF9drEWCnTJ9FBCIzxvyQVYwCeUw1bI_U1QoX_Q0cxs7Au67ivW1sLgn_O-MWFhnDu2l_wC-US2CG7eH0FBWAu_U366tmB76HxJhX1o9gP3pV1EAs82wNcrKIwxRycGsSDIpReDBSxxLV5J3lcga2vI2xWdUu01tqq01oalioGb0d-QyyJhmTFzF_NvOkSJ_r-1GqNYHC5C7CEpuBQ9Hra18ODrPMnZZqkx8Qt1WKz7RGYy7cYUzpf8H3PfNfRLM7b2nNlloT--h40SkK5lKCRtmz8RgtnHocVzmsxdGHaI7nm4scBiJ8RSJRk5Wp4YQ8EcgtfNMiUZgRkAJEhTZzQzdCXmEvObZ7_y52TxKcn9di8QbX_TUMAkYDlauYxESNDocs7T4CES73y_F2J1jMRFFl1Ux-y4DmLhfP3U_WM9T3WuTbrS9ppDPgUEC1XEOizFqVUIbJfIJibhS9TJaGovFXe_CyOMxO1jNuR356ISOuqOcCGSqHuCAFb_wOkQ4Xtg5fNPfgrDdsgK3t_xL4FM_RntVoHdFeEbqREWvlXrRGvw4nbRpKtJl42HpOepwnSMRqQhUeuve28_K26DMh-L1zI02ghiNHBqDXY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:15:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052601&jk=742946448091356&bg=!3d6l3prNAAao8wy8iPM7ACkAdvg8WtzO8AuiTTMbAARc_aPsKLLyNnAVnDBpsGx82NrogcDs6iaLWgIAAAGGUgAAAAJoAQeZAtq7x9QfAQe_H42UkIjBPE_OonLNpqpuZpD2EookBxeB6tqsP4E0vsMS83n3qHffwhFgXTElTWaX539oOQMNQNK5gb0FWdpiCLgjPFgniKpAG35PxN646fm47ymW02eU04qcqDKuBRTlDqicz7s1kQqr_sVCXKQjH6kR6gtZZtcWlkJDT6kkXaOlji4o56bkzKEDezG-fC-yFvy1gY_ObFV0hG_bU-G22yVWcPBogZd_ltlHc5uzb7C6V40H8Y4JVeZZkcUXOHJmk_ChcTkEK9qEDN5QU4v_JneaFUzvcPak-SF2s9y7xv43csrZMxtT-9tm3Lkrn_QFLMCu4TokV_QcRHN4T9K1H8r-0mKk4JYZqYfhMddcGVYh6Hgtwp3XJtAVAFUN3vUdGiXf93S5GfJJ9W51snC4qgay8VIvNr8OfZVPCQER5ZUkJQUpCN2KLD6vtHlZijWZ61DB2CaQoN3Bfotw6-4hfn9xe3BE6C2mXvgwpULCjvBN52rbYXhkckaZaCInEWOsUlV-ukPnrT7k1aT9SdEme4PCKmYw13I1OjmcbFh69xMFcTZYdHlc9dmBBm9lTeJoMYpAowd6HJvN6QIR5NThMDghnFqtp44sXpjPvs_vecYrYxtopPfjzTV0KK1WJmctD3hcFd68P5Ta3x4j68mEPqYiPbiihEx9eh0Gu27vJemRr2FEXIWQs1v_xg82PK9kVPF8pO4xdcPMTUtKKs83g6CvqpR8gzHyeHTGAHKdpMf2B6NRoDsb6htuK-aG-KcnNsIsgvt4JvfXhtGDR_YpGxg46n7kydu7HaCqqCguy2a1iLY3yN4l2S84nYVEObze7a9KqV3mNPMqqzAHepwIeKPZSuYUjlJtZbbuEBAJUyJDlkmso3D-8VUNxRDTbT6w13F84fr4zjQSHYp-8YO_0sgbR0R3eG4r7G6wxnh3AVCKYL6FHyhSLWwgRYRtpVHrHus4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
js
maps.googleapis.com/maps/api/ Frame 3FAF 		169 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyB2_BQ2w9O15iRSi5yF58_VM7RtACkDMtY&zoom=15&q=Aldi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
e670bc8a55cb87fe35fc859c92a95489471757f8b0194aa9c317024080d3b5b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:11:18 GMT
content-encoding
gzip
server
mafe
age
282
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=17
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56450
x-xss-protection
0
expires
Thu, 02 Jun 2022 15:41:18 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 3FAF 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/49/2/intl/de_ALL/ Frame 3FAF 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/49/2/intl/de_ALL/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyB2_BQ2w9O15iRSi5yF58_VM7RtACkDMtY&zoom=15&q=Aldi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
181b6c641954125bf070c25373c53dcfa9c1e7e2dd1fd9c980378174e8977902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70669
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:39:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B0FF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyza8LL2N8i80k1TfsUwP2DAeXX8xHzUSdxANlPCG-FgOdycrCfsJpgcZ-zujHdVJItMCTsBEsFem7vPTJWdKWGoWdGwAumcoXk8eRAc9q&sai=AMfl-YSpSxivN_fNhVk_2GaQIuCMKMLVSRF-zorDfhPf-HvR2XncYRR_qBTMN05Kv5fr8yJJSkTcmLqmJ2fJTyzVpkQSYWqpUei2U_rSl99g4GhoDtrdsM96HjpscDuubBs&sig=Cg0ArKJSzFpSlmzNSf_aEAE&cid=CAASJ-RoeHSjS01VnMYx0L4oiWpw_M_ISZzOC7egUYhi3yFvj8wCVmZvCQ&id=lidar2&mcvt=1001&p=8,315,258,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4166723991&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654182957821&rpt=1372&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/ Frame 3FAF 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab771eb985f45a8bfe440a81a5824bf52ba5e4a68f84afa901cff7e70fa183dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30638
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:40:01 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/ Frame 3FAF 		309 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0fc84c13dd5b504ff509442105cbb954c60a4638ca6a6390eb0bb82347b4de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93913
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:40:01 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/ Frame 3FAF 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd16095ebcb84901ca776de58368a1884848ad8233965e354b811ab735317021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24490
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:40:02 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/ Frame 3FAF 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
446c258df29e7bfe500cf5dae218d77161a6d22926b5c03621293c0bf420717b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1389
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:40:02 GMT
truncated
/ Frame 3FAF 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 3FAF 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i4396492&2i2840764&2e1&3u15&4m2&1u270&2u146&5m6&1e0&5sde-DE&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=5549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
66399d31f4ea54e4110215477ebf95237a071ee0ab56b0cff98dd22f2b71f9f6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:13:17 GMT
server
scaffolding on HTTPServer2
age
163
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14376
x-xss-protection
0
expires
Fri, 03 Jun 2022 15:13:17 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/ Frame 3FAF 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96999fc4af4552d8407bf2c8b8dc7cb4cd55f56855bef2ae4d5e2e2eba654f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9791
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:40:03 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/ Frame 3FAF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=de_DE&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
304e71cc93e58b174e2323be26684931e487b3c09601030ace6781c4401f75d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1352
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 18:56:09 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 3FAF 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d50.10727450136684&2d8.665149644741934&2m2&1d50.11973020195976&2d8.700507762554105&2u15&4sde-DE&5e0&6sm%40606000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._g6q897&client=google-maps-embed&token=61487
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
0d42e5744f7a5f11cae8c368423c220f85d0a3144eaa07c6eb1b92b09f90a074
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=13
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1535
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F3BA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6-7xofD2tzOMfUFVj7K98gIxi4ruASywNDb7xeT5VPM6nU6xnhpBd8XQhC5L9UL6hFm7V74diEeJobstPggWsMOXRBEG50blKPaDpdF1t&sai=AMfl-YTpAxugjqFypTAhkiksvLLuRisdTBvuEwLl9PkUwGG6nqvmoq78cJ7X__TwvqrNWHJDqOcA7Skl1A3m_O5HA21a90BCTsbRhyetLMLlFx1Zrzl3NRzUh5R6zVwiuOk&sig=Cg0ArKJSzFJw-L306oU2EAE&cid=CAASJ-RoSTqSSY0reWCOU2q99Yw3gs0LF1ogL3ZvdrP82Rk4chX-OwK03g&id=lidar2&mcvt=1037&p=416,1082,666,1382&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1414505084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654182957845&rpt=1429&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 3FAF 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._51fxg0&client=google-maps-embed&token=34826
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
d7763f0e920264d381ada9c9b74e3073a852ba573a967c2d58c181ddd0693fe3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://threatpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 02 Jun 2022 15:15:59 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1032
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 5756
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=b15UJnw3Y3ZMUlFEVFlmaEowY09jQ0J3U3lDVHExc0lVK2NDRkw4M1NGN1ZpdXJGMHZCY0FKbW1iclFmbzRTYUZjTHVGTlo1NTdnQ2NGTlRnTFpVMkFVSUVIZi9SUFhqUkRGMUY0VGZZV1plVHErc0taT3B0Y1BId0J5V3...
347 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b15UJnw3Y3ZMUlFEVFlmaEowY09jQ0J3U3lDVHExc0lVK2NDRkw4M1NGN1ZpdXJGMHZCY0FKbW1iclFmbzRTYUZjTHVGTlo1NTdnQ2NGTlRnTFpVMkFVSUVIZi9SUFhqUkRGMUY0VGZZV1plVHErc0taT3B0Y1BId0J5V3p5eFdCTjh2ZCtHa09oSmtwT0Vvdm9EbHBsTUZPUXRqMmE0WXRSNG1LUndueTJZVUZ6b1U1MWl3TkNLMmdtM0FjdmhMc0Njd3d6UjYzUXU1UE5ZNnNva2hiclJHTk9zVHR0R2xlSmVuY2NmQVZkbTFLNm5vPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4432ec19c12bc38f683d054e2457c5b492c81c2ae4492350d84908bf93e1db2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2604
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
location
https://mug.criteo.com/sid?cpp=b15UJnw3Y3ZMUlFEVFlmaEowY09jQ0J3U3lDVHExc0lVK2NDRkw4M1NGN1ZpdXJGMHZCY0FKbW1iclFmbzRTYUZjTHVGTlo1NTdnQ2NGTlRnTFpVMkFVSUVIZi9SUFhqUkRGMUY0VGZZV1plVHErc0taT3B0Y1BId0J5V3p5eFdCTjh2ZCtHa09oSmtwT0Vvdm9EbHBsTUZPUXRqMmE0WXRSNG1LUndueTJZVUZ6b1U1MWl3TkNLMmdtM0FjdmhMc0Njd3d6UjYzUXU1UE5ZNnNva2hiclJHTk9zVHR0R2xlSmVuY2NmQVZkbTFLNm5vPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1902
content-length
482
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3262 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128649
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:00:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame C156 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jun 2022 15:16:00 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 9DC4 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
e78b4ea982c48bb03e32abf572ec55fd5d8d95a0ac7475ac0255ee244730e818

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Thu, 02 Jun 2022 15:16:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E37A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128649
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:00:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8810 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38932
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Jun 2022 15:16:00 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 26 May 2022 04:26:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 518646
X-Served-By
cache-lga13629-LGA, cache-hhn4020-HHN
X-Timer
S1654182960.419257,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 48B1 		668 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
e78b4ea982c48bb03e32abf572ec55fd5d8d95a0ac7475ac0255ee244730e818

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Thu, 02 Jun 2022 15:16:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 13FC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jun 2022 15:16:00 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E0AD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.20.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38932
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Jun 2022 15:16:00 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 26 May 2022 04:26:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 512830
X-Served-By
cache-lga13629-LGA, cache-hhn4033-HHN
X-Timer
S1654182960.418581,VS0,VE0
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 3FAF 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7sx5tp0c&10e1&callback=_xdc_._t57kpo&client=google-maps-embed&token=17962
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
b3950b63e77083f8f0766111b4bb57b739d6acbbc9cafc617be50381d1de9954
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9DC4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0c76298-d430-4800-8019-e9f12884cbbe
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0c76298-d430-4800-8019-e9f12884cbbe
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 02 Jun 2022 15:16:00 GMT
Server
MT3 4419 e1034d5 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0c76298-d430-4800-8019-e9f12884cbbe
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Jun 2022 15:15:59 GMT
sd
us-u.openx.net/w/1.0/ Frame 9DC4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9DC4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162656064996822193
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162656064996822193
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162656064996822193
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9DC4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d75823d4-ea1a-3805-4eb7-6d36fe900b0b&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9DC4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmIzN2YwMWUtMjM2ZC02NmExLTViNTctMzc4ZjM0NzJjNTZi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9DC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 48B1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=57356298-d430-4800-b152-8fcd46d5256f
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=57356298-d430-4800-b152-8fcd46d5256f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 02 Jun 2022 15:16:00 GMT
Server
MT3 4419 e1034d5 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=57356298-d430-4800-b152-8fcd46d5256f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Jun 2022 15:15:59 GMT
sd
us-u.openx.net/w/1.0/ Frame 48B1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_3G5nK13ssfkILDF_3Ktna9w5cLkcbPG8XSH1ZVY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 48B1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3420420966598526733
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3420420966598526733
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3420420966598526733
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 48B1 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d75823d4-ea1a-3805-4eb7-6d36fe900b0b&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 48B1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmIzN2YwMWUtMjM2ZC02NmExLTViNTctMzc4ZjM0NzJjNTZi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 48B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPOPvr11_Ws4loR8G8qPBG8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E0AD 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:00 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cbac681a-9a66-4c5c-a851-9083f6cb2230
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8810 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:00 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bc66a657-4aa9-4bcd-963a-4b114c1c938d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b15UJnw3Y3ZMUlFEVFlmaEowY09jQ0J3U3lDVHExc0lVK2NDRkw4M1NGN1ZpdXJGMHZCY0FKbW1iclFmbzRTYUZjTHVGTlo1NTdnQ2NGTlRnTFpVMkFVSUVIZi9SUFhqUkRGMUY0VGZZV1plVHErc0taT3B0Y1BId0J5V3p5eFdCTjh2ZCtHa09oSmtwT0Vvdm9EbHBsTUZPUXRqMmE0WXRSNG1LUndueTJZVUZ6b1U1MWl3TkNLMmdtM0FjdmhMc0Njd3d6UjYzUXU1UE5ZNnNva2hiclJHTk9zVHR0R2xlSmVuY2NmQVZkbTFLNm5vPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 02 Jun 2022 15:16:00 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1094
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame E0AD 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:01 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7455787b-eea0-4974-86e0-f03b5aa176e6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8810 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:01 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
01441a20-a1d2-49e1-afa3-83489c647b7d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abt
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:16:01 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C73E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128647
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:00:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame F979 		542 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
23c1b3731a4da233eeb5da31ab7ff79db7ed926be359400352deabc436969361

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
339
content-type
text/html
date
Thu, 02 Jun 2022 15:16:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 2EE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13394437
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 02 Jun 2022 15:16:02 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
2000891.html
sync.serverbid.com/ss/ Frame 2A69 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-77.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f31877812ade3cbda659976d8597d3059465388c75dd9097c5c9b63ad7aaa7c4

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29567
content-encoding
gzip
content-type
text/html
date
Thu, 02 Jun 2022 07:04:42 GMT
etag
W/"80b4cb8427bdc87559a8857675862d26"
last-modified
Tue, 31 May 2022 17:31:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-id
AyDFTUIsSMWODyKVH8nwjffIIeFwgGeIbdk6AEOjve0JvpDg-s3mgQ==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
sync.html
public.servenobid.com/ Frame 837B 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 02 Jun 2022 15:16:01 GMT
etag
"932d6618454a24c5cf3ad5f25825ecce"
last-modified
Tue, 31 May 2022 18:42:20 GMT
server
AmazonS3
x-amz-id-2
lUXzNlWymnp4qxyaXRJt+rEx0LkESW7x3vbTyS1CPnFNgCfOuBJ0+YhyT9Ol+mLvDo0RQKIQWPg=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:2eb1aaf4-247b-4e52-a802-e8cd900d39ea
x-amz-meta-codebuild-content-md5
20a4fb183531ba70b39d5a2dfecc75d2
x-amz-meta-codebuild-content-sha256
c86041a4eda4e8a7eab23343995e324b6b57a4b93db1e64ecabf90b8558c6365
x-amz-request-id
KJHMCBYCCAJHWB5K
x-azure-ref
0MtSYYgAAAADifeAvAxFtT4WEkD56+2c6RlJBMjMxMDUwNDE3MDExADg0ZTdkZmEyLTE0NDItNDMzNC1iMzRmLWU0MmQzZjdkZGFkOQ==
x-azure-ref-originshield
0F4aYYgAAAABLtNCQEPJ9QIxXG3eZlGLmQU1TMDRFREdFMTgyMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
ixmatch.html
js-sec.indexww.com/um/ Frame 5C54 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jun 2022 15:16:02 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame DF7F 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 02 Jun 2022 15:16:02 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9F90 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38934
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 02 Jun 2022 15:16:02 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 26 May 2022 04:26:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 518679
X-Served-By
cache-lga13629-LGA, cache-hhn4020-HHN
X-Timer
S1654182962.314302,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 9D6E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jun 2022 15:16:02 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
dds
rtb.openx.net/sync/ Frame F979 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
vf4tit0bgquco3n2saa7h6ev7lklvd1h
439f4590-7ab6-aa4c-7f60-7bc301c7c642
pr-bh.ybp.yahoo.com/sync/openx/ Frame F979 		43 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/439f4590-7ab6-aa4c-7f60-7bc301c7c642?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:147f:2b65:e703:1f4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
eu-u.openx.net/w/1.0/ Frame F979
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=U7hxzFLq1NWMym5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=U7hxzFLq1NWMym5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:01 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0e7593d38a0fef5c3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=U7hxzFLq1NWMym5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F979
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=d028240a-d86a-4a30-b09e-97c0499972ff&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=d028240a-d86a-4a30-b09e-97c0499972ff&gdpr=&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=d028240a-d86a-4a30-b09e-97c0499972ff&gdpr=&gdpr_consent=
Date
Thu, 02 Jun 2022 15:16:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame F979
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6590622181990818442
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6590622181990818442
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/eecec1e /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
via
1.1 google
server
OXGW/eecec1e
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cce38b0e-ab66-411b-9921-e247b23b227b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6590622181990818442
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame F979
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGYTVrN0ZNYWdBQUZQRXVoMzY2dw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFa5k7FMagAAFPEuh366w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFa5k7FMagAAFPEuh366w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFa5k7FMagAAFPEuh366w&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFa5k7FMagAAFPEuh366w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFa5k7FMagAAFPEuh366w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:05 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFa5k7FMagAAFPEuh366w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date
Thu, 02 Jun 2022 15:16:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
async_usersync
ib.adnxs.com/ Frame 9F90 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b06d53d1-179d-4b1a-b00c-2f28b38e4c78
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 2A69
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EvnzqBZH5c5lWNqLQj2oKBGR
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EvnzqBZH5c5lWNqLQj2oKBGR
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 02 Jun 2022 15:16:02 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=EvnzqBZH5c5lWNqLQj2oKBGR
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
um
cs.emxdgt.com/ Frame 2A69 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A69
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322123174932
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322123174932
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322322123174932
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 2A69
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpjUL1tre8NDckVAtP7hBAAA%261203
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpjUL1tre8NDckVAtP7hBAAA%261203
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YpjUL1tre8NDckVAtP7hBAAA%261203
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
306
Expires
Thu, 02 Jun 2022 15:16:02 GMT
usersync
x.serverbid.com/ Frame 2A69
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6590622181990818442
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6590622181990818442
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5547d1da-47c4-4ef2-a3b5-a40cc540284b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6590622181990818442
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 2A69 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2A69
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPea39e3aa-e286-11ec-817a-0203e9286c5c
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPea39e3aa-e286-11ec-817a-0203e9286c5c
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPea39e3aa-e286-11ec-817a-0203e9286c5c
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPea39e3aa-e286-11ec-817a-0203e9286c5c
date
Thu, 02 Jun 2022 15:16:02 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B6F4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128647
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:00:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 2A69 		63 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
63f916253beec77670a259034aea61131ab34f49b2bc6891d4f1d8aa32e09ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 02 Jul 2022 15:16:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F8EF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128647
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:00:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 4065 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e52ddae1734c668d7b40b7e26cdc48a43db4d30c7157ab18844d97519ad4ca5f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 02 Jun 2022 15:16:02 GMT
etag
W/"0e4cb61fc131d63cc7b0d0af0a4e3f7ae"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 3B11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame A9C6 		980 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
570d2c3ed45e4856b4213a1312a13db1860a44c4c69d0fe0a2e7d34b3615aa97

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
980
content-type
text/html
date
Thu, 02 Jun 2022 15:16:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9997 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1d84e037222a1b453d9c1b5224ccfaff54299262d7f25502ef059b607f6826d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1583
Content-Type
text/html
Date
Thu, 02 Jun 2022 15:16:02 GMT
Dropped-Udsids
241|230|39|46|238|196|190|65
Expires
Thu, 02 Jun 2022 15:16:02 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
sync.php
pixel.rubiconproject.com/exchange/ Frame 837B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6590622181990818442
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6590622181990818442
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
449906d5-6e72-4bf4-990f-5b7b2722101d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=6590622181990818442
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=EvnzqBZH5c5lWNqLQj2oKBGR
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EvnzqBZH5c5lWNqLQj2oKBGR
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=EvnzqBZH5c5lWNqLQj2oKBGR
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 837B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Jun 2022 15:16:02 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMTcwZGFhMjEtMTI3MC00NTQ1LTk2OWQtZWI5ZTY0ZDA4N2QzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wMlQxNToxNjowMi44ODk4NTFaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMTcwZGFhMjEtMTI3MC00NTQ1LTk2OWQtZWI5ZTY0ZDA4N2QzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wMlQxNToxNjowMi44ODk4NTFaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMTcwZGFhMjEtMTI3MC00NTQ1LTk2OWQtZWI5ZTY0ZDA4N2QzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wMlQxNToxNjowMi44ODk4NTFaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1654182962585
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5124322322123174932
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5124322322123174932
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5124322322123174932
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 837B 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=ba175dff-c4d1-46ab-a47a-aaf2ee963679&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=ba175dff-c4d1-46ab-a47a-aaf2ee963679&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=ba175dff-c4d1-46ab-a47a-aaf2ee963679&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 837B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-iGvUInFE2uH6l10_5w7Jlh2L7q.FfrezLILH2d8-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-iGvUInFE2uH6l10_5w7Jlh2L7q.FfrezLILH2d8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-iGvUInFE2uH6l10_5w7Jlh2L7q.FfrezLILH2d8-~A
date
Thu, 02 Jun 2022 15:16:02 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 9D6E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
12b33ad08e44ee4fad671f0cad85bfb97960973cfe5fd50b1cc2dbeeb6f47401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:16:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14763
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Thu, 02 Jun 2022 19:22:05 GMT
dcm
s.amazon-adsystem.com/ Frame 9997
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8P8WMQZEZ5P01YSDFNZC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1Q2A7K21Q8ER5P6FCD3J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9997 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9997 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 9997 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
461886.gif
idsync.rlcdn.com/ Frame 9997 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YpjUL1tre8NDckVAtP7hBAAA%261203&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 9997
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 02 Jun 2022 15:16:02 GMT

Redirect headers

date
Thu, 02 Jun 2022 15:16:02 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
getuid
ib.adnxs.com/ Frame 9997 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 9997
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1654269362&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1654269362&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 02 Jun 2022 15:16:02 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1654269362&gdpr=1
pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 9997 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YpjUL1tre8NDckVAtP7hBAAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6590622181990818442
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6590622181990818442
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
af6f4d34-65ab-4196-9594-f96e46661d71
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=6590622181990818442
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a5ade616-c8e4-4a93-bc81-54666e9c7155&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=57345263-0eff-45fc-b51a-753f33361ea8&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=d028240a-d86a-4a30-b09e-97c0499972ff
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=d028240a-d86a-4a30-b09e-97c0499972ff
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=d028240a-d86a-4a30-b09e-97c0499972ff
Date
Thu, 02 Jun 2022 15:16:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4065
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TynGsc2b3_AbMUEFSokCxj7VCqjNB5AlFV3uwi1Q87UKroxTgBSLW1TZnGE80QBP%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a5ade616-c8e4-4a93-bc81-54666e9c7155&obuid=ENC(TynGsc2b3_AbMUEFSokCxj7VCqjNB5AlFV3uwi1Q87UKroxTgBSLW1TZnGE80QBP)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
8.43.72.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

Location
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
Date
Thu, 02 Jun 2022 15:16:03 GMT
X-TraceId
2b4c02a8aebc5017e7676525ba32ee6c
Content-Length
0
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=206587a4-c20f-0053-29cc-7ddb36c00a4d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=206587a4-c20f-0053-29cc-7ddb36c00a4d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=206587a4-c20f-0053-29cc-7ddb36c00a4d
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 4065
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-702f5e18-786a-46b9-743c-53964b2e8e95$ip$217.64.151.8
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-702f5e18-786a-46b9-743c-53964b2e8e95$ip$217.64.151.8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:03 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-702f5e18-786a-46b9-743c-53964b2e8e95$ip$217.64.151.8
Date
Thu, 02 Jun 2022 15:16:03 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 4065
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-fm2ECEpE2pd7ER._Zx1VroTKbxST1LhtyLBL~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-fm2ECEpE2pd7ER._Zx1VroTKbxST1LhtyLBL~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 02 Jun 2022 15:16:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-fm2ECEpE2pd7ER._Zx1VroTKbxST1LhtyLBL~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ea8ff2e1-e286-11ec-9fcb-cf1fa735f99f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ea8ff2e1-e286-11ec-9fcb-cf1fa735f99f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ea8ff2e1-e286-11ec-9fcb-cf1fa735f99f
Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
ea8ff2e2-e286-11ec-9fcb-cf1fa735f99f
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 02 Jun 2022 15:16:02 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
581500385
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 4065 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 4065
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a5ade616-c8e4-4a93-bc81-54666e9c7155&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=IFT7Dv0xtMsEAoQijHOl&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SKGKQ3UI5RQPB2E242FIFXVC2LKJBHWYJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=IFT7Dv0xtMsEAoQijHOl&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=IFT7Dv0xtMsEAoQijHOl&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:03 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=IFT7Dv0xtMsEAoQijHOl&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=5f9a1a8c-6736-43b7-8e5b-e1eb5d79367c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=5f9a1a8c-6736-43b7-8e5b-e1eb5d79367c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=5f9a1a8c-6736-43b7-8e5b-e1eb5d79367c
date
Thu, 02 Jun 2022 15:16:02 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1654182962689
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=BXacHEXaaUej&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=BXacHEXaaUej&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=BXacHEXaaUej&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8665795bf5-b8lj2
expires
-1
usersync
usersync.gumgum.com/ Frame 4065
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6271143330456433706
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6271143330456433706
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6271143330456433706
date
Thu, 02 Jun 2022 15:16:02 GMT
content-length
0
sync
ads.servenobid.com/ Frame 4065 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_a5ade616-c8e4-4a93-bc81-54666e9c7155
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame B83B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Jun 2022 15:16:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 02 Jun 2022 15:16:02 GMT
Expires
Thu, 02 Jun 2022 15:16:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master cdg-pixel-x33 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 8054
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YpjULQAAAEYBLwNx&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YpjULQAAAEYBLwNx&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Jun 2022 15:16:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 02 Jun 2022 15:16:02 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YpjULQAAAEYBLwNx&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4036-HHN
x-timer
S1654182963.727166,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 1A2B 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hNWFkZTYxNi1jOGU0LTRhOTMtYmM4MS01NDY2NmU5YzcxNTU=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 15:16:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D56B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128647
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 02 Jun 2022 15:16:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 04 Jun 2022 03:00:09 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2320 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 02 Jun 2022 15:16:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 68C5
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=6590622181990818442&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
  • https://usersync.gumgum.com/usersync?b=emx&uid=6590622181990818442brt16931654182962700269f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&uid=6590622181990818442brt16931654182962700269f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 02 Jun 2022 15:16:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Thu, 02 Jun 2022 15:16:02 GMT
location
https://usersync.gumgum.com/usersync?b=emx&uid=6590622181990818442brt16931654182962700269f1
usersync
rtb.gumgum.com/ Frame 57B5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YpjUM8Co8XwAALShMHcAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YpjUM8Co8XwAALShMHcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 02 Jun 2022 15:16:03 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 02 Jun 2022 15:16:03 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YpjUM8Co8XwAALShMHcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
41
X-SO-HostName
a-ad40034.dc2p.scaleout.jp
X-SO-IP
217.64.151.8
X-SO-Key
YpjUM8Co8XwAALShMHcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":41,"gdpr":true,"ipv4":"0.0.0.0","key":"YpjUM8Co8XwAALShMHcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40034"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40034
usersync
rtb.gumgum.com/ Frame 34E3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=Rrc4yU1NoOEUXxTzwKrL&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=Rrc4yU1NoOEUXxTzwKrL&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 02 Jun 2022 15:16:02 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 02 Jun 2022 15:16:02 GMT Thu, 02 Jun 2022 15:16:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=Rrc4yU1NoOEUXxTzwKrL&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D367
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jun 2022 15:16:02 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 02 Jun 2022 15:16:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame A9C6 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6271143330456433706&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.150.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-150-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame A9C6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3420420966598526733&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3420420966598526733&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
nginx
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3420420966598526733&gdpr=0&gdpr_consent=
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame A9C6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 02 Jun 2022 15:16:02 GMT
Server
MT3 4419 e1034d5 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=57356298-d430-4800-b152-8fcd46d5256f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 02 Jun 2022 15:16:01 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A9C6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e7a4ff15-61ff-4a7f-ab69-1dc04192a48b&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e7a4ff15-61ff-4a7f-ab69-1dc04192a48b&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:01 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e7a4ff15-61ff-4a7f-ab69-1dc04192a48b&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1564553
content-length
0
expires
Thu, 02 Jun 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A9C6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=XXrTk1qW6goc&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=XXrTk1qW6goc&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:03 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=XXrTk1qW6goc&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8665795bf5-ccdn9
expires
-1
usync.js
eus.rubiconproject.com/ Frame D367 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
12b33ad08e44ee4fad671f0cad85bfb97960973cfe5fd50b1cc2dbeeb6f47401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 15:16:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14763
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Thu, 02 Jun 2022 19:22:05 GMT
v1
ads.yahoo.com/cms/ Frame 9D6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3X5TM3J-19-AP1F&sigv=1&esig=2~8207bf3afbc487f80a4eb7720d0db83e024dd849&gdpr=0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3X5TM3J-19-AP1F&sigv=1&esig=2~8207bf3afbc487f80a4eb7720d0db83e024dd849&gdpr=0
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3X5TM3J-19-AP1F&sigv=1&esig=2~8207bf3afbc487f80a4eb7720d0db83e024dd849&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9D6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3X5TM3J-19-AP1F&gdpr=0
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3X5TM3J-19-AP1F&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 15:16:02 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A1E1A73B5FDD431A94E9DCEF32559E82 Ref B: FRAEDGE1311 Ref C: 2022-06-02T15:16:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgeHvm0L2b50e76um+/Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3X5TM3J-19-AP1F&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9D6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE5NmQ1ODc3MzhlNDY5YmQ1Y2JkMDQyYmE1OGRkYTBlNThkYmMzZQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE5NmQ1ODc3MzhlNDY5YmQ1Y2JkMDQyYmE1OGRkYTBlNThkYmMzZQ&gdpr=0
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmE5NmQ1ODc3MzhlNDY5YmQ1Y2JkMDQyYmE1OGRkYTBlNThkYmMzZQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9D6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYNVRNM0otMTktQVAxRg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYNVRNM0otMTktQVAxRg==&gdpr=0
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYNVRNM0otMTktQVAxRg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9D6E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGq5HRNjS-PDnQZKj1HBtzs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGq5HRNjS-PDnQZKj1HBtzs&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 02 Jun 2022 15:16:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGq5HRNjS-PDnQZKj1HBtzs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9D6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4vdZa8MMyJ8Zy5-3XR4h4cn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1638376238919931163
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1638376238919931163
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Thu, 02 Jun 2022 15:16:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1638376238919931163
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 9D6E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ui42yymWTNWqIBim7VEplQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ui42yymWTNWqIBim7VEplQ&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ui42yymWTNWqIBim7VEplQ&gdpr=0
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ACMZ289T88BTSB5918AK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ui42yymWTNWqIBim7VEplQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 9D6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
sync.php
pixel.rubiconproject.com/exchange/ Frame D367 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L3X5TM3J-19-AP1F
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame 9F90 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Jun 2022 15:16:03 GMT
X-Proxy-Origin
217.64.151.8; 217.64.151.8; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
96c8ef7e-fe62-46a6-a69c-0593c18fb631
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
st
capi-tier-2-us-east-2.connatix.com/tr/ Frame FAF1 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/st?v=164828
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.40.180 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-40-180.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 02 Jun 2022 15:16:03 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/ Frame FAF1 		593 KB
593 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/63aa0787-c556-4ea8-bcb5-5566ae73a28e/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/164828/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9af2643aa113eec733277e762c6db388261316b5073be3bf04fca9560ec6e76f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=1220827-1827782

Response headers

date
Thu, 02 Jun 2022 15:16:07 GMT
last-modified
Tue, 18 May 2021 20:37:10 GMT
age
92698
etag
"54db197ffab91dbff3d916a960357185"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1220827-1827782/5157094
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
606956

Verdicts & Comments Add Verdict or Comment

436 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| gform string| gAMP_urlhost string| gAMP_urlpath string| gAMP_urlquery string| gAMP_contentid string| gAMP_category string| gAMP_contenttags number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad300x250ATF object| ad300x250ATF2 object| ad728x90ATFTAB object| ad728x90STICKY object| ad300x250ATFTAB object| ad300x250ATF2TAB object| ad320x50ATF object| ad300x250ATFM object| ad300x250ATF2M object| ad2x2skin object| adGoogleAdXInterstitial number| gBrowserWidth object| desktopAdUnits object| tabletAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount function| _0x2484c2 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| googletag object| pbjs function| _0x47b6 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| _0x4815 function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| $ function| jQuery function| _extends function| _typeof function| LazyLoad object| gdprDynamicStrings object| gdprStrings object| kss object| sNew object| s0 object| dataLayer boolean| jQueryMigrateHelperHasSentDowngrade function| __uspapi function| __uspOpenUI object| H4i85n2 function| H4i85n3 object| xop object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| mnjs string| nobidVersion object| nobid object| cnx_usr_storage object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __twttrll object| twttr object| __twttr object| MZ1D6o2 function| MZ1D6o3 function| xblocker boolean| apstagLOADED object| google_tag_manager function| postscribe object| google_tag_manager_external object| Op4AIm function| Op4AIf function| xblacklist boolean| creativeVendorLibraryLoaded object| kasperskyDynamicaReCaptchaData object| jQuery112408252096709104699 object| kaspersky object| prmOm object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackLRCFallback function| trackMaxymiser function| trackAuditories function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackPageViewOnLoad function| trackPartnerLocatorSearchEvent function| trackProductView function| trackRegistration function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetBusinessType function| omGetGoogleAnalyticsClientId function| omGetHostName function| omGetOrigin function| omGetPageNameFromPath function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omPushEventToDataLayer function| omCreateEventParamsObj function| omPushTrackingObjectToDataLayer function| omPrepareProductsString function| omHandleClick function| omHandleMessage function| e object| sng object| s object| visitorConfigObj function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in object| _uxa number| s_objectID number| s_giq object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| gform_i18n object| gf_global object| gf_legacy_multi object| gf_legacy undefined| google_measure_js_timing string| GoogleAnalyticsObject function| ga object| _qevents function| twq function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| Placeholders object| gf_form_conditional_logic string| gf_number_format function| do_callback function| gtag object| recaptcha object| PublisherCommonId object| ID5 function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData object| player_instance_3a5159a732ab4a44b39b5b76c58ebaa1 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| onYouTubeIframeAPIReady function| cnxProxyTask number| google_global_correlator object| sas object| apntag object| _ADAGIO object| closure_lm_414363 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| main_loc object| in_domain object| locale_out undefined| url_path_start_latam undefined| locale_out_latam string| firstPart undefined| locale object| url_path_start undefined| domain_loc function| getSelector function| getLargestLayoutShiftEntry function| getLargestLayoutShiftSource function| wasFIDBeforeDCL function| getDebugInfo function| getRating function| calculateRating function| sendToDataLayer function| SetCookie string| newCookieValue string| _linkedin_data_partner_id object| GoogleGcLKhOms boolean| DFPSFMessageEnabled object| ONFOCUS object| ampInaboxIframes object| ampInaboxPendingMessages function| lintrk boolean| _already_called_lintrk object| webVitals object| s_i_kaspersky-single-suite object| google_image_requests function| cnxAddEventListener

107 Cookies

Domain/Path Name / Value
.threatpost.com/ Name: _cs_mk
Value: 0.5549567227859533_1654182956350
threatpost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.threatpost.com/ Name: _gid
Value: GA1.2.130631136.1654182957
.threatpost.com/ Name: _gat_UA-35676203-21
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: EvnzqBZH5c5lWNqLQj2oKBGR
.rubiconproject.com/ Name: khaos
Value: L3X5TM3J-19-AP1F
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB21sCtnzqt23zpcd3HBZZ775PzI6EyVJjnj+CQiMALPWfnp3z9w/mApb05ecXDiI+jhlI2uKWkDtsxuhZpbWKLtINWY3Pa16NE=
.openx.net/ Name: i
Value: 04f41c8d-439d-07f2-1461-a5de9ab738f6|1654182956
.twitter.com/ Name: personalization_id
Value: "v1_h/LgHn6UJToJim4YiDeiqg=="
.quantserve.com/ Name: mc
Value: 6298d42c-c0a61-9f3ef-23b87
.adnxs.com/ Name: uuid2
Value: 6590622181990818442
.serverbid.com/ Name: CONSUMABLEID
Value: 8ef70b950ccb47e4b70b950ccb87e413
.threatpost.com/ Name: __qca
Value: P0-1818193637-1654182956770
.demdex.net/ Name: demdex
Value: 87873501908330934513327221415360141467
.t.co/ Name: muc_ads
Value: bd8c6f5c-82d4-4abd-945d-95a77c9b1e51
.threatpost.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YpjULQAAAEYBLwNx
.threatpost.com/ Name: _pubcid
Value: 44fa0481-5e9b-4a80-8684-6494c4eb7947
threatpost.com/ Name: usprivacy
Value: 1---
prebid.a-mo.net/ Name: __amc
Value: 2_1654182956_1654182957
.dpm.demdex.net/ Name: dpm
Value: 87873501908330934513327221415360141467
.adnxs.com/ Name: icu
Value: ChgIzLJhEAoYAiACKAIwrajjlAY4AkACSAIQrajjlAYYAQ..
.threatpost.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19146%7CMCMID%7C86221655327043023532339144544638514881%7CMCAAMLH-1654787757%7C6%7CMCAAMB-1654787757%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1654190157s%7CNONE%7CMCSYNCSOP%7C411-19153%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.threatpost.com/ Name: _gat_UA-63997723-2
Value: 1
threatpost.com/ Name: CookieConsent
Value: {stamp:831347978=='|Cnecessary:true|Cpreferences:true|Cstatistics:true|Cmarketing:true|Cver:1|Cutc:396560023|Cregion:'not_gdpr'}
.threatpost.com/ Name: _gcl_au
Value: 1.1.1008390368.1654182958
.threatpost.com/ Name: __gads
Value: ID=0b552d04722304c0-22314dd2a5cd0095:T=1654182957:S=ALNI_MYQUkhSI59_xUhsf0cnsBzeuKuDkw
.doubleclick.net/ Name: IDE
Value: AHWqTUla8HZFt0MiA_jdoCNqIG_SJ1v-ib3ylVZnfGsh0uAbBeisAuF-ybRf4mmOh-0
.threatpost.com/ Name: _ga_YP1JLG57CH
Value: GS1.1.1654182957.1.0.1654182957.0
.threatpost.com/ Name: _ga
Value: GA1.1.680018976.1654182957
.linkedin.com/ Name: UserMatchHistory
Value: AQJLL96vB1zyBAAAAYEk_NO7WKkuk2ryzrTst1D7on0bJDWatQisWN6c8blezIp_1zi1WSWkzLqsZA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLA69DtO4GB-wAAAYEk_NO7zKRtD3Jhf5CcYxNpQVxFhbpgtpSbZicechSTne-wO6xwSDmT77qW6uEmfXg5hg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&485a4f90-9a3b-4e4a-8df4-5885f3ad9a7f"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2637:u=1:x=1:i=1654182958:t=1654269358:v=2:sig=AQG7AAk_6wxSFMOAmg_iRDlm3TZFVb59"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202206021515589dbf31b5-d32d-4c70-851e-ea12081bb48fAQGi2Pj-WTEmT54gyBZkS526GKadmP8w"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTQxODI5NTg7MjswMjFnrxPspxS1omdOhCxIvjLP8U+t1yOH1UpHyzRcKGvczw==
.threatpost.com/ Name: s_cc
Value: true
.casalemedia.com/ Name: CMID
Value: YpjUL1tre8NDckVAtP7hBAAA
.casalemedia.com/ Name: CMPS
Value: 5202
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?ldUkDl!]tbPl1M>e)ZlrFUfJ+tGXxp)LYw%BV?XX:@/'QRCaT^eYWlyk^NFzPS2O6V3If)y3KL9D3I?+J`mbsd
.casalemedia.com/ Name: CMPRO
Value: 1203
.quantserve.com/ Name: d
Value: EIgBDAGkJoqsMA
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 57356298-d430-4800-b152-8fcd46d5256f
.adform.net/ Name: uid
Value: 3420420966598526733
.threatpost.com/ Name: cto_bundle
Value: g1Z3EV9ReGQzQk9XQ1NtZmtlQWtiNHoxaTdiUGVrVjZXNjAlMkIxb3ZuZWZMYTRobCUyRmhWQ3duMEQlMkJtMTN6JTJGU09yd3BYOHhVdGdpT2pmWllENGpRUUhSY1k3c0todktNSTVlWDVBR0RyRFNRUzV4VkQ5JTJCalF2SUNlRVljMEtLMlJsNFUwa2M
.threatpost.com/ Name: cto_bidid
Value: hNJ5pV9HNldpNGptMENLbUpOUWV1Q3o5alU4T3YwMXd0NVdkRFNxaUhOaWw1dkNqQnpqMkNoZEVZeHJpNnllY2NMZ3FGeU1WdEVNeSUyRjNEa1lycExyeVViYUF3JTNEJTNE
.openx.net/ Name: pd
Value: v2|1654182960.2|kiiygevNgun0.gqsLommOnsgi
.advertising.com/ Name: APID
Value: UPea39e3aa-e286-11ec-817a-0203e9286c5c
.w55c.net/ Name: wfivefivec
Value: U7hxzFLq1NWMym5
.yahoo.com/ Name: A3
Value: d=AQABBDLUmGICEH-LQYizhblr7z80s98HWIcFEgEBAQElmmKiYgAAAAAA_eMAAA&S=AQAAAg9OJ1QS4QiC3yqbbsfhdII
.w55c.net/ Name: matchopenx
Value: 5
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MjE2MgIiQyNjQ3MTS2MjIT5D3fQsdzdDc8vKgNzECgCjDf-2JQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MjE2MgIiQyNjQ3MTS2MjIT5D3fQsdzdDc8vKgNzECgCjDf-2JQAAAA
.casalemedia.com/ Name: CMST
Value: YpjUL2KY1DIA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOsS5zU0MzUxtDCyNDMysTQ5hcw3NTEHAL_gw0sgAAAA
.casalemedia.com/ Name: CMRUM3
Value: e66298d4322760&416298d43205a0&ee6298d4322760&be6298d43205a0&2d6298d42f2760CAESEPz1VsbIkBsCKQ_RtNAparI&2e6298d43205a0&f16298d43205a0&c46298d43205a0&276298d4320b40
.bidswitch.net/ Name: tuuid
Value: d028240a-d86a-4a30-b09e-97c0499972ff
.bidswitch.net/ Name: c
Value: 1654182962
.bidswitch.net/ Name: tuuid_lu
Value: 1654182962
.bidr.io/ Name: bito
Value: AAFa5k7FMagAAFPEuh366w
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 6590622181990818442
.servenobid.com/ Name: pid_324
Value: 5124322322123174932
.analytics.yahoo.com/ Name: IDSYNC
Value: 17ot~258f
.servenobid.com/ Name: pid_333
Value: YpjUL1tre8NDckVAtP7hBAAABLMAAAIB
.rqtrk.eu/ Name: browser_id
Value: 1:e3b38ddd-8ca3-45b1-8c28-2ac2aa782b19
.servenobid.com/ Name: pid_310
Value: EvnzqBZH5c5lWNqLQj2oKBGR
.servenobid.com/ Name: pid_321
Value: OPTOUT
.a-mo.net/ Name: amuid2
Value: ba175dff-c4d1-46ab-a47a-aaf2ee963679
.prebid.a-mo.net/ Name: sd_amuid2
Value: ba175dff-c4d1-46ab-a47a-aaf2ee963679
.servenobid.com/ Name: pid_337
Value: y-iGvUInFE2uH6l10_5w7Jlh2L7q.FfrezLILH2d8-~A
.gumgum.com/ Name: vst
Value: e_a5ade616-c8e4-4a93-bc81-54666e9c7155
.servenobid.com/ Name: pid_327
Value: ba175dff-c4d1-46ab-a47a-aaf2ee963679
.smartadserver.com/ Name: pid
Value: 6271143330456433706
.emxdgt.com/ Name: euid
Value: 16931654182962700269f1
.servenobid.com/ Name: pid_309
Value: e_a5ade616-c8e4-4a93-bc81-54666e9c7155
.emxdgt.com/ Name: eapn_id
Value: 6590622181990818442
.creativecdn.com/ Name: u
Value: Rrc4yU1NoOEUXxTzwKrL
.creativecdn.com/ Name: ts
Value: 1654182962
.servenobid.com/ Name: pid_317
Value: 6271143330456433706
.360yield.com/ Name: tuuid
Value: 5f9a1a8c-6736-43b7-8e5b-e1eb5d79367c
.360yield.com/ Name: tuuid_lu
Value: 1654182962
.criteo.com/ Name: uid
Value: e7a4ff15-61ff-4a7f-ab69-1dc04192a48b
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiMTcwZGFhMjEtMTI3MC00NTQ1LTk2OWQtZWI5ZTY0ZDA4N2QzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wMlQxNToxNjowMi44ODk4NTFaIn0=
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiMTcwZGFhMjEtMTI3MC00NTQ1LTk2OWQtZWI5ZTY0ZDA4N2QzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0wMlQxNToxNjowMi44ODk4NTFaIn0=
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.sportradarserving.com/ Name: zuuid
Value: 57345263-0eff-45fc-b51a-753f33361ea8
.sportradarserving.com/ Name: c
Value: 1654182963
.sportradarserving.com/ Name: zuuid_lu
Value: 1654182963
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1654182963
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-702f5e18-786a-46b9-743c-53964b2e8e95.XfBlcArIgYEci%2BMxvJQV0hsZEkIe7sfhiBeVtgRR9wo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcC9eGHhqRrl0PFOWSy6OldlAlwg.SMk0xwKjqavEalUFJv%2BdsO%2BYtmRr2dKd5fxI7B%2Bo4j4
.outbrain.com/ Name: obuid
Value: 77598614-178f-4080-a26b-0d090b539bb4
.ipredictive.com/ Name: cu
Value: ea8ff2e1-e286-11ec-9fcb-cf1fa735f99f|1654182963044
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2e959c7cac778bfc
.zemanta.com/ Name: zuid
Value: IFT7Dv0xtMsEAoQijHOl
.smartadserver.com/ Name: csync
Value: 79:e7a4ff15-61ff-4a7f-ab69-1dc04192a48b|92:XXrTk1qW6goc
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFa5k7FMagAAFPEuh366w
.pubmatic.com/ Name: PugT
Value: 1654182962
.amazon-adsystem.com/ Name: ad-id
Value: A8zRKijfEkteiwxUAshKcc0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

15 Console Messages

Source Level URL
Text
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YpjUL1tre8NDckVAtP7hBAAA%261203&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31d8c8a3a5caf2a52a6354a041b33f5b.safeframe.googlesyndication.com
9582686.fls.doubleclick.net
a.sportradarserving.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.id5-sync.com
cdn.syndication.twimg.com
cds.connatix.com
ce.lijit.com
click.email.sans.org
cm.everesttech.net
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.ipify.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
kasperskycontenthub.com
lit.connatix.com
maps.googleapis.com
maps.gstatic.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.kaspersky.com
media.threatpost.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pbs.twimg.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pl.connatix.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
px4.ads.linkedin.com
qd.admetricspro.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.d3sv.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
syndication.twitter.com
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
threatpost.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
x.serverbid.com
x.yieldlift.com
104.244.42.136
104.244.42.3
104.244.42.5
104.36.113.107
104.89.28.165
104.89.31.187
104.92.100.195
108.156.255.76
124.146.215.47
129.159.70.95
13.107.43.14
13.248.245.213
13.36.218.177
135.125.160.160
136.147.189.155
141.95.98.68
142.250.184.226
142.250.185.98
142.250.186.162
143.204.98.119
143.204.98.77
145.40.89.200
151.101.1.108
151.101.130.137
151.101.194.49
151.101.66.137
151.139.128.11
159.89.246.130
169.197.150.8
178.162.133.149
178.250.0.157
178.250.0.163
18.118.40.180
18.156.195.47
18.158.112.46
18.195.155.181
18.195.158.152
18.203.97.155
185.184.8.90
185.29.134.244
185.33.220.243
185.33.221.13
185.85.15.31
185.86.137.133
185.86.139.102
193.0.160.128
198.148.27.139
199.232.136.159
199.232.188.157
204.237.133.116
209.54.180.3
213.19.147.42
213.19.147.45
216.52.2.39
216.58.212.166
23.205.235.133
23.35.236.201
23.35.236.247
23.75.240.210
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
2600:9000:2156:b000:0:5c46:4f40:93a1
2600:9000:2315:1a00:6:44e3:f8c0:93a1
2602:803:c004:200::141
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:8a9
2606:4700:3030::ac43:cf70
2606:4700::6810:7caf
2606:4700::6812:372
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:40::45
2a00:1288:80:807::2
2a00:1450:4001:801::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:830::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c04::9c
2a00:1450:4014:80e::2002
2a02:2638::1c
2a02:26f0:f7::5c7b:e053
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:147f:2b65:e703:1f4
3.122.174.248
3.123.176.236
3.126.56.137
34.241.232.111
34.247.233.198
34.98.64.218
35.157.154.128
35.173.160.135
35.186.253.211
35.244.174.68
37.157.6.248
46.105.202.126
51.75.146.161
51.89.9.253
52.209.163.249
52.210.150.207
52.212.178.2
52.215.230.177
52.223.40.198
54.159.94.231
54.163.96.140
54.85.65.24
54.93.146.241
63.32.153.188
64.140.160.2
64.202.112.127
64.74.236.63
69.173.144.138
69.173.144.165
69.192.160.219
72.251.249.13
8.43.72.97
033712b3500fbccc6b3f2f67276f7d7755ed6e0cb5c58edaaf1ea009f410449d
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
05fadc95abf954b340b41f141d1270cbd435628929b030fc90d88a9c9ddd6b70
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
08ef1b0d0a5b28f6b46bf1ead021b06c3dbcae98046af12205b4d7d478d743d2
09bc4d37995ae9ef321e36d5293c560dd2eed3502542cc9ae72a73635580712b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d42e5744f7a5f11cae8c368423c220f85d0a3144eaa07c6eb1b92b09f90a074
0de5867fb96beb7a6df6147dea8d8f921d522b0822b0bdc46ac1af2277d3215c
0e486ee245b144281b83d788a30ec4f7e0b52db75e2a38c37f6f7abe14fc6835
0f216211e9ae3703e08d829cec849bf516ac6ac4061550c9e277273d1d5ddfee
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b33ad08e44ee4fad671f0cad85bfb97960973cfe5fd50b1cc2dbeeb6f47401
13222d7e031dd6e9742f31fafa28ee134de4566efee24d89765db069328fa6e5
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
16ca45e9a38c42142fbc03ffa80fbe527bada23ea3f736cc682f1364e9938d34
1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
181b6c641954125bf070c25373c53dcfa9c1e7e2dd1fd9c980378174e8977902
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1bca030c2de830e9ea754dc7a1283f17d052cad26811aab5089cc91af01f929c
1c5eb02e931ad044d1436aa973fbf6a980286cfb4e3b6f4c40c202b5640429da
1cfe7e7b5af3c45e57e1729a0f2e233406361df9e2a9cd7cb05dce037475e617
1e3a3b27abe7e8538a98431bb7c684eb6d19248ac87d6189ac8d34c80b217772
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1eedcfe0071f501ad0ccb2475b59af051129daec37cf248b6bc2e0ccddbcc4e0
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
23c1b3731a4da233eeb5da31ab7ff79db7ed926be359400352deabc436969361
24f20b6bf5c1f7027a61ac82591807cfbe1732ea163634a4979d4a6b6a0b6ffd
25f8a67a6dfb75916a6439d9f11924f77b849ee6ce42fc39841087b9baa8c5f6
2601819d7387eaa39cdce9df2aac15559572e9974bfe2d83bfb89b5873cf638a
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2dd03edf39ceb2293a5942ee1925932d1efc47ac74080ca2e2ddd0fd2d35741c
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2fe4d76fad9097c2337080e896fb869dd6ad6d90af3227c964b5f58a6079814a
304e71cc93e58b174e2323be26684931e487b3c09601030ace6781c4401f75d7
318f35760cdde89fc86bd6de9db82a6d326dc05700ea5e181e4d26be6e487c97
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3307268982e18bae27fb0691dea184c6a6ce845db0f6ce1f41ca63e948dde8a6
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3cbfb7376243bd399bfbcf162e03c33fb1f98489b931a9bacb77c89df5fa84df
3d03fc0d3e3ed8f5a95358db135956d2864385634638bf3c23798cb31e910d4c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40bc6611538ba185c6f27cfa57cadea21bd0580203fb864ac272dd275d23641d
41c8c9f34538c48ae2070835c63e4891c488abbfc663e386ef7805915be4c6fb
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4432ec19c12bc38f683d054e2457c5b492c81c2ae4492350d84908bf93e1db2f
446c258df29e7bfe500cf5dae218d77161a6d22926b5c03621293c0bf420717b
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
464753a7747c8fac7f552b74a3dd69151baa9fe71edad36290476fee62bba679
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
4892b885b03270be962024837c832f99411424f0bc7618c022ec29507658f67a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8ed41cfb4461d676b09465d8cc00d0e8c437c7ca24e1723acd4d4c6354cf9a
4abc7225008099bf28371a7ec52dc31061a91d90297a1b7a461abd3197e2bc68
4b297de379c8bb71a89e1ac546e383523f34ff536cf69ac8aaac601d64461175
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca8e1c1bdee1b954be0d8fd9c8aabbccee5acf8c355af96b4bcbbb5c7ced8cf
4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0b5563ff1fc5175d65e11e1546bee1945486d65d76c9248bdd77487532dadf
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
522ecd3d4f574f4335281081176e17cadec9e639010723b132dd52a00c330aee
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
52c19e156be623c2b03edbf619561b9ce54fef7186e33dc7152bb17b7cc2f1ec
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
53b54850180a898189aefbf64f7227472990e98265875574b99ce0cc8a4a2a68
53c3f76a235a068d4755be5eeba79712c30871b5907fc6597a5e55485db61727
546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3
5559e9a49423efccb952585fbc32b19e3d09b36ad926a8816af579253ffcdf7d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570d2c3ed45e4856b4213a1312a13db1860a44c4c69d0fe0a2e7d34b3615aa97
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5be3d6c3662df315e355c8dc8306158d14aa3480c6a4e0df7029f5cfab7aaeaf
5e794d4a1df5f1c1035c15d1f24e115f9fdab9be376f12754239b981f61bf887
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
6071600aa19773525efd4442285dd47099627b02e78b66c993ba4fcef3a74a7d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
637a769769a1d3b60ea54551859e9d75313267cb80c0810044abce176f4e6884
63f916253beec77670a259034aea61131ab34f49b2bc6891d4f1d8aa32e09ae2
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
66399d31f4ea54e4110215477ebf95237a071ee0ab56b0cff98dd22f2b71f9f6
66448cea230bdf30478fe18f2af9aacace411d05833b43424cf962b1457968f0
6889892c2e822b05bd24b0c0f04f6765f47cd5f1866d2f765eff9f0f9be20f44
68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
695062f732a37600c550c62e7461a4ee20b5ed8d8102e2e253e554a2b7a82569
69f0ade8cca67112ef495f707fb73c68fd5099a6cd9c51d9ba9ceda8dcca16f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dcc9bf410ab7f48320489036917c1bb759a0c64495e3fbecf1087ed3b73bdbf
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03
704cf19dd688b0b00c19faf54b2ebb8833de2ec463e1a93c1aabd45d3974d91f
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72
7263a6be197019805788012930ed99d8c55d3cca8abde09ddec538427c009a63
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
735f1abaa77b0fb510261c9e7aa05ad695af92b888f85b6604f44d8653ce79dd
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
7512a06a402970f17f9f475450ee30c338f344003fb5da802de313adc9a22d8e
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
75c0e0ea9be34d4a8e241025a05520108af17a87cba15af9ad61c9c9d633877d
7710b2e35e91afa78dfa322c1787d6568a9138ed4a1e95d98d5cef3b06f5a9fb
77c1e0e24b999319be4b1e68db67a97a691ab94817084b10a4ff63e7422d6e3b
79e2cbb1056876c6c5682a2b9da270046d02ab530b32a4f7538c4bf9a93408da
7a3fcd53b20a6fdf183b0340f596a6431a280459adb871f43e617cecd5d57681
7a4645fb7bd66c6fa3088677ee1a517deea83df27006a147e3dcd64387761ba1
7a7d52ae7310201217753c1605c82c94ea63a6d4d4813b9cf92a97dce2495395
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7dd508a9c9f4c60f90ccdcb108403958f804cc40b0d062809f14a4628d05480f
7f56f0076a0b9d476c370c56306047595d6a2056a4cab70197d11f7acb594242
7f8e26c6e3747211b9e868590efacffe3e5fda8c33df14ea69aeb09b0270064c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
86ff8d7a6904d38dfb6c6483bd6604d172e31d4430754b713043a73d930b4476
88f32177cfbcc059ccbb2adbf55ce792cec33cefa20e2666b7fde1ae5b3aedec
8993847fc5ab8598921a6022687d68c0efd65ba5e26f8b970ad2b83466edce8f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6
89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d87354329b416c27dbedce735e80b54eab3e3050a12df9cfb94a6d384d0544e
8e17043a652f5f8819c5be73850d2b2e9c40a77ad23ee2f951fe1b48c22a740c
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
9035732dd9e89d497fef48955eddf8fa0a054483da917b0ad08fbc4188561ee1
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
931750573d4728b1437a7a6769a62596c3f1f011554e2e3f401c7dfd9fb18d16
931dc539e87db7f509be9c77dfcc9b2baee0b91e5236aa04580ab14ed81e2cc0
9413c6849c58c75e5b6dd97574a052413890e40821049a04d0ddfd22b4ce4f2e
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
964faa03970d67756ea2522d6ea6ae4dbd0aba7f5c5baa0deaa9ba8e22059f79
969110a06a8d583a36ad6d784878494dce9fe6f36bd196f75aab597cc67ae729
96999fc4af4552d8407bf2c8b8dc7cb4cd55f56855bef2ae4d5e2e2eba654f32
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173
9af2643aa113eec733277e762c6db388261316b5073be3bf04fca9560ec6e76f
9c02e3add7b3e4c9023eb7395d7a6de8b9447d081ebb5721b7e43e3a8b9eeb18
9f34f348e10c2555387f62027234e86082aac7845e2f97727c9da301ffb736b9
9f658cc149158605316d16326365d5659a46ff599d4e805e4bfd942b1344df0b
9f96ddd77a2833656cbc3c7f577fb5dd570444c7e284e4f5e091a5b65ac78a79
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12948ecc0e00590c1405f032f6d834e6a064bcd86b91617ffefd17a14074b1a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2787e303b11b7bee58f89cf88397dae91631bdae15ec6839602dea000ff714d
a2a1df46bf3ce0a1a75cf6d24bf8881b30fa34d1ab2833f90c07366823cbd094
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a654478ab569465e3dfcc8df6297059a88a251514fd0c05636c37648be9af998
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
ab1bd46ea15592bef2c5e2e2bfb90bbe7fb748a039acae35621f707e74e26b34
ab771eb985f45a8bfe440a81a5824bf52ba5e4a68f84afa901cff7e70fa183dc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
aed74ca5263f835a96dd0e79a8cb9ab61f5b52bbf136dfc51498771a8b6baef7
aff26c2f3864a04ba6f021451c4b4102bf7fc57a4b09e24d9d621112c2fa5230
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b03b8df2be0a2271266314601e9e1265d2db4cff98ba50bd414204748af6a5f2
b117eb2dc1253f579e1169b3c31e462fc99ac325bce087c16779355a8506dcf9
b13fb4f8d917550921299c7658ca8414a6597b856072a9b2bbe37bf491e12032
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b3950b63e77083f8f0766111b4bb57b739d6acbbc9cafc617be50381d1de9954
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b59bd74609ebd48bd8515935e60c5285088e5b90406282122613531d84dce9df
b7804e8db834a6389e3467be54923d505f1a28c87e6b22e21cca956a60725be5
b7cb1f60a7904347f454c8f41e18206d48d636574c61719e53184f254deb1353
b941c932bbcd72f6e48f5a85e40fc593b8e52341c54f7eede52bc1627781f579
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f
bd08180ec011a2cc6a193103b8279709370cedabcafe9ea5a7dd4a6ff23541d5
bd5932fe5db379e35cbe77fac5f4def975eb264dcb4bbcfd5ddf904b7c76595e
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1d84e037222a1b453d9c1b5224ccfaff54299262d7f25502ef059b607f6826d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d9b7670c98bbd7bdfd1f095b862a3d545e08d7146cee81bec0fba86093a0ef
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8ca9a5cffd88a2953176dbfd62d95bfe867769d35e8642bbf44fe3d4f889d8b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb3bc71ff0c9c45292889bf315b9ac37fcd416aca661d868dfcc6bfb9b653936
cbd13ef8e15fe3a2864b71c31c00edf5c3bbf0bff120febfdc53ff1593395cdb
cf28d607015e08d3fadb6da1ac9b0f8dcd850edfdfd26ee904e249305ed1b4fb
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4c4215f41a4bb6f12e0d100854eecc6bc5c57ef23af0e945b8359d7727ae94e
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d7763f0e920264d381ada9c9b74e3073a852ba573a967c2d58c181ddd0693fe3
d8e2a4bd0ecfc5c0bd3ecf60e02f3235cc179f14bdd1aa1e79a45ac2f7280576
d92a11899a5768511f0431479d50a6fbabd9aa93099c062bc9f348fdb83be72b
d98c5d1b4c97819e7374e56f5a7dca5b1d83e0245e95d5fb64423fb7d906f379
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432
dc8ae1c2826f713cc3dff20cde6078ba57bec99397f4d61dae38cd82b0f5b48c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3
e0fc84c13dd5b504ff509442105cbb954c60a4638ca6a6390eb0bb82347b4de1
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3acdfd105c0fc911b884c492163fc5ae526781b4a930461681b9dbf24d11d7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd7bcd174f0d5b1f739075ea4832aa0d5a0f902525740a12d210ea7717d355
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e5221f9ad8724e68770726288be421f845a83eb7f2fcb9f60c775ec5146dabf8
e52ddae1734c668d7b40b7e26cdc48a43db4d30c7157ab18844d97519ad4ca5f
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e59e02c8f60423ea8fbc816d0e1319ee4bedf51f6a02b83b2b80280436b318f2
e670bc8a55cb87fe35fc859c92a95489471757f8b0194aa9c317024080d3b5b9
e78b4ea982c48bb03e32abf572ec55fd5d8d95a0ac7475ac0255ee244730e818
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96563e92a6dfd2dc379e59ac92e0df0cd1833112fc57e5101b5bbf9306e6f4c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2014dd9ffea5c6137fabcf6b10982f0f0d157dc659ba9a65e2b6ad8b1e4418
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
f00aa84d2267a95c2e4d5883ccdb8df2a6a1049369257f6081d84ef43bbe0fc7
f31877812ade3cbda659976d8597d3059465388c75dd9097c5c9b63ad7aaa7c4
f83df770a7c9763424b29bfe7462c8f8e807d18dc0b4570f4ada501240007fda
f849535427c9f359ee79bc894a23eb43bec850b13650fbd6bc234ef69e92a95a
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
f9307328727e42da0de13338391f1cff53f24a67677c2bb1a76e66b87e2c30cf
fd16095ebcb84901ca776de58368a1884848ad8233965e354b811ab735317021
ff8e07213805ed0dd3cab5f58dacffba0671bc484c7fa74d019559a6146da68a