urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.co Open in urlscan Pro
217.160.0.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/3eYwzjuEOS
Effective URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Submission: On September 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 10 countries across 75 domains to perform 358 HTTP transactions. The main IP is 217.160.0.146, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is securityaffairs.co.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on March 24th 2021. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 1 154.50.198.10 174 (COGENT-174)
2 2 64.13.171.10 11404 (AS-WAVE-1)
47 217.160.0.146 8560 (IONOS-AS ...)
1 142.250.185.200 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 18.66.139.10 16509 (AMAZON-02)
1 13.32.99.78 16509 (AMAZON-02)
33 2.18.235.93 16625 (AKAMAI-AS)
9 68.183.31.14 14061 (DIGITALOC...)
8 192.0.77.2 2635 (AUTOMATTIC)
2 31.13.92.14 32934 (FACEBOOK)
3 192.0.76.3 2635 (AUTOMATTIC)
3 142.250.186.78 15169 (GOOGLE)
3 52.29.0.64 16509 (AMAZON-02)
1 18.66.97.22 16509 (AMAZON-02)
1 142.250.185.132 15169 (GOOGLE)
7 104.89.30.126 16625 (AKAMAI-AS)
1 192.0.73.2 2635 (AUTOMATTIC)
2 104.26.10.156 13335 (CLOUDFLAR...)
1 157.240.240.17 32934 (FACEBOOK)
1 18.169.90.17 16509 (AMAZON-02)
2 178.250.2.146 44788 (ASN-CRITE...)
1 51.89.21.30 16276 (OVH)
2 7 76.223.111.131 16509 (AMAZON-02)
3 213.19.162.31 3356 (LEVEL3)
18 35.244.159.8 15169 (GOOGLE)
3 178.162.133.150 60781 (LEASEWEB-...)
3 34.149.20.76 15169 (GOOGLE)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 72.251.249.14 29791 (VOXEL-DOT...)
4 15 185.33.221.15 29990 (ASN-APPNEX)
2 35.157.246.167 16509 (AMAZON-02)
2 18.156.157.131 16509 (AMAZON-02)
26 142.250.185.194 15169 (GOOGLE)
3 34.102.149.62 15169 (GOOGLE)
2 23.37.42.132 16625 (AKAMAI-AS)
4 104.89.5.227 16625 (AKAMAI-AS)
3 151.101.193.108 54113 (FASTLY)
1 67.202.105.21 32748 (STEADFAST)
1 2 77.243.60.138 42697 (NETIC-AS)
1 3.226.175.117 14618 (AMAZON-AES)
1 13.32.121.33 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
16 29 142.250.186.162 15169 (GOOGLE)
1 178.162.133.149 60781 (LEASEWEB-...)
6 6 185.29.132.241 30419 (MEDIAMATH...)
4 4 91.228.74.226 16509 (AMAZON-02)
7 8 37.157.6.251 198622 (ADFORM)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2 213.155.156.166 1299 (TELIANET ...)
8 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
12 185.64.190.80 62713 (AS-PUBMATIC)
5 5 34.247.198.95 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.137.131 201081 (SMARTADSE...)
1 1 162.55.6.213 24940 (HETZNER-AS)
1 1 213.19.147.44 26120 (RHYTHMONE)
1 72.251.241.196 29791 (VOXEL-DOT...)
1 104.21.192.83 13335 (CLOUDFLAR...)
1 1 87.98.252.5 16276 (OVH)
1 2 104.18.12.5 13335 (CLOUDFLAR...)
1 2 151.101.65.44 54113 (FASTLY)
1 169.197.150.7 398989 (DEEPINTENT)
3 185.64.189.114 62713 (AS-PUBMATIC)
3 3 146.59.148.16 16276 (OVH)
2 2 52.209.129.133 16509 (AMAZON-02)
1 2 172.67.13.182 13335 (CLOUDFLAR...)
1 169.50.137.190 36351 (SOFTLAYER)
2 2 18.156.0.31 16509 (AMAZON-02)
3 3 3.120.169.248 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 89.207.16.137 41041 (VCLK-EU-SE)
3 4 151.101.2.49 54113 (FASTLY)
1 1 46.228.164.11 56396 (AMOBEE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.221.89 29990 (ASN-APPNEX)
1 1 54.77.19.59 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 2 69.173.144.165 26667 (RUBICONPR...)
2 69.173.144.139 26667 (RUBICONPR...)
1 142.250.185.130 15169 (GOOGLE)
3 142.250.185.162 15169 (GOOGLE)
11 142.250.181.226 15169 (GOOGLE)
9 142.250.186.66 15169 (GOOGLE)
1 2 34.249.16.8 16509 (AMAZON-02)
14 142.250.185.225 15169 (GOOGLE)
3 6 2.18.234.21 16625 (AKAMAI-AS)
1 142.250.185.70 15169 (GOOGLE)
3 34.241.251.11 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
1 1 52.44.53.247 14618 (AMAZON-AES)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 142.250.185.134 15169 (GOOGLE)
2 172.217.23.98 15169 (GOOGLE)
6 52.73.11.13 14618 (AMAZON-AES)
2 142.250.186.36 ()
358 75
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    154.50.198.10 (United States)

ASN174 (COGENT-174, US)
dy.si
2    64.13.171.10 (United States)

ASN11404 (AS-WAVE-1, US)
engage.bah.com
47    217.160.0.146 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-146.elastic-ssl.ui-r.com
securityaffairs.co
1    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    18.66.139.10 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
1    13.32.99.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-78.fra60.r.cloudfront.net
platform-api.sharethis.com
33    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
cvision.media.net
9    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
8    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
i1.wp.com
i2.wp.com
2    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
3    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
3    52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    18.66.97.22 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
google-analytics.com
7    104.89.30.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-30-126.deploy.static.akamaitechnologies.com
lg3.media.net
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    104.26.10.156 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
1    157.240.240.17 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-lcy1.facebook.com
graph.facebook.com
1    18.169.90.17 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-90-17.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p25.id5-sync.com
id5-sync.com
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    213.19.162.31 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
18    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
3    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
15    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    18.156.157.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-157-131.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
26    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
3    34.102.149.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.149.102.34.bc.googleusercontent.com
navvy.media.net
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    104.89.5.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-5-227.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    3.226.175.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-175-117.compute-1.amazonaws.com
px.britepool.com
1    13.32.121.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-33.fra60.r.cloudfront.net
api.intentiq.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
29    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
6    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
8    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
12    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    34.247.198.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-198-95.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
1    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    104.21.192.83 (None, )

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
PTR: ip5.ip-87-98-252.eu
green.erne.co
2    104.18.12.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
2    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    172.67.13.182 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    3.120.169.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    89.207.16.137 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-usadmm.dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
1    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
adservice.google.de
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.com
11    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
9    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googletagservices.com
2    34.249.16.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-16-8.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
14    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
6    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
3    34.241.251.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
1    52.44.53.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-53-247.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
s0.2mdn.net
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
googleads4.g.doubleclick.net
6    52.73.11.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-11-13.compute-1.amazonaws.com
dt.adsafeprotected.com
2    142.250.186.36 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
47 securityaffairs.co
securityaffairs.co
2 MB
43 media.net
contextual.media.net
lg3.media.net
cvision.media.net
navvy.media.net
528 KB
41 doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
122 KB
37 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
577 KB
31 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
41 KB
19 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
63 KB
18 openx.net
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
11 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
96 KB
11 wp.com
i0.wp.com
i1.wp.com
i2.wp.com
stats.wp.com
pixel.wp.com
45 KB
11 pixfuture.com
served-by.pixfuture.com
cdn.pixfuture.com
488 KB
9 googletagservices.com
www.googletagservices.com
256 KB
9 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
16 KB
8 adform.net
c1.adform.net
4 KB
7 adsrvr.org
match.adsrvr.org
3 KB
6 casalemedia.com
dsum-sec.casalemedia.com
5 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 sharethis.com
ws.sharethis.com
platform-api.sharethis.com
l.sharethis.com
buttons-config.sharethis.com
50 KB
5 google.com
adservice.google.com
www.google.com
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com Failed
3 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
614 B
4 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
11 KB
4 google-analytics.com
www.google-analytics.com
google-analytics.com
39 KB
3 google.de
adservice.google.de
1 KB
3 googleadservices.com
partner.googleadservices.com
376 B
3 bidswitch.net
x.bidswitch.net
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 lijit.com
ap.lijit.com
2 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
964 B
2 2mdn.net
s0.2mdn.net
103 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
207 B
2 admedo.com
pool.admedo.com
717 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
887 B
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 tapad.com
pixel.tapad.com
885 B
2 crwdcntrl.net
sync.crwdcntrl.net Failed
568 B
2 semasio.net
uipglob.semasio.net
1 KB
2 sharethrough.com
btlr.sharethrough.com
229 B
2 facebook.net
connect.facebook.net
68 KB
2 bah.com
engage.bah.com
3 KB
1 rfihub.com
a.rfihub.com
1 KB
1 stackadapt.com
sync.srv.stackadapt.com
729 B
1 ctnsnet.com
gcm.ctnsnet.com
479 B
1 gumgum.com
rtb.gumgum.com
227 B
1 playground.xyz
ads.playground.xyz
484 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 simpli.fi
um.simpli.fi
612 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
326 B
1 ad4m.at
ad4m.at
974 B
1 adgrx.com
cm.adgrx.com
408 B
1 1rx.io
sync.1rx.io
243 B
1 loopme.me
csync.loopme.me
217 B
1 smartadserver.com
rtb-csync.smartadserver.com
757 B
1 contextweb.com
bh.contextweb.com
488 B
1 intentiq.com
api.intentiq.com
663 B
1 britepool.com
px.britepool.com
810 B
1 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com
1 id5-sync.com
id5-sync.com
534 B
1 agkn.com
aa.agkn.com
1 facebook.com
graph.facebook.com
664 B
1 gravatar.com
secure.gravatar.com
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
6 KB
1 googletagmanager.com
www.googletagmanager.com
40 KB
1 dy.si
dy.si
722 B
1 t.co
t.co
489 B
0 googleapis.com Failed
fonts.googleapis.com Failed
358 75
Domain Requested by
47 securityaffairs.co t.co
securityaffairs.co
29 cm.g.doubleclick.net 16 redirects eu-u.openx.net
securityaffairs.co
googleads.g.doubleclick.net
23 pagead2.googlesyndication.com cdn.pixfuture.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
securityaffairs.co
23 contextual.media.net securityaffairs.co
contextual.media.net
t.co
15 ib.adnxs.com 4 redirects cdn.pixfuture.com
acdn.adnxs.com
googleads.g.doubleclick.net
14 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
pagead2.googlesyndication.com
12 simage2.pubmatic.com ads.pubmatic.com
10 cvision.media.net securityaffairs.co
contextual.media.net
9 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
ad.doubleclick.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 eu-u.openx.net cdn.pixfuture.com
eu-u.openx.net
9 served-by.pixfuture.com securityaffairs.co
cdn.pixfuture.com
8 image2.pubmatic.com ads.pubmatic.com
8 c1.adform.net 7 redirects ads.pubmatic.com
7 match.adsrvr.org 2 redirects cdn.pixfuture.com
eu-u.openx.net
securityaffairs.co
7 lg3.media.net securityaffairs.co
contextual.media.net
6 dt.adsafeprotected.com googleads.g.doubleclick.net
securityaffairs.co
6 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
6 us-u.openx.net eu-u.openx.net
6 sync.mathtag.com 6 redirects
5 match.prod.bidr.io 5 redirects
4 sync-tm.everesttech.net 3 redirects securityaffairs.co
4 pixel.quantserve.com 4 redirects
4 ads.pubmatic.com cdn.pixfuture.com
ads.pubmatic.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 acdn.adnxs.com cdn.pixfuture.com
3 navvy.media.net contextual.media.net
3 ap.lijit.com cdn.pixfuture.com
3 hbopenbid.pubmatic.com cdn.pixfuture.com
3 ssc.33across.com cdn.pixfuture.com
3 apex.go.sonobi.com cdn.pixfuture.com
3 pixfuture2-d.openx.net cdn.pixfuture.com
3 fastlane.rubiconproject.com cdn.pixfuture.com
3 l.sharethis.com ws.sharethis.com
securityaffairs.co
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 i1.wp.com securityaffairs.co
3 i0.wp.com securityaffairs.co
2 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net ad.doubleclick.net
t.co
2 s0.2mdn.net ad.doubleclick.net
t.co
s0.2mdn.net
2 tracking.m6r.eu 2 redirects
2 pixel.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 pixel.rubiconproject.com securityaffairs.co
2 token.rubiconproject.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pool.admedo.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 dsp.adfarm1.adition.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pixel.tapad.com 1 redirects securityaffairs.co
2 sync.crwdcntrl.net securityaffairs.co
2 uipglob.semasio.net 1 redirects securityaffairs.co
2 eus.rubiconproject.com cdn.pixfuture.com
eus.rubiconproject.com
2 btlr.sharethrough.com cdn.pixfuture.com
2 c2shb.ssp.yahoo.com cdn.pixfuture.com
2 gum.criteo.com cdn.pixfuture.com
2 pixel.wp.com securityaffairs.co
2 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
2 i2.wp.com securityaffairs.co
2 connect.facebook.net securityaffairs.co
connect.facebook.net
2 engage.bah.com 2 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 a.rfihub.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 ad.doubleclick.net www.googletagservices.com
1 id.rlcdn.com securityaffairs.co
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 sync.1rx.io 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.go.sonobi.com securityaffairs.co
1 api.intentiq.com securityaffairs.co
1 px.britepool.com securityaffairs.co
1 ssc-cms.33across.com cdn.pixfuture.com
1 id5-sync.com cdn.pixfuture.com
1 aa.agkn.com cdn.pixfuture.com
1 graph.facebook.com securityaffairs.co
1 secure.gravatar.com securityaffairs.co
1 google-analytics.com securityaffairs.co
1 buttons-config.sharethis.com platform-api.sharethis.com
1 stats.wp.com securityaffairs.co
1 platform-api.sharethis.com securityaffairs.co
1 ws.sharethis.com securityaffairs.co
1 maxcdn.bootstrapcdn.com securityaffairs.co
1 www.googletagmanager.com securityaffairs.co
1 dy.si 1 redirects
1 t.co
0 pr-bh.ybp.yahoo.com Failed ads.pubmatic.com
securityaffairs.co
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fonts.googleapis.com Failed securityaffairs.co
358 117
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.securityaffairs.co
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-24 -
2022-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-03 -
2021-12-02		 2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.britepool.com
Amazon		 2021-01-10 -
2022-02-07		 a year crt.sh
*.intentiq.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 50 frames:

Primary Page: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Frame ID: 3D6FE0A172CA9DE1E1DF5AD074F25135
Requests: 135 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
Frame ID: D0C91ADB5EFBD46BCFEEF36719B07123
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
Frame ID: A52AB66780F0E16143853E4BCD4896D5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
Frame ID: 2992072C9854A21B2B97DA2510DFCC2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 97CF6F13AFC8E35EF565A0E08C7EB8AB
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4A4088B7DC19BB4B7680A155C2B152D8
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 464A1DB157844050F0C8119B6301C2BE
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV39259.js
Frame ID: A48391187CCD04BA95F5147FFC87E873
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV39259.js
Frame ID: F255E17668BD155604DCA0BE712DBA52
Requests: 16 HTTP requests in this frame

Frame: https://contextual.media.net/__media__/pics/800060601/1.jpg
Frame ID: E7A8E8692A39CC943014FC62A6D8B1BD
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4EA2371C535175FF95E4B71E6F0B207F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: A6E37E1E053F5B9EFE92730660D0FD67
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 34A0D70A8A670849F9A9DEAAF9BD9031
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DF0338176529994FDED38A3607587822
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 410D4B8AD01F15BC096D802E7DD36093
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 4C98BC97DDEFF63A7FA166BA766B7465
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: C9743E611F20BBA6AFEB8CCE6B9858DD
Requests: 24 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 67C1AB3E5154050EAFB0A8BCAFC0B5A3
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: DCD9CE05C79BEB3E9B8DF3705300182D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 36EAE3BEF4BF5F2685DB3097C80FD501
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FC412A4873B95B52305D5D428470D036
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7
Frame ID: 4147F79E7C882B82C48C4435DCBB7BC6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2955880079904287960
Frame ID: 2D976DA5813FBAA256DD04F789A485DF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 754508287FC05F0C4720E77A8FB0B6D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010374516811888786
Frame ID: 8952289E5FEF2C717D35D336DC6AF780
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADbkU7Ck7UAACMi2IOboA
Frame ID: 071D2FE51E5E144B3BC94DC8C7C5A99C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: F179668F37E60ED053F230B7C11A0A37
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 38A1F1457336A727CAE246FF3269EE3D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2D196ABE20B93AD104729F8EBDFF3A32
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: C05A5EEA21E95868CFE28AB8FA807264
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=gsyGMIh3hph5WyNe23IwXhO5
Frame ID: 585A8877F642253065B2545AA923ADDC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B0052346167CE38DB5746ACE351CACE9
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: F1EB2D1C83EA590A72803575E7AFD620
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3A6C740BB63565F1DFA815D2C6A61656
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Frame ID: AFA3553592CB427F2DB172D8F4B2A611
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
Frame ID: 028EA8192DC0DAFCF4D40EF3ABE78762
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4586B8635B19317B6E42B00B7BAF0DE4
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Frame ID: 3264AB5CC3CF8D48CB0FE2B5DFE41CDA
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 641410003D6188424C297ABAF39AEE55
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA4C3D31EEE25A8D4B087B044061A832
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4B68DE5F4ED5AE88C2EF20636B0A8558
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Frame ID: F590498FD49DD8D97B719CE6B2491F09
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Frame ID: 08F318710E549B72059872E7B8A17E0E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
Frame ID: 8C5E75DC021F64447FDE0B5D42209FB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARih6-ioATAB&v=APEucNVS6o4_rjqjZpvcHQF3EpDmuP_RUXGJhGB5sUtKI8zSU2U_tSFtU93KwVVUZn7ijJsRhfugBJbuzb5D9wOWH0xDASO-hrr9Xqv4s724FF8HEFTAz8FLS8hyC-4t-PST6JpAghU7qeQnibFnlXsNZIXqXByyfbULkR_CUyT7pAbOstU4k_Jlr0THOmVNbEviSpL2V0i4uW9zDjJaLUJqbD_WaAchxA
Frame ID: D74C818D902BF2E7C951BBFF24B6F050
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E3CD0BC1429FFC091D887E65EED5C4D4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C683010B84FF74B4B09BBF9F3EB5327E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi_6uioATAB&v=APEucNWakuOM5Mp7DoHq8DP1nXYzclekyRnb6XDgiq94ch30XYNjEgO9OLeHjYjVU0KUTQEkWTx_N6EWOAb3cb5QWQciKwSNBwQJ9iub7ji3DWmgBriVUtmrIWUfzZyl7J1cVkW45B0wEPZOiqoVNC2mYvbzNhlWT7BLUtD6CPdXLg18s_0rX92U5Tn85SfTk1VS8wPlNO1kKmiSyKKAc_SpqhWcUgpkhA
Frame ID: 976E3ED93CC9B91700381CDCFAE35F48
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44583163C2B09A8E65044233BD7E62A3
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=dePVytUeoT&t=1&renderingType=2
Frame ID: F853E8E81C42149391848D9699381D25
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bugSecurity Affairs

Page URL History Show full URLs

  1. https://t.co/3eYwzjuEOS Page URL
  2. https://dy.si/j66S6 HTTP 302
    https://engage.bah.com/Article/Redirect/d8419884-1e27-4ada-a300-b1d083f9aad5?uc=55427&g=faf3838f-93... HTTP 302
    https://engage.bah.com/member/post/d8419884-1e27-4ada-a300-b1d083f9aad5?uc=55427&g=faf3838f-93e1-45... HTTP 302
    https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

358
Requests

94 %
HTTPS

0 %
IPv6

75
Domains

117
Subdomains

75
IPs

10
Countries

4122 kB
Transfer

7197 kB
Size

167
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/3eYwzjuEOS Page URL
  2. https://dy.si/j66S6 HTTP 302
    https://engage.bah.com/Article/Redirect/d8419884-1e27-4ada-a300-b1d083f9aad5?uc=55427&g=faf3838f-93e1-4548-aacd-b9ba9d5a6554&f=260586 HTTP 302
    https://engage.bah.com/member/post/d8419884-1e27-4ada-a300-b1d083f9aad5?uc=55427&g=faf3838f-93e1-4548-aacd-b9ba9d5a6554&f=260586 HTTP 302
    https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 183
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=eb1366af-5e2c-408a-8918-c88aa5db75a9&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=eb1366af-5e2c-408a-8918-c88aa5db75a9&sInitiator=external
Request Chain 186
  • https://id5-sync.com/s/434/9.gif?puid=eb1366af-5e2c-408a-8918-c88aa5db75a9&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/434/9/1.gif?puid=eb1366af-5e2c-408a-8918-c88aa5db75a9&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOAe-Wg-G-iIB1qEYnP9i9lUz1d7U7Q862z6F8ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOAe-Wg-G-iIB1qEYnP9i9lUz1d7U7Q862z6F8ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/916/8/2.gif?puid=549b4841-6e21-4eae-beeb-5cb4d4254d44&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/7/3.gif?puid=e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAe-Wg-G-iIB1qEYnP9i9lUz1d7U7Q862z6F8ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/6/4.gif?puid=549b4841-6e21-4eae-beeb-5cb4d4254d44&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/146/5/5.gif?puid=60b078bb-2e7d-45eb-8dde-e0107139f4e9&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEBVCCI1Gy-CQdrww2yCVJNs&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEBVCCI1Gy-CQdrww2yCVJNs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4217537825124605792&opid=apx&ops=&utidl=tech:goo:CAESEBVCCI1Gy-CQdrww2yCVJNs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A20907976079&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Request Chain 187
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=eb1366af-5e2c-408a-8918-c88aa5db75a9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=eb1366af-5e2c-408a-8918-c88aa5db75a9
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZWIxMzY2YWYtNWUyYy00MDhhLTg5MTgtYzg4YWE1ZGI3NWE5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=ZWIxMzY2YWYtNWUyYy00MDhhLTg5MTgtYzg4YWE1ZGI3NWE5&google_tc= HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEI_C0Q1sj5way3m1wM4-2Yc&google_cver=1
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a5a6149-da7b-4100-9489-2c4e519d54b7
Request Chain 196
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=cK5HxyL-RJxrrBXNcv1emyepFclrqkbHIvlU96m-
Request Chain 197
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=180873488361116431
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASYIAp5qUw9HzqLjnDrqxM&google_cver=1
Request Chain 201
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
Request Chain 202
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vR-x0e9PsoqmHePb7haoiugXtdmmHOCNu0t86qAE
Request Chain 203
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4052435551854818288
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAGxaxPzWiIC_kYKQBk3CvQ&google_cver=1
Request Chain 208
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=327a6149-da7a-4800-844f-f728e1164b3e
Request Chain 209
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3wGBxI1Rgp_EA9PJigSYztAE0ZjEBYLF0FPT57eG
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5301584845819964079
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkppNAeTIOoUMo4Uz-avdE&google_cver=1
Request Chain 216
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2955880079904287960
Request Chain 218
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010374516811888786
Request Chain 219
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEYmtVN0NrN1VBQUNNaTJJT2JvQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADbkU7Ck7UAACMi2IOboA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADbkU7Ck7UAACMi2IOboA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADbkU7Ck7UAACMi2IOboA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6011243408898996674 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADbkU7Ck7UAACMi2IOboA
Request Chain 220
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 221
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 224
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=gsyGMIh3hph5WyNe23IwXhO5
Request Chain 225
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 226
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=En08GhxwTH66W-O9m-D_tw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 229
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
Request Chain 230
  • https://pixel.onaudience.com/?partner=214&mapped=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=54840710a5cf580c886fb95bef440d74 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=008d8d84-4841-4a0e-9544-fbfb6fea018d&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=54c812cb2e8a0d55 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0f1278a1-1a5a-47bf-55cf-349f04ef37be&reqId=da831556-e817-42d4-4cfc-cd30ccdf00c4&zcluid=54c812cb2e8a0d55&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJzMD2AjBHQ0P364CZZMuYc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0f1278a1-1a5a-47bf-55cf-349f04ef37be&reqId=da831556-e817-42d4-4cfc-cd30ccdf00c4&zcluid=54c812cb2e8a0d55&zdid=1332
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTI3RDNDMUEtMUM3MC00QzdFLUJBNUItRTNCRDlCRTBGRkI3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAP6sZuQNAdLd_kYjZAKobQ&google_cver=1
Request Chain 234
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=008d8d84-4841-4a0e-9544-fbfb6fea018d
Request Chain 235
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=180873488361116431
Request Chain 236
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&gdpr=0&gdpr_consent=
Request Chain 237
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217537825124605792&gdpr=0&gdpr_consent=
Request Chain 238
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG
Request Chain 239
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.ZPHccpE2uVUd3onZzOlcaC4S4fo.ow-~A&gdpr=0&gdpr_consent=
Request Chain 241
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f37eeaba-a6c2-4954-a2f1-91d13d620233 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f37eeaba-a6c2-4954-a2f1-91d13d620233 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6a41dce5-3755-4fd5-8683-eb6f548b3e19&user_group=1&ssp=pubmatic&bsw_param=f37eeaba-a6c2-4954-a2f1-91d13d620233 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f37eeaba-a6c2-4954-a2f1-91d13d620233&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 243
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YUnaewADOiMXtwAR HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUnaewADOiMXtwAR&gdpr=0&gdpr_consent=&_test=YUnaewADOiMXtwAR
Request Chain 244
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2741627285496339598&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 245
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=506c93e5-9c06-492d-8ff1-e8419e7f9982-6149da7b-5553&gdpr=0&gdpr_consent=
Request Chain 246
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a153aed-af3a-43b6-8f2a-7a40c0eb1cb4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 247
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217537825124605792
Request Chain 248
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1
Request Chain 250
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CNnuDB5hFi7e87r0PgA2rw?csrc=
Request Chain 251
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RVM0xTMkMtWC05WlVL
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YUnaewADPnNyFgAT
Request Chain 253
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b7bc6149-da7b-4c00-b03a-da8e5e1f022e&expires=28
Request Chain 255
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJmYzUxYzQzYmVjNTMwOTRkYjcyZjkwYzkwNTg3MmU2NTc2OGNjNA
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBBGzgY3fvMk-o-OWgL88s0&google_cver=1
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1&C=1
Request Chain 275
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUnafZ1KjI8-kJ-6DsEOVAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
Request Chain 277
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
Request Chain 287
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDlEXcaB4qEFjE2YNblMeas&google_cver=1&google_push=AYg5qPLpDXfqZVKji2v5vz_RKpw8QDVDk-fu-ck372iyfxOi8i5cZ8hVvZnZismsHEwrMijGBWiVBrxJQdGGLDyFZzdUZUnY2VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLpDXfqZVKji2v5vz_RKpw8QDVDk-fu-ck372iyfxOi8i5cZ8hVvZnZismsHEwrMijGBWiVBrxJQdGGLDyFZzdUZUnY2VA&google_hm=o_dADd7LS2WqxyKkETYEURs
Request Chain 288
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJJ61yPl4DPw7QNDY3f8aiY&google_cver=1&google_push=AYg5qPKHJBTvWFMRX_bQ5L008cINtXD5c_eEQxFySNeUm9m2N_0vKFDqT29pzf9zb2KNiHVIETYsmeZTbSOiTsGcGhD_kbVblv4_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMDM3NDUxNjgxMTg4ODc4Ng%3D%3D&google_push=AYg5qPKHJBTvWFMRX_bQ5L008cINtXD5c_eEQxFySNeUm9m2N_0vKFDqT29pzf9zb2KNiHVIETYsmeZTbSOiTsGcGhD_kbVblv4_
Request Chain 289
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESENEJOWy8fW647ckbgSjtwQg&google_cver=1&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2RI2Pw_ECCRpxQsCxKdJHM_eNS5KEnTzZRQAATth HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESENEJOWy8fW647ckbgSjtwQg&google_cver=1&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2RI2Pw_ECCRpxQsCxKdJHM_eNS5KEnTzZRQAATth&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=q5Ak3ar9lU09IFLtk0yJxg&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2RI2Pw_ECCRpxQsCxKdJHM_eNS5KEnTzZRQAATth
Request Chain 290
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB7GtO4c6hGuRGI09c8qTPA&google_cver=1&google_push=AYg5qPL4tW7ckjySD2b64SiTrfZW_H6pljO_C3CXKQGfhS9T6x7mv6wG5EqTvB5b2tQEriDeEORq_Vr01bRsM4Lx9hiajJvoNbla HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=BTAM6cHeT3t9FaObwcJjBdiDbxs&google_push=AYg5qPL4tW7ckjySD2b64SiTrfZW_H6pljO_C3CXKQGfhS9T6x7mv6wG5EqTvB5b2tQEriDeEORq_Vr01bRsM4Lx9hiajJvoNbla
Request Chain 291
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHBQLkX5U_naOSwQcqbWMvw&google_cver=1&google_push=AYg5qPJAg7Bj6Ntb9iI6lcwlnpOGkLZKVNwkeYzx_60zUjzICUufLrrfucIJv_GK2dBtSvNe19WZXJbmajqirtdh-k8JhLkRQ5AgPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAg7Bj6Ntb9iI6lcwlnpOGkLZKVNwkeYzx_60zUjzICUufLrrfucIJv_GK2dBtSvNe19WZXJbmajqirtdh-k8JhLkRQ5AgPw&google_hm=Nzc5Nzg3NTQ3Njk1MTE2MjQ0Mw==
Request Chain 292
  • https://ads.avads.net/sync/ggl?google_gid=CAESEBcUVsLZfBqUn_EQu_DYUfc&google_cver=1&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://ads.avads.net/sync/ggl?google_gid=CAESEBcUVsLZfBqUn_EQu_DYUfc&google_cver=1&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw&av_tc=True HTTP 302
  • https://ads.avads.net/sync/ggl?google_gid=CAESEBcUVsLZfBqUn_EQu_DYUfc&google_cver=1&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw
Request Chain 303
  • https://pixel.adsafeprotected.com/rfw/st/787359/56365210/skeleton.js?adsafe_url=https%3A%2F%2Fsecurityaffairs.co&adsafe_type=g&adsafe_url=https%3A%2F%2Fsecurityaffairs.co%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1575911585432548%26output%3Dhtml%26h%3D90%26slotname%3DInternal_728x90_0.10%26adk%3D1194620937%26adf%3D1480696132%26pi%3Dt.ma~as.Internal_728x90_0.10%26w%3D728%26lmt%3D1632230012%26url%3Dhttps%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F122293%252Fsecurity%252Fcve-2021-40539-zoho-bug-attacks.html%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1632230012261%26bpp%3D15%26bdt%3D2238%26idt%3D165%26shv%3Dr20210916%26mjsv%3Dm202109200101%26ptt%3D5%26saldr%3Dsa%26correlator%3D269952746191%26frm%3D21%26ife%3D1%26pv%3D2%26ga_vid%3D1352141922.1632230009%26ga_sid%3D1632230012%26ga_hid%3D2021330701%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D3%26u_nmime%3D4%26adx%3D320%26ady%3D518%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D627562904%26scr_x%3D0%26scr_y%3D0%26eid%3D44747620%252C31062518%26oid%3D3%26pvsid%3D694293337181406%26pem%3D158%26ref%3Dhttps%253A%252F%252Ft.co%252F%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.f2jg2mtvhwic%26fsb%3D1%26xpc%3DRjlHBE0UbJ%26p%3Dhttps%253A%2F%2Fsecurityaffairs.co%26dtd%3D198&adsafe_type=d&adsafe_jsinfo=,id:272ede4a-5238-1b03-d70e-2bc144ca6744,c:oR20KX,sl:outOfView,em:true,fr:false,thd:1,mn:app17ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:222,fm:sJEqNfO+11%7C12%7C13%7C141*.787359-56365210%7C1411%7C1412%7C14131%7C1414%7C142%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1h%7C1i%7C1j%7C1k,idMap:141*,rp:n,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:248,oid:b8ae7c09-1add-11ec-abac-0289e6fd96ae,v:19.8.244,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
Request Chain 344
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUnafZ1KjI8-kJ-6DsEOVAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
Request Chain 346
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D

358 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3eYwzjuEOS
t.co/ 		212 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/3eYwzjuEOS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/3eYwzjuEOS
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 21 Sep 2021 13:13:24 GMT
vary
Origin
server
tsa_o
expires
Tue, 21 Sep 2021 13:18:24 GMT
set-cookie
muc=98dda666-880f-489d-bf6d-89289b5d4b1c; Max-Age=63072000; Expires=Thu, 21 Sep 2023 13:13:24 GMT; Domain=t.co; Secure; SameSite=None
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
171
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-connection-hash
dbe1717d2d56fa7d35b3ce34897ad30f98690857455a696bb4da4f4b2ff8949c
Primary Request cve-2021-40539-zoho-bug-attacks.html
securityaffairs.co/wordpress/122293/security/
Redirect Chain
  • https://dy.si/j66S6
  • https://engage.bah.com/Article/Redirect/d8419884-1e27-4ada-a300-b1d083f9aad5?uc=55427&g=faf3838f-93e1-4548-aacd-b9ba9d5a6554&f=260586
  • https://engage.bah.com/member/post/d8419884-1e27-4ada-a300-b1d083f9aad5?uc=55427&g=faf3838f-93e1-4548-aacd-b9ba9d5a6554&f=260586
  • https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
94 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Requested by
Host: t.co
URL: https://t.co/3eYwzjuEOS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
8ac43663b3ab298ed3c79ca17210db31e3d4e96df1ddf7c6982baeecbbc3d1d4

Request headers

:method
GET
:authority
securityaffairs.co
:scheme
https
:path
/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/3eYwzjuEOS

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 21 Sep 2021 13:13:27 GMT
server
Apache
x-pingback
https://securityaffairs.co/wordpress/xmlrpc.php
link
<https://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <https://securityaffairs.co/wordpress/wp-json/wp/v2/posts/122293>; rel="alternate"; type="application/json", <https://securityaffairs.co/wordpress/?p=122293>; rel=shortlink
content-encoding
gzip

Redirect headers

Date
Tue, 21 Sep 2021 13:13:26 GMT
Content-Type
text/html; charset=utf-8
Content-Length
222
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy-Report-Only
report-uri https://sentry.io/api/1479396/security/?sentry_key=ebff80a744024d8a8f5630df4ea55e5d&sentry_environment=PROD&sentry_release=2021-9-6-1; default-src 'self'; script-src 'self' static.dynamicsignal.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com translate.google.com *.googleapis.com *.cloudfront.net cdnjs.cloudflare.com platform.twitter.com connect.facebook.net assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' static.dynamicsignal.com *.cloudfront.net *.googleapis.com maxcdn.bootstrapcdn.com 'unsafe-inline'; font-src * data: blob:; img-src * data: blob:; media-src * data: blob:; frame-src 'self' www.youtube.com platform.twitter.com www.facebook.com reg.voicestorm.com reg-eu.voicestorm.com reg.voicestorm.biz reg.dynamicsignal.com; manifest-src *; connect-src 'self' static.dynamicsignal.com api.dynamicsignal.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com translate.google.com *.googleapis.com *.cloudfront.net *.doubleclick.net platform.twitter.com connect.facebook.net assets.adobedtm.com *.sentry.io sentry.io olivia.paradox.ai gateway.zscloud.net relay.voicestorm.com relay-eu.voicestorm.com relay.voicestorm.biz relay.dynamicsignal.com freq.voicestorm.com freq-eu.voicestorm.com freq.voicestorm.biz freq.dynamicsignal.com api.voicestorm.com api-eu.voicestorm.com api.voicestorm.biz api.dynamicsignal.com apigateway.voicestorm.com apigateway-eu.voicestorm.com apigateway.voicestorm.biz apigateway.dynamicsignal.com streaming.voicestorm.com:* streaming-eu.voicestorm.com:* streaming.voicestorm.biz:* streaming.dynamicsignal.com:*
Set-Cookie
articleShareClick=%7B%22articleId%22%3A%22d8419884-1e27-4ada-a300-b1d083f9aad5%22%2C%22userChannelId%22%3A%2255427%22%7D; Path=/ g=faf3838f-93e1-4548-aacd-b9ba9d5a6554; Path=/; Expires=Wed, 21 Sep 2022 13:13:26 GMT; Secure c=260586; Path=/; Expires=Wed, 21 Sep 2022 13:13:26 GMT; Secure
Location
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Vary
Accept
Strict-Transport-Security
max-age=31536000; includeSubDomains
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ea0b536a7617d6ca9391fa95562b9e0858fd71f1d60244e24344b367c9ea3027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40376
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Sep 2021 13:13:28 GMT
style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 		91 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
175437ab2d5703d39c01d0f479b19f9b1569bfb2cf43dca8cbf30ff962f0f48b

Request headers

:path
/wordpress/wp-includes/css/dist/block-library/style.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Fri, 23 Jul 2021 22:11:52 GMT
server
Apache
accept-ranges
bytes
etag
"16cb1-5c7d1b0db415e"
content-length
93361
content-type
text/css
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

:path
/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"2bf8-5b61073af996a"
content-length
11256
content-type
text/css
wp-mediaelement.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/wp-mediaelement.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1

Request headers

:path
/wordpress/wp-includes/js/mediaelement/wp-mediaelement.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
Apache
accept-ranges
bytes
etag
"1360-597430d7ee92b"
content-length
4960
content-type
text/css
cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.5
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

:path
/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Sun, 01 Aug 2021 22:15:22 GMT
server
Apache
accept-ranges
bytes
etag
"c25-5c886c9f06547"
content-length
3109
content-type
text/css
cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.5
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1523ddaa632d195a1240668fb5c6870519e3cdfeabd5a346141bcbb03222e2e7

Request headers

:path
/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Sun, 01 Aug 2021 22:15:22 GMT
server
Apache
accept-ranges
bytes
etag
"7045-5c886c9f06547"
content-length
28741
content-type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
1046401
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b034e617fbf9c231f9166f3690415fc1
cf-ray
69238d0f3ca48749-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
Apache
accept-ranges
bytes
etag
"4d92-52704407f72c0"
content-length
19858
content-type
text/css
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		539 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"21b-526fe6d7cd700"
content-length
539
content-type
text/css
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
Apache
accept-ranges
bytes
etag
"1851-5270441180940"
content-length
6225
content-type
text/css
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"6b4-526fe6d5e5280"
content-length
1716
content-type
text/css
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"4574-526fe6d5e5280"
content-length
17780
content-type
text/css
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"118d-526fe6e527680"
content-length
4493
content-type
text/css
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		334 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"14e-526fe6d5e5280"
content-length
334
content-type
text/css
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"1b844-526fe6d7cd700"
content-length
112708
content-type
text/css
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

:path
/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
content-type
text/css; charset: UTF-8;charset=UTF-8
server
Apache
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		49 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

:path
/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
Apache
accept-ranges
bytes
etag
"c5f2-526fe6d6d94c0"
content-length
50674
content-type
text/css
sharing.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=10.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1b11f2c81cddaa0d12147ff5fbecdec023a921b64088411da37f81915b8b4b40

Request headers

:path
/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Tue, 07 Sep 2021 22:53:04 GMT
server
Apache
accept-ranges
bytes
etag
"4cdc-5cb6fa0dbd05a"
content-length
19676
content-type
text/css
social-logos.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=10.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46

Request headers

:path
/wordpress/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Tue, 07 Sep 2021 22:53:03 GMT
server
Apache
accept-ranges
bytes
etag
"312f-5cb6fa0cb8483"
content-length
12591
content-type
text/css
frontend-gtag.js
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.js?ver=1632230007
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
b0534210815c3c9ee7e1df828e0916d2997bf39db55466c2cb7353e423db4499

Request headers

:path
/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.js?ver=1632230007
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Sat, 18 Sep 2021 23:27:15 GMT
server
Apache
accept-ranges
bytes
etag
"6ffc-5cc4d6365740e"
content-length
28668
content-type
application/javascript
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		282 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=3.6.0
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

:path
/wordpress/wp-includes/js/jquery/jquery.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Fri, 23 Jul 2021 22:11:53 GMT
server
Apache
accept-ranges
bytes
etag
"46758-5c7d1b0e12d00"
content-length
288600
content-type
application/javascript
jquery-migrate.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

:path
/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"62d4-5b61073af5aea"
content-length
25300
content-type
application/javascript
cookie-law-info-public.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/ 		34 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.5
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7739eefcdee8afcb00fbe9a35cc795fff0cff7092b10d56c4190484d42892433

Request headers

:path
/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Sun, 01 Aug 2021 22:15:22 GMT
server
Apache
accept-ranges
bytes
etag
"8960-5c886c9f074e7"
content-length
35168
content-type
application/javascript
medianetAdInjector.js
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ 		562 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

:path
/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Sat, 08 May 2021 23:27:41 GMT
server
Apache
accept-ranges
bytes
etag
"232-5c1d9e407bb22"
content-length
562
content-type
application/javascript
st_insights.js
ws.sharethis.com/button/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
5c8bd0c2f891239145b9a187e6490a89c8af9f6b5224cea83884f6c5662d1b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 20:45:10 GMT
content-encoding
gzip
server
nginx/1.20.1
age
232098
etag
W/"612ef1c2-63db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
content-length
7318
x-amz-cf-id
bdcjn1R926n2A3ljU_i8uJueLB8tb5AQVWTGYGug5B2fltmP_ahLTA==
expires
Tue, 21 Sep 2021 20:45:10 GMT
sharethis.js
platform-api.sharethis.com/js/ 		183 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-78.fra60.r.cloudfront.net
Software
/
Resource Hash
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:07:40 GMT
content-encoding
gzip
age
348
etag
W/"2dcf1-WwF+elP/xnuwOSlGKk64bx4O0JA"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript; charset=utf-8
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
HiAlhvMtkYDAouye__oBx-G6RovRFBIasCfX9pBWpp3_5h7paD4JLQ==
loginbot.js
securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield/loginbot.js?ver=11.5.4&mtime=1628286621
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
474776eb17d0e4ca038f4994076ede6f4017ecdf91eff0d3d074c3b7bb6a5a97

Request headers

:path
/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield/loginbot.js?ver=11.5.4&mtime=1628286621
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Fri, 06 Aug 2021 21:50:21 GMT
server
Apache
accept-ranges
bytes
etag
"c9f-5c8eb05a9887c"
content-length
3231
content-type
application/javascript
dmedianet.js
contextual.media.net/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd93f327d26596fc02540f791f931612e8f9112f2d9d5115273d101eb40e9cea
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-mnt-h
10-2
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"33b282800799b2c41e7212e21ef54e8f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 21 Sep 2021 13:13:28 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-9
expires
Tue, 21 Sep 2021 13:18:28 GMT
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

:path
/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 17:30:42 GMT
server
Apache
accept-ranges
bytes
etag
"b0e9-5270743f5f480"
content-length
45289
content-type
image/png
headerbid.js
served-by.pixfuture.com/www/delivery/ 		973 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Tue, 02 Mar 2021 20:36:48 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"603ea1e0-3cd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
973
expires
Thu, 23 Sep 2021 13:13:29 GMT
facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Jun 2020 20:34:29 GMT
server
nginx
etag
"509a053c355d6394"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length
830
expires
Sat, 11 Jun 2022 08:34:29 GMT
twitter.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"fbafb4fa36d9fc66"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length
1082
expires
Sat, 05 Nov 2022 20:12:40 GMT
linkedin.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"8daaaf021369fdba"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length
1184
expires
Sat, 05 Nov 2022 20:12:40 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
fd0d1be04239766d562629f6c7d75879d0c0bdf299b2464542dad6094d436f05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MU/mNodSpoBaBovlWjR2Tw==
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
expires
Tue, 21 Sep 2021 13:28:30 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1683
x-fb-rlafr
0
x-fb-debug
uWl2dpzlgvDOTM3r1hUQa7dbUG48QwvYKMfd9KYEgkfpu/Mvfwiokd3krj/EVHeA/8d1oCgZPfZXrTm5lWTN3w==
x-fb-trip-id
686109401
x-fb-content-md5
ed48101f2a07f08e210f55eef8bfbb0f
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 21 Sep 2021 13:13:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ce31bbb0d5eb793fde71b9cdee861c1a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
Apache-OpenOffice.png
securityaffairs.co/wordpress/wp-content/uploads/2021/09/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2021/09/Apache-OpenOffice.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
82cd5ddf774e3c30e08e538ee705703cb2e00e4509671cab4ab30da1ab57906a

Request headers

:path
/wordpress/wp-content/uploads/2021/09/Apache-OpenOffice.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Tue, 21 Sep 2021 06:47:35 GMT
server
Apache
accept-ranges
bytes
etag
"23749-5cc7bc5ccb738"
content-length
145225
content-type
image/png
ransomware.jpg
securityaffairs.co/wordpress/wp-content/uploads/2019/06/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2019/06/ransomware.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
6828f1bdae5c7b89d801df314049a2d65159a4284ee530e5c848a153eadf8c87

Request headers

:path
/wordpress/wp-content/uploads/2019/06/ransomware.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Wed, 26 Jun 2019 13:32:34 GMT
server
Apache
accept-ranges
bytes
etag
"2bcb0-58c3a13f98fef"
content-length
179376
content-type
image/jpeg
CVE-2021-40444-exploitation.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/09/CVE-2021-40444-exploitation.png?resize=300%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
aab8a7213ae099900c73e10038babec3652ba7e2c6f6d63ee19af911351b3de5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Sep 2021 22:20:59 GMT
server
nginx
etag
"c85bf39d5c2351ee"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2021/09/CVE-2021-40444-exploitation.png>; rel="canonical"
content-length
7646
expires
Sun, 17 Sep 2023 10:20:59 GMT
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 		122 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e

Request headers

:path
/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Fri, 25 Dec 2020 23:58:53 GMT
server
Apache
accept-ranges
bytes
etag
"1e76e-5b752b4e76df8"
content-length
124782
content-type
text/css
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

:path
/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Tue, 07 Sep 2021 22:53:03 GMT
server
Apache
accept-ranges
bytes
etag
"6e0-5cb6fa0d874fc"
content-length
1760
content-type
application/javascript
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 		365 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

:path
/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Sun, 05 Sep 2021 22:22:00 GMT
server
Apache
accept-ranges
bytes
etag
"16d-5cb46f619b099"
content-length
365
content-type
application/javascript
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

:path
/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Fri, 25 Dec 2020 23:58:53 GMT
server
Apache
accept-ranges
bytes
etag
"792-5b752b4e7bc18"
content-length
1938
content-type
application/javascript
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3db-526fe6e433440"
content-length
987
content-type
application/javascript
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1113-526fe6e433440"
content-length
4371
content-type
application/javascript
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1fa1-526fe6e433440"
content-length
8097
content-type
application/javascript
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"a36-526fe6e33f200"
content-length
2614
content-type
application/javascript
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
server
Apache
accept-ranges
bytes
etag
"53ae-5270441274b80"
content-length
21422
content-type
application/javascript
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"1f6c-526fe6e527680"
content-length
8044
content-type
application/javascript
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
server
Apache
accept-ranges
bytes
etag
"11571-5270441645480"
content-length
71025
content-type
application/javascript
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"2a67-526fe6e433440"
content-length
10855
content-type
application/javascript
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"c18-526fe6e433440"
content-length
3096
content-type
application/javascript
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3225-526fe6e433440"
content-length
12837
content-type
application/javascript
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

:path
/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"31d4-526fe6e33f200"
content-length
12756
content-type
application/javascript
wp-embed.js
securityaffairs.co/wordpress/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-embed.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

:path
/wordpress/wp-includes/js/wp-embed.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Thu, 21 Feb 2019 22:56:38 GMT
server
Apache
accept-ranges
bytes
etag
"c8e-5826f6315ef61"
content-length
3214
content-type
application/javascript
sharing.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=10.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
bc29c34d0738c5cb3f96585219667566799d9e142699e982f9406d5b04fa9794

Request headers

:path
/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:28 GMT
last-modified
Tue, 07 Sep 2021 22:53:04 GMT
server
Apache
accept-ranges
bytes
etag
"5a9e-5cb6fa0dbd05a"
content-length
23198
content-type
application/javascript
e-202138.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202138.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Sep 2022 00:30:46 GMT
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
f9fae20d30474c95bf8745df26cfa5c62803462a9ee57dd710c8266d7ece3f3e

Request headers

:path
/wordpress/wp-includes/js/twemoji.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Fri, 23 Jul 2021 22:11:53 GMT
server
Apache
accept-ranges
bytes
etag
"7cdc-5c7d1b0e301c1"
content-length
31964
content-type
application/javascript
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

:path
/wordpress/wp-includes/js/wp-emoji.js?ver=4e9fb397a60a1f94ccb51524dee6bbf2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Tue, 31 Mar 2020 22:49:14 GMT
server
Apache
accept-ranges
bytes
etag
"231d-5a22e608152f1"
content-length
8989
content-type
application/javascript
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1289
date
Tue, 21 Sep 2021 12:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 21 Sep 2021 14:52:00 GMT
pview
l.sharethis.com/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1632230009146.70625&hostname=securityaffairs.co&location=%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&refDomain=t.co&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&title=FBI%2C%20CISA%2C%20and%20CGCYBER%20warn%20of%20nation-state%20actors%20exploiting%20CVE-2021-40539%20Zoho%20bugSecurity%20Affairs&sop=false&description=The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20of%20state-sponsored%20attacks%20that%20are%20actively%20exploiting%20CVE-2021-40539%20Zoho%20flaw.%20The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20that%20nation-state%20APT%20groups%20are%20actively%20exploiting%20a%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-40539%2C%20in%20the%20Zoho%20ManageEngine%20ADSelfService%20Plus%20software.%20ManageEngine%20ADSelfService%20Plus%20%5B%E2%80%A6%5D
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
log
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/log?event=ibl&url=https://t.co/&description=The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20of%20state-sponsored%20attacks%20that%20are%20actively%20exploiting%20CVE-2021-40539%20Zoho%20flaw.%20The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20that%20nation-state%20APT%20groups%20are%20actively%20exploiting%20a%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-40539%2C%20in%20the%20Zoho%20ManageEngine%20ADSelfService%20Plus%20software.%20ManageEngine%20ADSelfService%20Plus%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
5b71b64b04b9a500117b1015.js
buttons-config.sharethis.com/js/ 		30 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5b71b64b04b9a500117b1015.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:12:50 GMT
via
1.1 11e35514d631a9a9566fd489de935c07.cloudfront.net (CloudFront)
last-modified
Mon, 13 Aug 2018 16:48:12 GMT
server
AmazonS3
age
46
etag
"e6e1643313740711175f51662a65b42f"
x-edge-origin-shield-skipped
0
content-type
text/javascript
cache-control
max-age=60,public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
30
x-amz-cf-id
zJNIkF1eKG1PFCZxWdFhqoMiO156G0V0PEZWrG6pRWIMNlCKl1MXBw==
analytics.js
google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3219
date
Tue, 21 Sep 2021 12:19:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 21 Sep 2021 14:19:50 GMT
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.146 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

:path
/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
pragma
no-cache
origin
https://securityaffairs.co
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
securityaffairs.co
referer
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
server
Apache
accept-ranges
bytes
etag
"ad90-526fe6dc92240"
content-length
44432
content-type
application/font-woff
pview
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1632230009146.70625&hostname=securityaffairs.co&location=%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&refDomain=t.co&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&title=FBI%2C%20CISA%2C%20and%20CGCYBER%20warn%20of%20nation-state%20actors%20exploiting%20CVE-2021-40539%20Zoho%20bugSecurity%20Affairs&sop=false&description=The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20of%20state-sponsored%20attacks%20that%20are%20actively%20exploiting%20CVE-2021-40539%20Zoho%20flaw.%20The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20that%20nation-state%20APT%20groups%20are%20actively%20exploiting%20a%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-40539%2C%20in%20the%20Zoho%20ManageEngine%20ADSelfService%20Plus%20software.%20ManageEngine%20ADSelfService%20Plus%20%5B%E2%80%A6%5D&description=The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20of%20state-sponsored%20attacks%20that%20are%20actively%20exploiting%20CVE-2021-40539%20Zoho%20flaw.%20The%20FBI%2C%20CISA%2C%20and%20the%20Coast%20Guard%20Cyber%20Command%20(CGCYBER)%20warn%20that%20nation-state%20APT%20groups%20are%20actively%20exploiting%20a%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-40539%2C%20in%20the%20Zoho%20ManageEngine%20ADSelfService%20Plus%20software.%20ManageEngine%20ADSelfService%20Plus%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
fcmain.js
contextual.media.net/1017354394/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=816788371&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&kwrf=https%3A%2F%2Ft.co&nse=5&vi=1632230008715535853&lw=1&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
be234a16884f4b7536e792dbd8dbb471485adfa97bb935c5f62efdcea842627c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-31
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
date
Tue, 21 Sep 2021 13:13:30 GMT
x-mnt-w
10-4, 10-16
content-length
26394
expires
Tue, 21 Sep 2021 13:13:30 GMT
checksync.php
contextual.media.net/ Frame D0C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
Requested by
Host: t.co
URL: https://t.co/3eYwzjuEOS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3112e23b29bd4efa653ddfcd406ad3beb33963b7452975c72e0cd47b424855b8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Fri, 25 Mar 2022 13:13:29 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 23 Sep 2021 13:13:29 GMT
date
Tue, 21 Sep 2021 13:13:29 GMT
content-length
5705
bping.php
lg3.media.net/ 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=816788371&vi=1632230008715535853&ugd=4&lf=6&kwrf=https%3A%2F%2Ft.co&cc=DE&sc=HE&lper=100&wsip=2886781035&r=1632230009265&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=62651&vgd_rakh=1632230008133521182&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p12005841927t202109211313&vgd_pgids=1&vgd_uspa=0&hvsid=00001632230009257036324922885874&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 21 Sep 2021 13:13:29 GMT
fcmain.js
contextual.media.net/1017354394/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=816788371&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&kwrf=https%3A%2F%2Ft.co&nse=5&vi=1632230008686023180&lw=1&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fcb6eca8a48ea1b4a478052fbb67f0e473e4744dcd510ff0d3b973307af861c6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-31
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
date
Tue, 21 Sep 2021 13:13:30 GMT
x-mnt-w
10-9, 10-16
content-length
29982
expires
Tue, 21 Sep 2021 13:13:30 GMT
checksync.php
contextual.media.net/ Frame A52A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
Requested by
Host: t.co
URL: https://t.co/3eYwzjuEOS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3112e23b29bd4efa653ddfcd406ad3beb33963b7452975c72e0cd47b424855b8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Fri, 25 Mar 2022 13:13:29 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 23 Sep 2021 13:13:29 GMT
date
Tue, 21 Sep 2021 13:13:29 GMT
content-length
5705
bping.php
lg3.media.net/ 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=816788371&vi=1632230008686023180&ugd=4&lf=6&kwrf=https%3A%2F%2Ft.co&cc=DE&sc=HE&lper=100&wsip=2886781035&r=1632230009281&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=62651&vgd_rakh=1632230008133521182&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p12005841927t202109211313&vgd_pgids=2&vgd_uspa=0&hvsid=00001632230009257036324922885874&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 21 Sep 2021 13:13:29 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 13:13:29 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 21 Sep 2021 13:18:29 GMT
fcmain.js
contextual.media.net/1017354394/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=647633027&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&kwrf=https%3A%2F%2Ft.co&nse=5&vi=1632230008832204905&lw=1&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9166dbe2aab0210d104c36c312339e6d312c6da5455e64c577be393ad2b9eb4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-31
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
date
Tue, 21 Sep 2021 13:13:30 GMT
x-mnt-w
21-smql, 21-r8x9
content-length
30061
expires
Tue, 21 Sep 2021 13:13:30 GMT
checksync.php
contextual.media.net/ Frame 2992 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
Requested by
Host: t.co
URL: https://t.co/3eYwzjuEOS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3112e23b29bd4efa653ddfcd406ad3beb33963b7452975c72e0cd47b424855b8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU5BD6EW&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Fri, 25 Mar 2022 13:13:29 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 23 Sep 2021 13:13:29 GMT
date
Tue, 21 Sep 2021 13:13:29 GMT
content-length
5705
bping.php
lg3.media.net/ 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&vi=1632230008832204905&ugd=4&lf=6&kwrf=https%3A%2F%2Ft.co&cc=DE&sc=HE&lper=100&wsip=2886781035&r=1632230009319&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=62651&vgd_rakh=1632230008133521182&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p12005841927t202109211313&vgd_pgids=2&vgd_uspa=0&hvsid=00001632230009317036324922881424&gdpr=1&vgd_end=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 21 Sep 2021 13:13:29 GMT
hb_v2.js
cdn.pixfuture.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
641e7c97f7120b12a9ccf8f7b2f6066f5de79662c6b43c42f0200ba25af998fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Sep 2021 13:54:14 GMT
server
cloudflare
age
170335
etag
W/"613a1206-82f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsU5mq1tARMLS2gKugOLaeb3mar%2FLXWSVOCpEXOr8WUanZtn7zrSEG3l09EbaYRRaiwHB3sFTZXe4NJdnTBW9M%2FO034OJBK3jDw86SqGQ0ztLy%2FMqkSx%2Ffpn3IuTI2j4Zl9c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Tue, 21 Sep 2021 13:54:32 GMT
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69238d16be7d4065-LHR
cf-bgj
minify
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"156244085faab7d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
6414
expires
Sat, 05 Nov 2022 20:12:40 GMT
securityaffairs-best-european-blog2.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png?resize=300%2C217&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
x-bytes-saved
103276
content-length
10314
x-nc
HIT hhn 2
last-modified
Tue, 02 Jun 2020 21:29:55 GMT
server
nginx
etag
"c8c3d7b06b174426"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png>; rel="canonical"
expires
Fri, 03 Jun 2022 09:29:55 GMT
logo-center-for-cybersecurity.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:12:40 GMT
server
nginx
etag
"312ff21e46f29f3d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7482
expires
Sat, 05 Nov 2022 20:12:40 GMT
newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Dec 2020 07:29:12 GMT
server
nginx
etag
"a6fb49f7a00a0498"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
6336
expires
Thu, 15 Dec 2022 19:29:12 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=29506073&post=122293&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=https%3A%2F%2Ft.co%2F&fcp=4368&rand=0.8575512935702625
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
graph.facebook.com/ 		244 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=10.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.240.17 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-01-lcy1.facebook.com
Software
/
Resource Hash
5ff61d63d0aaf012059a32bc1a1dc630c7dc3bc25d838b0f4b3416417c1071ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004426924
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
183
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Q3xNi/lQnBPznGR/fDyQTkfG20FZbLXDUI9eTjvvLo3uRyw8Tv2ev6Lvrp5l4hlIs+ZVv5kyv4HNNUTdZi4JCg==
x-fb-trace-id
BRi2sGLfXLr
date
Tue, 21 Sep 2021 13:13:29 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ASFS2D5WHm_eNUU_3Axfgec
cache-control
no-store
facebook-api-version
v4.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.4233985753026763
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sdk.js
connect.facebook.net/en_US/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ac2caaff07a62243f9b0aac8f4e8caaa
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
ed84ac7d34ed9020ee36f97a3c11367c3c040f1a7a97c0f88f524fc38e184161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://securityaffairs.co/
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
flY0XIadZHdfx8yyZyV28A==
cross-origin-resource-policy
cross-origin
expires
Wed, 21 Sep 2022 11:09:57 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66996
x-fb-rlafr
0
x-fb-debug
rwll+St5VOOJKbw3pW0rL4RNvRDwsJzjpnYAjT/JbGmHdeqmmN/ZJt3KhtiJ5OrXUqRLSTXTXnbxGNJMenSw7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4c103d2e3d5758baa2419bc22ba64b2f
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 21 Sep 2021 13:13:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"58e2caceea249e5b03894862c6082218"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=280732045&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=FBI%2C%20CISA%2C%20and%20CGCYBER%20warn%20of%20nation-state%20actors%20exploiting%20CVE-2021-40539%20Zoho%20bugSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=940204356&gjid=1155812824&cid=1352141922.1632230009&tid=UA-59069958-1&_gid=111632493.1632230009&_r=1&gtm=2ou9k0&did=dNDMyYj&z=818626124
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=280732045&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=FBI%2C%20CISA%2C%20and%20CGCYBER%20warn%20of%20nation-state%20actors%20exploiting%20CVE-2021-40539%20Zoho%20bugSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=555358094&gjid=1181068371&cid=1352141922.1632230009&tid=UA-59069958-1&_gid=111632493.1632230009&_r=1&_slc=1&z=959448257
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pbix.js
cdn.pixfuture.com/ 		423 KB
424 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80721
cf-polished
origSize=433266
cf-bgj
minify
last-modified
Mon, 23 Aug 2021 13:19:22 GMT
server
cloudflare
etag
W/"6123a05a-69c72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqiKo37gk8osSczKwAW%2Bq8904t9O6b%2FVx7V%2BBeTHZykhVklc3eS3DBCU1wRAmaiyy%2FR2aycXXx1KbY1ob%2FmLPUrmPYuw9c5NOOBIf6pkS6F%2BmH%2F%2B2m%2FJtXSks%2FjR%2BMLIrnmt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400, no-transform
cf-ray
69238d173f414065-LHR
expires
Wed, 22 Sep 2021 14:47:57 GMT
r.js
aa.agkn.com/adscores/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.90.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-90-17.eu-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
server
AAWebServer
content-type
text/plain
content-length
22
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=fbi,cisa,cgcyber,warn,nationstate,actors,exploiting,cve202140539,zoho,bugsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1abb7da15e075154c1ce53f92d0cea61b873c03d4ce186bf73d813154c607e60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:29 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24270x300x250x4142x_ADSLOT1&keywords=fbi,cisa,cgcyber,warn,nationstate,actors,exploiting,cve202140539,zoho,bugsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
438d5718d677eb0d1d809a25f3eb862110b5164ca622358274bea1012d5150c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:29 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		10 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24274x728x90x4142x_ADSLOT1&keywords=fbi,cisa,cgcyber,warn,nationstate,actors,exploiting,cve202140539,zoho,bugsecurity,affairs&refUrl=https://t.co/&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
aba9b7158d4802fa22538abc53413e5d3ddb05bdb74aa991e39a670337d48fa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:29 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://securityaffairs.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://securityaffairs.co
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1529
date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		353 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d1d3821fcc13f5ed5eb68647c5492334b786ffb2640d70d9b4be7ed169e03a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 21 Sep 2021 13:13:29 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2361
expires
0
529.json
id5-sync.com/g/v2/ 		211 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p25.id5-sync.com
Software
/
Resource Hash
4ab65765b405f7599879aaa82504b293e9b216c5ef8828756cac7880f6ef0a67
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://securityaffairs.co
Date
Tue, 21 Sep 2021 13:13:25 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
905457f17fcbf10e6c7dc8494ace0d839b39a21012febf78ef5ce2c163bd9842

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 21 Oct 2021 13:13:29 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=2&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&tk_flint=pbjs_lite_v5.9.0-pre&x_source.tid=9e405073-1585-48cd-a835-713d8eb6b9a4&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3725290251837867
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7982d925c88e8c36e31652485ce71249a84875f542c61c66affa217b2ae5abf1

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		172 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e405073-1585-48cd-a835-713d8eb6b9a4&nocache=1632230009841&id5id=0&pubcid=3bf66590-671a-452d-ab2f-65c7539f4d08&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=728x90&divids=24274x728x90x4142x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPWZiaSxjaXNhLGNnY3liZXIsd2FybixuYXRpb25zdGF0ZSxhY3RvcnMsZXhwbG9pdGluZyxjdmUyMDIxNDA1Mzksem9obyxidWdzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWZiaSxjaXNhLGNnY3liZXIsd2FybixuYXRpb25zdGF0ZSxhY3RvcnMsZXhwbG9pdGluZyxjdmUyMDIxNDA1Mzksem9obyxidWdzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
9c8a8cc233ec82f4d825279aa82384620ebc5f93168d783877048a50e53d2bb6

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		30 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226b9023bb430dd7%22%3A%22951d83dd852c9348161e%7C728x90%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&s=8809b253-eab6-4934-9443-50422dba7fda&pv=00f5d8ac-d226-4f16-bf51-28a54514e4f1&vp=desktop&lib_name=prebid&lib_v=5.9.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D&kw=fbi%2Ccisa%2Ccgcyber%2Cwarn%2Cnationstate%2Cactors%2Cexploiting%2Ccve202140539%2Czoho%2Cbugsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		65 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3f9ede3ab2a8e57dd61afc5ab0c075b9a0f850022705fc190549aabf8b636a8a

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Tue, 21 Sep 2021 13:13:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
8f96a42949b4f94a1f21a77ad77f4c1cc5cec85e3897fd7c6443d563633e0146

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ 		139 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c3f1a5ad6718156fa01232f60e191e9c5295703794644d7de3a3e21055437d50
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a495bd52-e746-4ae8-bc3c-c06a9bdbb94e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_728x90&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
4fc1644139e1ea770f0c7809c8b5952bdad3c54a546e7da606766e199eec321c

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-157-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Tue, 21 Sep 2021 13:13:29 GMT
access-control-allow-credentials
true
vary
Origin
trinity.json
apex.go.sonobi.com/ 		1 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2221c44ac6f68ef34%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&s=965dd7c7-14bf-49a0-9448-bb5db1c84784&pv=00f5d8ac-d226-4f16-bf51-28a54514e4f1&vp=desktop&lib_name=prebid&lib_v=5.9.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D&kw=fbi%2Ccisa%2Ccgcyber%2Cwarn%2Cnationstate%2Cactors%2Cexploiting%2Ccve202140539%2Czoho%2Cbugsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
7b62cab8c06bd5d44c37287e6c5eeb56055164df5696ee74b278ba5f186a4e0f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:30 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
551
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
f59beec2f0344ce89a96106b176cd996515640b8e7e629a10c9b52b882490b0e

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_300x250&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
ffe9fb05147ac3c04e21758191d648474f95758c677c3e4a87ca33933702443b

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
arj
pixfuture2-d.openx.net/w/1.0/ 		172 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=42b814d4-a8a6-47c6-a995-30e25f2e3b7c&nocache=1632230009857&id5id=0&pubcid=3bf66590-671a-452d-ab2f-65c7539f4d08&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=300x250&divids=24270x300x250x4142x_ADSLOT1&aucs=&auid=540580840&tps=bXlrZXl3b3JkPWZiaSxjaXNhLGNnY3liZXIsd2FybixuYXRpb25zdGF0ZSxhY3RvcnMsZXhwbG9pdGluZyxjdmUyMDIxNDA1Mzksem9obyxidWdzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWZiaSxjaXNhLGNnY3liZXIsd2FybixuYXRpb25zdGF0ZSxhY3RvcnMsZXhwbG9pdGluZyxjdmUyMDIxNDA1Mzksem9obyxidWdzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
c722c8fe00c0efaa2103dca182e0ca6c23f1c5ca7ffbcf4f835ae10415a87fdb

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cdb42a7328c629aba38eab96d2ef893bb9d6af7a77da1e8728d6ae62d8869676

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&tk_flint=pbjs_lite_v5.9.0-pre&x_source.tid=42b814d4-a8a6-47c6-a995-30e25f2e3b7c&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3007440394971068
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
184a707c76a3d3b40bcbe02ed2ca125f25ed811ce9d0fc8ee0bc28ad523eb07d

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
33ed7364-a13c-4d4c-bd24-8f6362e89b94
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Tue, 21 Sep 2021 13:13:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-157-131.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Tue, 21 Sep 2021 13:13:29 GMT
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
eba999334c6bfe6dc81a86947c27265ededb8379ee3e0fd9499da35316152612

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 21 Sep 2021 13:13:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&tk_flint=pbjs_lite_v5.9.0-pre&x_source.tid=d69a0446-3a6f-4e1b-a047-55bf43b58f00&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46322574950732665
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e1414ece4029a0c9a4bfa91c01f82a30e22017dfe940586e7b7039dfb402e06a

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Tue, 21 Sep 2021 13:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3f2b332fc17b435451acb8b9d786be723eba33ee737809eadb8aa919a1a93d15

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
pixfuture2-d.openx.net/w/1.0/ 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d69a0446-3a6f-4e1b-a047-55bf43b58f00&nocache=1632230009868&id5id=0&pubcid=3bf66590-671a-452d-ab2f-65c7539f4d08&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWZiaSxjaXNhLGNnY3liZXIsd2FybixuYXRpb25zdGF0ZSxhY3RvcnMsZXhwbG9pdGluZyxjdmUyMDIxNDA1Mzksem9obyxidWdzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPWZiaSxjaXNhLGNnY3liZXIsd2FybixuYXRpb25zdGF0ZSxhY3RvcnMsZXhwbG9pdGluZyxjdmUyMDIxNDA1Mzksem9obyxidWdzZWN1cml0eSxhZmZhaXJz
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
217087763cc2f9f8ad5e0f889b4c7f38ec3e056660923b002de3078aab12f9bf

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		30 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2250ee55603255bd9%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&s=e1319d6f-cba8-4f81-99e2-224b45c668a2&pv=00f5d8ac-d226-4f16-bf51-28a54514e4f1&vp=desktop&lib_name=prebid&lib_v=5.9.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D&kw=fbi%2Ccisa%2Ccgcyber%2Cwarn%2Cnationstate%2Cactors%2Cexploiting%2Ccve202140539%2Czoho%2Cbugsecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
160725f0669b767a404c771a72ad89aa96e1616d0971af61d39994b2e5bf6abf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:29 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
20953dc6-d47e-4858-87a9-ad6950170f15
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 97CF 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d236eed9587f12322a00882066264ef4fe0648dae4f50dc397fa9020446b3acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38605
x-xss-protection
0
server
cafe
etag
8932238401452743236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 13:13:32 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:30 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4A40 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d236eed9587f12322a00882066264ef4fe0648dae4f50dc397fa9020446b3acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38605
x-xss-protection
0
server
cafe
etag
8932238401452743236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 13:13:33 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:30 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 464A 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d236eed9587f12322a00882066264ef4fe0648dae4f50dc397fa9020446b3acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38605
x-xss-protection
0
server
cafe
etag
8932238401452743236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 13:13:33 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:30 GMT
nrrV39259.js
contextual.media.net/4a/ Frame A483 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/4a/nrrV39259.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5567b7605fb292b7fecb2606b7353a8a8c1d880cefc15de2f67e6f0998d8492d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"925d278231dfd856648289a948676aab"
vary
Accept-Encoding
x-mnet-h
8-31
content-type
text/javascript; charset=utf-8
cache-control
max-age=1209600
date
Tue, 21 Sep 2021 13:13:30 GMT
content-length
30059
expires
Tue, 05 Oct 2021 13:13:30 GMT
nrrV39259.js
contextual.media.net/4a/ Frame F255 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/4a/nrrV39259.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5567b7605fb292b7fecb2606b7353a8a8c1d880cefc15de2f67e6f0998d8492d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"925d278231dfd856648289a948676aab"
vary
Accept-Encoding
x-mnet-h
8-31
content-type
text/javascript; charset=utf-8
cache-control
max-age=1209600
date
Tue, 21 Sep 2021 13:13:30 GMT
content-length
30059
expires
Tue, 05 Oct 2021 13:13:30 GMT
1.jpg
contextual.media.net/__media__/pics/800060601/ Frame F255 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/1.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
05999befd49ad70a0d0648a08d12fa80206fa88822a907ff426f0eadcc437c1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=597967
accept-ranges
bytes
content-length
4781
expires
Tue, 28 Sep 2021 11:19:37 GMT
2.jpg
contextual.media.net/__media__/pics/800060601/ Frame F255 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/2.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0758ad694d2f74d096d49d79e32cb100eeb38dc6ff11c2f9a870de5eb5a35b5f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=437999
accept-ranges
bytes
content-length
3740
expires
Sun, 26 Sep 2021 14:53:29 GMT
3.jpg
contextual.media.net/__media__/pics/800060601/ Frame F255 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/3.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0bdb519e9746b7b770969e860e0bbf41606bc4b814479ddd4f8688f2cafcc01a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=597471
accept-ranges
bytes
content-length
3376
expires
Tue, 28 Sep 2021 11:11:21 GMT
4.jpg
contextual.media.net/__media__/pics/800060601/ Frame F255 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/4.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9282ea078a317f764d3883e732d14a2e80575e437b710144396d453f5a19139a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=338395
accept-ranges
bytes
content-length
5051
expires
Sat, 25 Sep 2021 11:13:25 GMT
1.jpg
contextual.media.net/__media__/pics/800060601/ Frame E7A8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/1.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
05999befd49ad70a0d0648a08d12fa80206fa88822a907ff426f0eadcc437c1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=597967
accept-ranges
bytes
content-length
4781
expires
Tue, 28 Sep 2021 11:19:37 GMT
2.jpg
contextual.media.net/__media__/pics/800060601/ Frame E7A8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/2.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0758ad694d2f74d096d49d79e32cb100eeb38dc6ff11c2f9a870de5eb5a35b5f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=437999
accept-ranges
bytes
content-length
3740
expires
Sun, 26 Sep 2021 14:53:29 GMT
3.jpg
contextual.media.net/__media__/pics/800060601/ Frame E7A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/3.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0bdb519e9746b7b770969e860e0bbf41606bc4b814479ddd4f8688f2cafcc01a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=597471
accept-ranges
bytes
content-length
3376
expires
Tue, 28 Sep 2021 11:11:21 GMT
4.jpg
contextual.media.net/__media__/pics/800060601/ Frame E7A8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800060601/4.jpg
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9282ea078a317f764d3883e732d14a2e80575e437b710144396d453f5a19139a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 29 May 2018 12:36:32 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/jpeg
cache-control
max-age=338395
accept-ranges
bytes
content-length
5051
expires
Sat, 25 Sep 2021 11:13:25 GMT
nrrV39259.js
contextual.media.net/4a/ Frame E7A8 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/4a/nrrV39259.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5567b7605fb292b7fecb2606b7353a8a8c1d880cefc15de2f67e6f0998d8492d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"925d278231dfd856648289a948676aab"
vary
Accept-Encoding
x-mnet-h
8-31
content-type
text/javascript; charset=utf-8
cache-control
max-age=1209600
date
Tue, 21 Sep 2021 13:13:30 GMT
content-length
30059
expires
Tue, 05 Oct 2021 13:13:30 GMT
1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame A483 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800028474/1x1.gif
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Mon, 04 Jun 2018 10:04:19 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=515305
accept-ranges
bytes
content-length
42
expires
Mon, 27 Sep 2021 12:21:55 GMT
truncated
/ Frame A483 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A483 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
bullet5.woff
contextual.media.net/__media__/fonts/bullet5/ Frame A483 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/bullet5/bullet5.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5478a58e273007bb37b0f168fdbaf319580f1bd42af6219320ef76e82e5b7808
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1768
expires
Wed, 22 Sep 2021 13:13:30 GMT
truncated
/ Frame F255 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9b76f5559de92c2cc7df8fa751c09d9a3bbfada6123d975c75c4a093f8cfeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F255 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F255 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
OpenSans-Regular.woff
contextual.media.net/__media__/fonts/OpenSans-Regular/ Frame F255 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
67528
expires
Wed, 22 Sep 2021 13:13:30 GMT
truncated
/ Frame E7A8 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9b76f5559de92c2cc7df8fa751c09d9a3bbfada6123d975c75c4a093f8cfeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E7A8 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E7A8 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
OpenSans-Regular.woff
contextual.media.net/__media__/fonts/OpenSans-Regular/ Frame E7A8 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans-Regular/OpenSans-Regular.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
67528
expires
Wed, 22 Sep 2021 13:13:30 GMT
OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame A483 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://securityaffairs.co/
Origin
https://securityaffairs.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25720
expires
Wed, 22 Sep 2021 13:13:30 GMT
effb0001-aa69-4ca5-b10a-80353c5737b9.jpg
cvision.media.net/new/100x75/2/130/152/96/ Frame F255 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/130/152/96/effb0001-aa69-4ca5-b10a-80353c5737b9.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
97d71d9bbf25055de5a913fff7c46ad7cba0401de007cecd154f717babc3b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Wed, 21 Mar 2018 16:27:12 GMT
server
nginx
accept-ranges
bytes
etag
"5ab287e0-1b0b"
content-length
6923
content-type
image/jpeg
e99fc5dd-4ba8-4d23-88d6-9c2d8cc8712e.jpg
cvision.media.net/new/100x75/4/17/62/94/ Frame F255 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/4/17/62/94/e99fc5dd-4ba8-4d23-88d6-9c2d8cc8712e.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ea9237999cb5776602a2ad4e94d7c7b6ba4a402e17e06ac7349e881c0ac97248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Fri, 09 Mar 2018 04:33:13 GMT
server
nginx
accept-ranges
bytes
etag
"5aa20e89-1bc7"
content-length
7111
content-type
image/jpeg
0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg
cvision.media.net/new/100x75/2/225/127/189/ Frame F255 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/225/127/189/0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e01b6e422cb01a818f04d491b41ba2886ebbf5b71ad7c12ee9ae15e62935736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Wed, 11 Apr 2018 16:07:04 GMT
server
nginx
accept-ranges
bytes
etag
"5ace32a8-24c5"
content-length
9413
content-type
image/jpeg
74a025eb-7603-4ea0-996b-0835b53416bd.jpg
cvision.media.net/new/100x75/2/114/17/207/ Frame F255 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/114/17/207/74a025eb-7603-4ea0-996b-0835b53416bd.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
acb780a3b993b70917b2ac759b6f85aaf456d537bbcea40cc95d85bec9c861ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Tue, 04 Sep 2018 04:43:04 GMT
server
nginx
accept-ranges
bytes
etag
"5b8e0d58-2164"
content-length
8548
content-type
image/jpeg
bql.php
lg3.media.net/ Frame A483 		15 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001632230009257036324922885874&geo=50.12|8.68&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bcJvKkD7oNWATQGXYvCMCRG_EfNQ9cRADnr-6CxsEN7a9HOPOHNjcD3Q5SvfxBfFGDtYYYn34osSpziZXnIcYYu5lcJJtzsyLizhZlh7Ox_o%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=-qkzMpzS_SLlKPOl7z4OFnlDB_ow0Ki-oMUyD0TKKartKL5SOHOHcViUS4X_0XiFwGh12bb6tWTOl30v8ZntiRcC8o_yzRhSOLVnQ7U39Ewf-TMiEppKpiv6NjogbjMZ18ImOuysuz0jAENEPs41c-zKtYQbNUdD9nB0mdyUNhh7QBt1g4SLH8xujD_rgXN2mmxImPbe3ZZPLAxDRVtejJFxlpAwa2oA1bdckuZb7aw%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7Cy2SqoJcE0s-9IUO1sSido6Y3VR48iOc4%7CxWCiQktcTSvCD-yC9z5MwhjF4hTVKoV9-_gTRGM5wR3stfTutNpN8l081_L-EGaSS3dWlJ2qm5EFgVmCghMTnFxH-BE5hfVQ-690Y1BN6gBs6AHm9PeZfw%3D%3D%7CN7fu2vKt8_s%3D%7CarxRGMpJWtKZbkx5Ouqf0-pe-y3cGxefpwdxm7h6xntvfVGUztDdMiQyjlJGR9jRDb70jARrZUSkZN0hr6goDR7Q-Akq-9ttuVQXEv9Cno3yLuxikqQ9pDFN_l7Zz-uNZ2PfgMMdxDDL0xqzdy_PZAorIk5NVoCFaomDuzmukQlexawHUe1N1ipoIf8LQSjlfWxfj93j2CAhzfelWheCXmoNPBzDnkKJ%7C&hint=&td=&cc=DE&wsip=2887305230&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=207&oref=https%3A%2F%2Ft.co&fdkt=267&kwd[]=10%20Best%20Network%20Scanning%20Tools&kwt[]=267&kbc[]=139812&kwp[]=1&kid[]=329945037&kbc2[]=ps%3D0.583%7C%7Crpc%3D0.32%7C%7Clvl%3D1.00&ktd[]=274894815488&kwd[]=Security%20Guard%20Patrol&kwt[]=438&kbc[]=500436&kwp[]=2&kid[]=25582808&kbc2[]=ps%3D0.525%7C%7Crpc%3D0.81%7C%7Clvl%3D1.00&ktd[]=274911592704&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=244&kbc[]=1204776014&kwp[]=3&kid[]=30219595&kbc2[]=ps%3D0.549%7C%7Crpc%3D0.57%7C%7Clvl%3D1.17&ktd[]=274894815488&kwd[]=IT%20Security%20Audit&kwt[]=267&kbc[]=139812&kwp[]=4&kid[]=15501232&kbc2[]=ps%3D0.583%7C%7Crpc%3D0.59%7C%7Clvl%3D1.00&ktd[]=274894815488&kwd[]=Best%20Mac%20Antivirus%202021&kwt[]=244&kbc[]=1204776014&kwp[]=5&kid[]=330156149&kbc2[]=ps%3D0.549%7C%7Crpc%3D0.37%7C%7Clvl%3D2.53&ktd[]=274894815488&rand=1632230010178&cid=8CU5BD6EW&vwid=1632230008715535853&vi=1632230008715535853&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=HE&vgd_l1rakh=1632230008133521182&vgd_l1rhst=contextual.media.net&vgd_lhl=980&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1632230009257&upk=1632230009.20812&hvsid=00001632230009257036324922885874&verid=4121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D62651&vgd_isiolc=1&pid=8PO9OT5EW&katen=1&pc=5&vgd_pgid=p12005841927t202109211313&matm=1632230010188&vgd_ltime=1002&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D62651&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l1ch=1&vgd_refdomain=t.co&vgd_katid=807619805&vgd_katbid=-21&vgd_kals=ttype%3D10002%7C%7Cpc%3D5&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305298&vgd_nrrsf=nrr&vgd_nrrv=39259&vgd_nrrs=39259&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-816788371%7CDIV&vgd_x_pos=325&vgd_y_pos=2302&vgd_ren_page_h=4776&vgd_cty=FRANKFURT&vgd_l1hcsd=N2%7C6177&vgd_sethcsd=A31%7C6273&vgd_cfud=200312&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_l2ch=1&vgd_ect=4g&vgd_rensize=610_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1632230008715535853%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D816788371%26vpf%3D000%26kwrf%3Dhttps%253a%252f%252ft.co%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8PO9OT5EW%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f122293%252fsecurity%252fcve-2021-40539-zoho-bug-attacks.html%26%26katid%3D807619805%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A610%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_crefurl=https://t.co/&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:30 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 21 Sep 2021 13:13:30 GMT
log
navvy.media.net/ Frame A483 		35 B
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.149.102.34.bc.googleusercontent.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
via
1.1 google
server
Jetty(9.4.7.v20170914)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
alt-svc
clear
content-length
35
expires
Tue, 21 Sep 2021 13:13:30 GMT
0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg
cvision.media.net/new/100x75/2/225/127/189/ Frame E7A8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/225/127/189/0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e01b6e422cb01a818f04d491b41ba2886ebbf5b71ad7c12ee9ae15e62935736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Wed, 11 Apr 2018 16:07:04 GMT
server
nginx
accept-ranges
bytes
etag
"5ace32a8-24c5"
content-length
9413
content-type
image/jpeg
a797180a-d7b8-4804-89c6-e878d2cc5df3.jpg
cvision.media.net/new/100x75/2/126/198/212/ Frame E7A8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/126/198/212/a797180a-d7b8-4804-89c6-e878d2cc5df3.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95180d4a8fc66bf96641d3bc4dc1391e8e943a9242eebf4e05bb420be208a95e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Thu, 26 Jul 2018 16:57:49 GMT
server
nginx
accept-ranges
bytes
etag
"5b59fd8d-23e9"
content-length
9193
content-type
image/jpeg
610c325c-cfa2-4a2c-962a-ec5e869597ff.jpg
cvision.media.net/new/100x75/2/90/178/22/ Frame E7A8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/90/178/22/610c325c-cfa2-4a2c-962a-ec5e869597ff.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a2f40ef82fbc0f5c544b020709847069965126b5378323fd2d5004f6f610b180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Sun, 18 Mar 2018 21:00:48 GMT
server
nginx
accept-ranges
bytes
etag
"5aaed380-20f7"
content-length
8439
content-type
image/jpeg
d37dae82-f02f-4511-a18c-604590ac5adf.jpg
cvision.media.net/new/100x75/6/153/70/94/ Frame E7A8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/6/153/70/94/d37dae82-f02f-4511-a18c-604590ac5adf.jpg?v=9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e0bf842260dd5c9f94a62627fbc7c2bc556cdcc420d7ace97f816248d9bb2c3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Fri, 23 Mar 2018 12:40:09 GMT
server
nginx
accept-ranges
bytes
etag
"5ab4f5a9-23db"
content-length
9179
content-type
image/jpeg
0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg
cvision.media.net/new/100x75/2/225/127/189/ Frame F255 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/225/127/189/0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e01b6e422cb01a818f04d491b41ba2886ebbf5b71ad7c12ee9ae15e62935736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Wed, 11 Apr 2018 16:07:04 GMT
server
nginx
accept-ranges
bytes
etag
"5ace32a8-24c5"
content-length
9413
content-type
image/jpeg
0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg
cvision.media.net/new/100x75/2/225/127/189/ Frame E7A8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/100x75/2/225/127/189/0d1b8944-5703-4341-a702-cf754e8c4c9b.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e01b6e422cb01a818f04d491b41ba2886ebbf5b71ad7c12ee9ae15e62935736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
last-modified
Wed, 11 Apr 2018 16:07:04 GMT
server
nginx
accept-ranges
bytes
etag
"5ace32a8-24c5"
content-length
9413
content-type
image/jpeg
bql.php
lg3.media.net/ Frame F255 		15 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001632230009257036324922885874&geo=50.12|8.68&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bcJvKkD7oNWATQGXYvCMCRG_EfNQ9cRADnr-6CxsEN7a9HOPOHNjcD3Q5SvfxBfFGDtYYYn34osSpziZXnIcYYu5lcJJtzsyLizhZlh7Ox_o%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=EmX4F68WjWml_wyWoIJChU8ZxvgvUjFH6R3QRo1amMICB6CTZovOBNHg07FTbIGRslwA0ZaVYhHh69bd80-UWds7xfPdw5gdYs4kCSTv9qcdaT6xmjOT4l67QAh54LvMQpBQAjWNwKKABO0sEjPNTFyNFXgucMeuJFm4UEwZYuoY9vYnYwUC6IurF0nvdKVD2ysGVFH5J53EslJprUY-d4XBFenyIVZy29DWI3moS4w%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7Cy2SqoJcE0s-9IUO1sSido6Y3VR48iOc4%7CxWCiQktcTSvCD-yC9z5MwhjF4hTVKoV9-_gTRGM5wR3stfTutNpN8l081_L-EGaSS3dWlJ2qm5EFgVmCghMTnFxH-BE5hfVQ-690Y1BN6gBs6AHm9PeZfw%3D%3D%7CN7fu2vKt8_s%3D%7CpVu6LaRFuVwShvh3Yf7wxq3mpK11gdT_aVOE_B8_kcvb93x0y_6xAp74UwTUJr48loKD4VkcUpRAW-lSgwVWzcR6EyM7XHSsqIqlxclf2E89n4eTMDN0bbFOhPMX3qlVRFFxvqeOgetLNBjgTmI7KIW9YxEYOzA7l8dxiHADR4PFZZ3oCQJjWwgB6o-MXw-le721RwXq6SHW0Y4Xnss0Cpl5VgGaTwzd%7C&hint=&td=&cc=DE&wsip=2887305235&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=207&oref=https%3A%2F%2Ft.co&fdkt=267&kwd[]=10%20Best%20Network%20Scanning%20Tools&kwt[]=267&kbc[]=139812&kwp[]=1&kid[]=329945037&kbc2[]=ir%3D1%7C%7Ciid%3D2683460%7C%7Cps%3D0.583%7C%7Crpc%3D0.32%7C%7Clvl%3D1.00&ktd[]=277310734592&kwd[]=Security%20Guard%20Patrol&kwt[]=438&kbc[]=500436&kwp[]=2&kid[]=25582808&kbc2[]=ir%3D1%7C%7Ciid%3D1693867%7C%7Cps%3D0.525%7C%7Crpc%3D0.81%7C%7Clvl%3D1.00&ktd[]=277595947264&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=244&kbc[]=1204776014&kwp[]=3&kid[]=30219595&kbc2[]=ir%3D1%7C%7Ciid%3D3677279%7C%7Cps%3D0.549%7C%7Crpc%3D0.57%7C%7Clvl%3D1.17&ktd[]=275700121856&kwd[]=IT%20Security%20Audit&kwt[]=267&kbc[]=139812&kwp[]=4&kid[]=15501232&kbc2[]=ir%3D1%7C%7Ciid%3D10061993%7C%7Cps%3D0.583%7C%7Crpc%3D0.59%7C%7Clvl%3D1.00&ktd[]=277042299136&rand=1632230010233&cid=8CU5BD6EW&vwid=1632230008686023180&vi=1632230008686023180&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=HE&vgd_l1rakh=1632230008133521182&vgd_l1rhst=contextual.media.net&vgd_lhl=987&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1632230009279&upk=1632230009.20812&hvsid=00001632230009257036324922885874&verid=4121199&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D62651&vgd_isiolc=1&npgv=1&pid=8PO9OT5EW&katen=1&pc=8&vgd_pgid=p12005841927t202109211313&matm=1632230010236&vgd_ltime=1199&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D62651&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l1ch=1&vgd_refdomain=t.co&vgd_katid=807056978&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D8&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305298&vgd_nrrsf=nrr&vgd_nrrv=39259&vgd_nrrs=39259&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-816788371%7CDIV&vgd_x_pos=325&vgd_y_pos=2559&vgd_ren_page_h=4776&vgd_cty=FRANKFURT&vgd_l1hcsd=N2%7C6177&vgd_sethcsd=A31%7C6273&vgd_cfud=191226&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_l2ch=1&vgd_ect=4g&vgd_rensize=610_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=2&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1632230008686023180%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D816788371%26vpf%3D000%26kwrf%3Dhttps%253a%252f%252ft.co%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8PO9OT5EW%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f122293%252fsecurity%252fcve-2021-40539-zoho-bug-attacks.html%26%26katid%3D807056978%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A610%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A4&vgd_crefurl=https://t.co/&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:30 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 21 Sep 2021 13:13:30 GMT
log
navvy.media.net/ Frame F255 		35 B
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.149.102.34.bc.googleusercontent.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
via
1.1 google
server
Jetty(9.4.7.v20170914)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
alt-svc
clear
content-length
35
expires
Tue, 21 Sep 2021 13:13:30 GMT
bql.php
lg3.media.net/ Frame E7A8 		15 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001632230009317036324922881424&geo=50.12|8.68&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bcJvKkD7oNWATQGXYvCMCRG_EfNQ9cRADnr-6CxsEN7a9HOPOHNjcD3Q5SvfxBfFGDtYYYn34osT5J6SgfLZcTFsdkm_HNTMsNzOhWkxXSdQ%3D&lpid=&tsid=1&q=&prv=&type=&ps=&cme=XVK9LqZbwBj-lhZGpNo-lYPPoWFB46JaTkyKIszZHwYSrm_ge9qYH6nMVfuUV78kXdXWJru5w78PFSdU_T-HvBefBQOOby2-ZOkaQhzCvq2JMaUwi4Dph9cq22PazQYfxq1-SeZ7TajVXgea5gRMz3_EqDUiDG7AbPHeXIhzboKMkEohp5rXOuTCLRsjqwIxatfYXYWUoknexHA4uQYpK3W7xx3a5wKDtQ7KVQACCvtjpMxx4rD_kQ%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7Cy2SqoJcE0s-9IUO1sSido6Y3VR48iOc4%7CxWCiQktcTSvCD-yC9z5MwhjF4hTVKoV9-_gTRGM5wR3stfTutNpN8l081_L-EGaSS3dWlJ2qm5EFgVmCghMTnFxH-BE5hfVQ-690Y1BN6gBs6AHm9PeZfw%3D%3D%7CN7fu2vKt8_s%3D%7C0FqiW4rFHGQhIOtSWeKdjLPYSwMgjk4gBM1OhlhEucju-yVoZOnvqkURQjNouFXVTiqAOrgCJY77xz8hARGSA5L0rGwnzWo08mCszmj8cz1kSM6mh00UUpYRnb6SMebxpNAyZSZRLSpcGeTQiKDQ4gbmMELWpyqi5VMHzcST_izj5loT8DY1XvWUeg34rDPb5vP3JIJuDIwY0XFAn5GPY2w1hXc6GSNq%7C&hint=&td=&cc=DE&wsip=170721403&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=fuoyxQBuG&vgde_setid=Nfu&&rc=0&ksu=207&oref=https%3A%2F%2Ft.co&fdkt=267&kwd[]=10%20Best%20Network%20Scanning%20Tools&kwt[]=267&kbc[]=139812&kwp[]=1&kid[]=329945037&kbc2[]=ir%3D1%7C%7Ciid%3D9755980%7C%7Cps%3D0.583%7C%7Crpc%3D0.32%7C%7Clvl%3D1.00&ktd[]=277042299136&kwd[]=Security%20Guard%20Patrol&kwt[]=438&kbc[]=500436&kwp[]=2&kid[]=25582808&kbc2[]=ir%3D1%7C%7Ciid%3D7185005%7C%7Cps%3D0.525%7C%7Crpc%3D0.81%7C%7Clvl%3D1.00&ktd[]=277059076352&kwd[]=Vulnerability%20Assessment%20Scanner&kwt[]=244&kbc[]=1204776014&kwp[]=3&kid[]=30219595&kbc2[]=ir%3D1%7C%7Ciid%3D3677279%7C%7Cps%3D0.549%7C%7Crpc%3D0.57%7C%7Clvl%3D1.17&ktd[]=275700121856&kwd[]=IT%20Security%20Audit&kwt[]=267&kbc[]=139812&kwp[]=4&kid[]=15501232&kbc2[]=ir%3D1%7C%7Ciid%3D1693061%7C%7Cps%3D0.583%7C%7Crpc%3D0.59%7C%7Clvl%3D1.00&ktd[]=277310734592&rand=1632230010258&cid=8CU5BD6EW&vwid=1632230008832204905&vi=1632230008832204905&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=HE&vgd_l1rakh=1632230008133521182&vgd_l1rhst=contextual.media.net&vgd_lhl=986&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1632230009317&upk=1632230009.20812&hvsid=00001632230009317036324922881424&verid=4121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D62651&vgd_isiolc=1&npgv=1&pid=8PO9OT5EW&katen=1&pc=5&vgd_pgid=p12005841927t202109211313&matm=1632230010262&vgd_ltime=1557&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D62651&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l1ch=1&vgd_refdomain=t.co&vgd_katid=807056978&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D5&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721639&vgd_nrrsf=nrr&vgd_nrrv=39259&vgd_nrrs=39259&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-647633027%7CDIV&vgd_x_pos=980&vgd_y_pos=466&vgd_ren_page_h=4776&vgd_cty=FRANKFURT&vgd_l1hcsd=N2%7C6177&vgd_sethcsd=A31%7C6273&vgd_cfud=191226&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_l2ch=1&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=2&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1632230008832204905%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D647633027%26vpf%3D000%26kwrf%3Dhttps%253a%252f%252ft.co%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8PO9OT5EW%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f122293%252fsecurity%252fcve-2021-40539-zoho-bug-attacks.html%26%26katid%3D807056978%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A4&vgd_crefurl=https://t.co/&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:30 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 21 Sep 2021 13:13:30 GMT
log
navvy.media.net/ Frame E7A8 		35 B
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV39259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.149.102.34.bc.googleusercontent.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
via
1.1 google
server
Jetty(9.4.7.v20170914)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
alt-svc
clear
content-length
35
expires
Tue, 21 Sep 2021 13:13:30 GMT
usync.html
eus.rubiconproject.com/ Frame 4EA2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; ses15=; vis15=378734^1; ses2=; vis2=378734^1; khaos=KTU3LS2C-X-9ZUK; ses43=; vis43=378734^1; audit=1|naVuGyos1qoAI6xQClvaDPatZmarlGKs8Vdw+9gcgdVP3+MeMVJWXAqbF9i1EU5J751PgjmsPd3gcRgjl6EitQhJSJ8nY+hF3OlDu/ORdD8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 21 Sep 2021 13:13:31 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A6E3 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.5.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-5-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=170881
expires
Thu, 23 Sep 2021 12:41:32 GMT
date
Tue, 21 Sep 2021 13:13:31 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 34A0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 20 Sep 2021 04:50:48 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 21 Sep 2021 13:13:31 GMT
Age
30161
X-Served-By
cache-lga21920-LGA, cache-hhn4053-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 541199
X-Timer
S1632230011.099002,VS0,VE0
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame DF03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

x-33x-status
2000208
server
33XP002
date
Tue, 21 Sep 2021 13:13:31 GMT
pd
eu-u.openx.net/w/1.0/ Frame 410D 		668 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
a4693a8fc5d568e72254284a2985d117e44605ab389e14d8d0521d2dd92ec024

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
i=3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009; Version=1; Expires=Wed, 21-Sep-2022 13:13:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632230011|gekin0vNiygu; Version=1; Expires=Wed, 06-Oct-2021 13:13:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
text/html
content-length
415
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 4C98 		668 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
a4693a8fc5d568e72254284a2985d117e44605ab389e14d8d0521d2dd92ec024

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
i=3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009; Version=1; Expires=Wed, 21-Sep-2022 13:13:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632230011|gekin0vNiygu; Version=1; Expires=Wed, 06-Oct-2021 13:13:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
text/html
content-length
415
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C974 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.5.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-5-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=170881
expires
Thu, 23 Sep 2021 12:41:32 GMT
date
Tue, 21 Sep 2021 13:13:31 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 67C1 		668 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
a4693a8fc5d568e72254284a2985d117e44605ab389e14d8d0521d2dd92ec024

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
i=3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009; Version=1; Expires=Wed, 21-Sep-2022 13:13:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632230011|gekin0vNiygu; Version=1; Expires=Wed, 06-Oct-2021 13:13:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
text/html
content-length
415
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DCD9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.5.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-5-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=170881
expires
Thu, 23 Sep 2021 12:41:32 GMT
date
Tue, 21 Sep 2021 13:13:31 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 36EA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 20 Sep 2021 04:50:48 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 21 Sep 2021 13:13:31 GMT
Age
30160
X-Served-By
cache-lga21920-LGA, cache-hhn4033-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 535865
X-Timer
S1632230011.099333,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FC41 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://securityaffairs.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 20 Sep 2021 04:50:48 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 21 Sep 2021 13:13:31 GMT
Age
30161
X-Served-By
cache-lga21920-LGA, cache-hhn4076-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 532399
X-Timer
S1632230011.110517,VS0,VE0
Vary
Accept-Encoding
info2
uipglob.semasio.net/sonobi/1/
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=eb1366af-5e2c-408a-8918-c88aa5db75a9&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=eb1366af-5e2c-408a-8918-c88aa5db75a9&sInitiator=external
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=eb1366af-5e2c-408a-8918-c88aa5db75a9&sInitiator=external
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:29 GMT
frontend-id
9
location
/sonobi/1/info2?sType=sync&sExtCookieId=eb1366af-5e2c-408a-8918-c88aa5db75a9&sInitiator=external
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
sync
px.britepool.com/ 		35 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.britepool.com/sync?p=sonobi&id=eb1366af-5e2c-408a-8918-c88aa5db75a9&idtype=GOID&r=int.new.t
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.175.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-175-117.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
nginx
Vary
negotiate,Accept-Encoding
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-Xss-Protection
0
X-Request-Id
985a5ca76b44f3684ba24892dc083fb0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		0
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=eb1366af-5e2c-408a-8918-c88aa5db75a9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-33.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
gtNo59nW4l6e6ByiSbRjJhxvtUJmKfcw7LoRhedOh3fz8hFqIBxnAw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=eb1366af-5e2c-408a-8918-c88aa5db75a9&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/434/9/1.gif?puid=eb1366af-5e2c-408a-8918-c88aa5db75a9&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOAe-Wg-G-iIB1qEYnP9i9lUz1d7U7Q862z6F8ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOAe-Wg-G-iIB1qEYnP9i9lUz1d7U7Q862z6F8ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/434/916/8/2.gif?puid=549b4841-6e21-4eae-beeb-5cb4d4254d44&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/434/441/7/3.gif?puid=e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAe-Wg-G-iIB1qEYnP9i9lUz1d7U7Q862z6F8ug&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F6%2F4.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/6/4.gif?puid=549b4841-6e21-4eae-beeb-5cb4d4254d44&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/434/146/5/5.gif?puid=60b078bb-2e7d-45eb-8dde-e0107139f4e9&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEBVCCI1Gy-CQdrww2yCVJNs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4217537825124605792&opid=apx&ops=&utidl=tech:goo:CAESEBVCCI1Gy-CQdrww2yCVJNs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A20907976079&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
0
0
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=eb1366af-5e2c-408a-8918-c88aa5db75a9
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=eb1366af-5e2c-408a-8918-c88aa5db75a9
95 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=eb1366af-5e2c-408a-8918-c88aa5db75a9
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=eb1366af-5e2c-408a-8918-c88aa5db75a9
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZWIxMzY2YWYtNWUyYy00MDhhLTg5MTgtYzg4YWE1ZGI3NWE5
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=ZWIxMzY2YWYtNWUyYy00MDhhLTg5MTgtYzg4YWE1ZGI3NWE5&google_tc=
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEI_C0Q1sj5way3m1wM4-2Yc&google_cver=1
49 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEI_C0Q1sj5way3m1wM4-2Yc&google_cver=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEI_C0Q1sj5way3m1wM4-2Yc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:31 GMT
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Sep 2021 13:13:31 GMT
usync.js
eus.rubiconproject.com/ Frame 4EA2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
36a3b8cc21c2aa36f5eab65ee9f6489d77a3769c29c5336ecb0abdb4f001ccc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Sep 2021 15:20:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=8838
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9359
Expires
Tue, 21 Sep 2021 15:40:49 GMT
bqi.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO9OT5EW&katid=807056978&kals=ttype%3D10007%7C%7Cpc%3D5&katen=1&pc=5&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=XVK9LqZbwBj-lhZGpNo-lYPPoWFB46JaTkyKIszZHwYSrm_ge9qYH6nMVfuUV78kXdXWJru5w78PFSdU_T-HvBefBQOOby2-ZOkaQhzCvq2JMaUwi4Dph9cq22PazQYfxq1-SeZ7TajVXgea5gRMz3_EqDUiDG7AbPHeXIhzboKMkEohp5rXOuTCLRsjqwIxatfYXYWUoknexHA4uQYpK3W7xx3a5wKDtQ7KVQACCvtjpMxx4rD_kQ==||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|y2SqoJcE0s-9IUO1sSido6Y3VR48iOc4|xWCiQktcTSvCD-yC9z5MwhjF4hTVKoV9-_gTRGM5wR3stfTutNpN8l081_L-EGaSS3dWlJ2qm5EFgVmCghMTnFxH-BE5hfVQ-690Y1BN6gBs6AHm9PeZfw==|N7fu2vKt8_s=|0FqiW4rFHGQhIOtSWeKdjLPYSwMgjk4gBM1OhlhEucju-yVoZOnvqkURQjNouFXVTiqAOrgCJY77xz8hARGSA5L0rGwnzWo08mCszmj8cz1kSM6mh00UUpYRnb6SMebxpNAyZSZRLSpcGeTQiKDQ4gbmMELWpyqi5VMHzcST_izj5loT8DY1XvWUeg34rDPb5vP3JIJuDIwY0XFAn5GPY2w1hXc6GSNq|&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&vi=1632230008832204905&ugd=4&cc=DE&sc=HE&startTime=1632230009315&l2type=setting&vgd_l1rakh=1632230008133521182&l1ch=1&cref=https%3A%2F%2Ft.co%2F&sttm=1632230009317&upk=1632230009.20812&hvsid=00001632230009317036324922881424&verid=4121199&vgd_sc=HE&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N2|6177&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&cl=%7B%7D&l2ch=1&l2wsip=170721639&sethcsd=set!A31%7C6273&vgd_pgid=p12005841927t202109211313&vgd_pgids=2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.30.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-30-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 21 Sep 2021 13:13:31 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 21 Sep 2021 13:13:31 GMT
async_usersync
ib.adnxs.com/ Frame 34A0 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:31 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4a72ae2a-6210-4290-b03a-64a064a47772
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 36EA 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:31 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2265e191-776f-4046-9749-68ae161f1ad4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4C98
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a5a6149-da7b-4100-9489-2c4e519d54b7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a5a6149-da7b-4100-9489-2c4e519d54b7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
MT3 3955 01364ec master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a5a6149-da7b-4100-9489-2c4e519d54b7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 21 Sep 2021 13:13:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 4C98
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=cK5HxyL-RJxrrBXNcv1emyepFclrqkbHIvlU96m-
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=cK5HxyL-RJxrrBXNcv1emyepFclrqkbHIvlU96m-
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=cK5HxyL-RJxrrBXNcv1emyepFclrqkbHIvlU96m-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4C98
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=180873488361116431
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=180873488361116431
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=180873488361116431
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4C98 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e85a5ac9-ce9d-7ada-f1f9-ad2f37b87ef5&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4C98 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQzNTg5MDMtMDdlYS0yNDdlLWU0MTktZjc5NmZkNWFiMDk1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4C98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASYIAp5qUw9HzqLjnDrqxM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASYIAp5qUw9HzqLjnDrqxM&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEASYIAp5qUw9HzqLjnDrqxM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 410D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
MT3 3955 01364ec master zrh-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 21 Sep 2021 13:13:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 410D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vR-x0e9PsoqmHePb7haoiugXtdmmHOCNu0t86qAE
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vR-x0e9PsoqmHePb7haoiugXtdmmHOCNu0t86qAE
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vR-x0e9PsoqmHePb7haoiugXtdmmHOCNu0t86qAE
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 410D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4052435551854818288
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4052435551854818288
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4052435551854818288
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 410D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e85a5ac9-ce9d-7ada-f1f9-ad2f37b87ef5&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 410D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQzNTg5MDMtMDdlYS0yNDdlLWU0MTktZjc5NmZkNWFiMDk1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 410D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAGxaxPzWiIC_kYKQBk3CvQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAGxaxPzWiIC_kYKQBk3CvQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAGxaxPzWiIC_kYKQBk3CvQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FC41 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:31 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
23daa3c6-52a9-4c4d-9a01-02018b38a865
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 67C1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=327a6149-da7a-4800-844f-f728e1164b3e
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=327a6149-da7a-4800-844f-f728e1164b3e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
MT3 3955 01364ec master zrh-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=327a6149-da7a-4800-844f-f728e1164b3e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 21 Sep 2021 13:13:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 67C1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3wGBxI1Rgp_EA9PJigSYztAE0ZjEBYLF0FPT57eG
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3wGBxI1Rgp_EA9PJigSYztAE0ZjEBYLF0FPT57eG
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3wGBxI1Rgp_EA9PJigSYztAE0ZjEBYLF0FPT57eG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 67C1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5301584845819964079
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5301584845819964079
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5301584845819964079
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 67C1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=e85a5ac9-ce9d-7ada-f1f9-ad2f37b87ef5&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 67C1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQzNTg5MDMtMDdlYS0yNDdlLWU0MTktZjc5NmZkNWFiMDk1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 67C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkppNAeTIOoUMo4Uz-avdE&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkppNAeTIOoUMo4Uz-avdE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkppNAeTIOoUMo4Uz-avdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C974 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94370992&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
62c21e78f03fb7eb12c78fcd435c4543f67234388361ef541d197bdaf5cd2fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 4147 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1642742193983098690; expires=Sat, 20 Nov 2021 13:13:31 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2D97
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2955880079904287960
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2955880079904287960
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2955880079904287960
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7; chkChromeAb67Sec=1; DPSync3=1633392000%3A201_197_219%7C1632268800%3A174; SyncRTB3=1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176; SPugT=1632230010; KRTBCOOKIE_57=22776-4217537825124605792; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&16514-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&23025-CAESEAP6sZuQNAdLd_kYjZAKobQ; KRTBCOOKIE_409=22966-gsyGMIh3hph5WyNe23IwXhO5; KRTBCOOKIE_153=19420-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG&KRTB&22979-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG; PugT=1632230010
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-2955880079904287960; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:30 GMT; path=/ PugT=1632230010; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Dec-2021 13:13:30 GMT; path=/
x-lat
amspug002:0:477
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2955880079904287960
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7545 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 21 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
455506
Pug
simage2.pubmatic.com/AdServer/ Frame 8952
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010374516811888786
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010374516811888786
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010374516811888786
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7; chkChromeAb67Sec=1; DPSync3=1633392000%3A201_197_219%7C1632268800%3A174; SyncRTB3=1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176; SPugT=1632230010; KRTBCOOKIE_57=22776-4217537825124605792; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&16514-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&23025-CAESEAP6sZuQNAdLd_kYjZAKobQ; KRTBCOOKIE_409=22966-gsyGMIh3hph5WyNe23IwXhO5; KRTBCOOKIE_153=19420-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG&KRTB&22979-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG; KRTBCOOKIE_336=5844-2955880079904287960; KRTBCOOKIE_27=16735-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&16736-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&23019-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&23114-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e; PugT=1632230011; KRTBCOOKIE_391=22924-180873488361116431&KRTB&23263-180873488361116431; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_377=6810-008d8d84-4841-4a0e-9544-fbfb6fea018d&KRTB&22918-008d8d84-4841-4a0e-9544-fbfb6fea018d&KRTB&23031-008d8d84-4841-4a0e-9544-fbfb6fea018d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7010374516811888786; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:31 GMT; path=/ PugT=1632230011; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Dec-2021 13:13:31 GMT; path=/
x-lat
lhrpug013:0:477
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 21 Sep 2021 13:13:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7010374516811888786; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010374516811888786
Pug
image2.pubmatic.com/AdServer/ Frame 071D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEYmtVN0NrN1VBQUNNaTJJT2JvQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADbkU7Ck7UAACMi2IOboA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADbkU7Ck7UAACMi2IOboA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADbkU7Ck7UAACMi2IOboA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6011243408898996674
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADbkU7Ck7UAACMi2IOboA
42 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADbkU7Ck7UAACMi2IOboA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADbkU7Ck7UAACMi2IOboA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7; chkChromeAb67Sec=1; DPSync3=1633392000%3A201_197_219%7C1632268800%3A174; SyncRTB3=1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176; SPugT=1632230010; KRTBCOOKIE_57=22776-4217537825124605792; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&16514-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&23025-CAESEAP6sZuQNAdLd_kYjZAKobQ; KRTBCOOKIE_409=22966-gsyGMIh3hph5WyNe23IwXhO5; KRTBCOOKIE_153=19420-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG&KRTB&22979-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG; KRTBCOOKIE_336=5844-2955880079904287960; KRTBCOOKIE_27=16735-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&16736-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&23019-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&23114-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e; KRTBCOOKIE_391=22924-180873488361116431&KRTB&23263-180873488361116431; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_377=6810-008d8d84-4841-4a0e-9544-fbfb6fea018d&KRTB&22918-008d8d84-4841-4a0e-9544-fbfb6fea018d&KRTB&23031-008d8d84-4841-4a0e-9544-fbfb6fea018d; KRTBCOOKIE_1101=23040-7010374516811888786; KRTBCOOKIE_1074=22956-e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1; KRTBCOOKIE_218=22978-YUnaewADOiMXtwAR&KRTB&23194-YUnaewADOiMXtwAR&KRTB&23209-YUnaewADOiMXtwAR&KRTB&23244-YUnaewADOiMXtwAR; KRTBCOOKIE_22=14911-2741627285496339598; KRTBCOOKIE_188=3189-506c93e5-9c06-492d-8ff1-e8419e7f9982-6149da7b-5553; KRTBCOOKIE_466=16530-f37eeaba-a6c2-4954-a2f1-91d13d620233; PugT=1632230011
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AADbkU7Ck7UAACMi2IOboA; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:31 GMT; path=/ PugT=1632230011; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Dec-2021 13:13:31 GMT; path=/
x-lat
amspug012:0:423
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADbkU7Ck7UAACMi2IOboA
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame F179
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7; chkChromeAb67Sec=1; DPSync3=1633392000%3A201_197_219%7C1632268800%3A174; SyncRTB3=1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug004:2:306
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=fa6d0eff-ac1b-41b4-94a5-c58e0706649f; path=/; domain=csync.loopme.me; Expires=Thu, 21-Oct-2021 13:13:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 21 Sep 2021 13:13:31 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 38A1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7; chkChromeAb67Sec=1; DPSync3=1633392000%3A201_197_219%7C1632268800%3A174; SyncRTB3=1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Dec-2021 13:13:31 GMT; path=/ PugT=1632230011; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Dec-2021 13:13:31 GMT; path=/
x-lat
lhrpug005:0:462
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
bridge
cm.adgrx.com/ Frame 2D19 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame C05A 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69238d236ca669e4-MAD
Pug
image2.pubmatic.com/AdServer/ Frame 585A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=gsyGMIh3hph5WyNe23IwXhO5
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=gsyGMIh3hph5WyNe23IwXhO5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=gsyGMIh3hph5WyNe23IwXhO5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7; chkChromeAb67Sec=1; DPSync3=1633392000%3A201_197_219%7C1632268800%3A174; SyncRTB3=1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 21 Sep 2021 13:13:29 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-gsyGMIh3hph5WyNe23IwXhO5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:29 GMT; path=/ PugT=1632230009; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 21-Oct-2021 13:13:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Dec-2021 13:13:29 GMT; path=/
x-lat
amspug010:0:464
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 21 Sep 2021 13:13:31 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=gsyGMIh3hph5WyNe23IwXhO5; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=gsyGMIh3hph5WyNe23IwXhO5
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame B005
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aInoeUqkaHrByktbZcecSwiZaTZbD1buK6cqGRd6cZbI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=atns6EriItgP3PTReGiYj9HZajuOpgIdCKSCFPtXGBm0kjb5gGm4V7CteAIZdnRgZdf7j1cnAXCUZdUWYHUKdF5h; path=/; domain=.tribalfusion.com; expires=Mon, 20-Dec-2021 13:13:31 GMT; SameSite=None; Secure; ANON_ID_old=atns6EriItgP3PTReGiYj9HZajuOpgIdCKSCFPtXGBm0kjb5gGm4V7CteAIZdnRgZdf7j1cnAXCUZdUWYHUKdF5h; path=/; domain=.tribalfusion.com; expires=Mon, 20-Dec-2021 13:13:31 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69238d23fd02216f-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 21 Sep 2021 13:13:31 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
327
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aInoeUqkaHrByktbZcecSwiZaTZbD1buK6cqGRd6cZbI; path=/; domain=.tribalfusion.com; expires=Mon, 20-Dec-2021 13:13:31 GMT; SameSite=None; Secure; ANON_ID_old=aInoeUqkaHrByktbZcecSwiZaTZbD1buK6cqGRd6cZbI; path=/; domain=.tribalfusion.com; expires=Mon, 20-Dec-2021 13:13:31 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69238d22cabc216f-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame F1EB
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 varnish
x-served-by
cache-hhn4024-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1632230011.384090,VS0,VE21
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 21-Sep-2022 13:13:31 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 varnish
x-served-by
cache-hhn4024-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1632230011.329839,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame 3A6C 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Tue, 21 Sep 2021 13:13:31 GMT
server
a
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C974
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=En08GhxwTH66W-O9m-D_tw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.5.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-5-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=170881
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 23 Sep 2021 12:41:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
MT3 3955 01364ec master zrh-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b7bc6149-da7b-4c00-b03a-da8e5e1f022e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 21 Sep 2021 13:13:30 GMT
mw
mwzeom.zeotap.com/ Frame C974
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=54840710a5cf580c886fb95bef440d74
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=008d8d84-4841-4a0e-9544-fbfb6fea018d&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=54c812cb2e8a0d55
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0f1278a1-1a5a-47bf-55cf-349f04ef37be&reqId=da831556-e817-42d4-4cfc-cd30ccdf00c4&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJzMD2AjBHQ0P364CZZMuYc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0f1278a1-1a5a-47bf-55cf-349f04ef37be&reqId=da831556-e817-42d4-4cfc-cd3...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJzMD2AjBHQ0P364CZZMuYc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0f1278a1-1a5a-47bf-55cf-349f04ef37be&reqId=da831556-e817-42d4-4cfc-cd30ccdf00c4&zcluid=54c812cb2e8a0d55&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
69238d25094f219f-DUS
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJzMD2AjBHQ0P364CZZMuYc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0f1278a1-1a5a-47bf-55cf-349f04ef37be&reqId=da831556-e817-42d4-4cfc-cd30ccdf00c4&zcluid=54c812cb2e8a0d55&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTI3RDNDMUEtMUM3MC00QzdFLUJBNUItRTNCRDlCRTBGRkI3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:29 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAP6sZuQNAdLd_kYjZAKobQ&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAP6sZuQNAdLd_kYjZAKobQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAP6sZuQNAdLd_kYjZAKobQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C974 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 20 Sep 2021 13:13:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=008d8d84-4841-4a0e-9544-fbfb6fea018d
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=008d8d84-4841-4a0e-9544-fbfb6fea018d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:742
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=008d8d84-4841-4a0e-9544-fbfb6fea018d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=180873488361116431
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=180873488361116431
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:531
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=180873488361116431
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&gdpr=0&gdpr_consent=
42 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:459
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
MT3 3955 01364ec master zrh-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 21 Sep 2021 13:13:30 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217537825124605792&gdpr=0&gdpr_consent=
42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217537825124605792&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:31 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
38bf08e3-b09d-40c8-8901-d0b6a0d9581f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4217537825124605792&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG
42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.ZPHccpE2uVUd3onZzOlcaC4S4fo.ow-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.ZPHccpE2uVUd3onZzOlcaC4S4fo.ow-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.ZPHccpE2uVUd3onZzOlcaC4S4fo.ow-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C974 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f37eeaba-a6c2-4954-a2f1-91d13d620233
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f37eeaba-a6c2-4954-a2f1-91d13d620233
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6a41dce5-3755-4fd5-8683-eb6f548b3e19&user_group=1&ssp=pubmatic&bsw_param=f37eeaba-a6c2-4954-a2f1-91d13d620233
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f37eeaba-a6c2-4954-a2f1-91d13d620233&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f37eeaba-a6c2-4954-a2f1-91d13d620233&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:535
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f37eeaba-a6c2-4954-a2f1-91d13d620233&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 21 Sep 2021 13:13:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C974 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.137 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams03-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUnaewADOiMXtwAR&gdpr=0&gdpr_consent=&_test=YUnaewADOiMXtwAR
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUnaewADOiMXtwAR&gdpr=0&gdpr_consent=&_test=YUnaewADOiMXtwAR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:599
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632230011.424385,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUnaewADOiMXtwAR&gdpr=0&gdpr_consent=&_test=YUnaewADOiMXtwAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2741627285496339598&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2741627285496339598&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:421
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2741627285496339598&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=506c93e5-9c06-492d-8ff1-e8419e7f9982-6149da7b-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=506c93e5-9c06-492d-8ff1-e8419e7f9982-6149da7b-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=506c93e5-9c06-492d-8ff1-e8419e7f9982-6149da7b-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a153aed-af3a-43b6-8f2a-7a40c0eb1cb4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a153aed-af3a-43b6-8f2a-7a40c0eb1cb4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:537
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a153aed-af3a-43b6-8f2a-7a40c0eb1cb4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217537825124605792
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217537825124605792
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:344
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:31 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3ee82d4d-7432-47d8-8ba2-a56ece360be3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4217537825124605792
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C974
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:522
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1
date
Tue, 21 Sep 2021 13:13:31 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
de-DE
709414.gif
id.rlcdn.com/ Frame 4EA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
CNnuDB5hFi7e87r0PgA2rw
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 4EA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CNnuDB5hFi7e87r0PgA2rw?csrc=
0
0
pixel
cm.g.doubleclick.net/ Frame 4EA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RVM0xTMkMtWC05WlVL
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RVM0xTMkMtWC05WlVL
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RVM0xTMkMtWC05WlVL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 4EA2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YUnaewADPnNyFgAT
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YUnaewADPnNyFgAT
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2882
x-served-by
cache-hhn4073-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1632230011.424318,VS0,VE0
content-length
85
x-cache-hits
23347

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1632230011.318967,VS0,VE89
x-served-by
cache-hhn4073-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YUnaewADPnNyFgAT
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 4EA2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b7bc6149-da7b-4c00-b03a-da8e5e1f022e&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b7bc6149-da7b-4c00-b03a-da8e5e1f022e&expires=28
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Tue, 21 Sep 2021 13:13:31 GMT
Server
MT3 3955 01364ec master zrh-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b7bc6149-da7b-4c00-b03a-da8e5e1f022e&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 21 Sep 2021 13:13:30 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 4EA2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4EA2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJmYzUxYzQzYmVjNTMwOTRkYjcyZjkwYzkwNTg3MmU2NTc2OGNjNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJmYzUxYzQzYmVjNTMwOTRkYjcyZjkwYzkwNTg3MmU2NTc2OGNjNA
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJmYzUxYzQzYmVjNTMwOTRkYjcyZjkwYzkwNTg3MmU2NTc2OGNjNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4EA2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBBGzgY3fvMk-o-OWgL88s0&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBBGzgY3fvMk-o-OWgL88s0&google_cver=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBBGzgY3fvMk-o-OWgL88s0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 34A0 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:32 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
309cbae3-b586-4a8a-a313-935213bf4891
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 36EA 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:32 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
af021f4f-9142-4026-85a2-39df12d03608
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FC41 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:32 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
96ae79f6-8f75-4338-9175-9f5fab19a077
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ Frame 97CF 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95714
x-xss-protection
0
server
cafe
etag
3232603846146272685
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 13:13:32 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 97CF 		208 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
29e095bc0a0496e0f4c3ef3d30d43114890008cb64702d1428e181f00de0db29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 97CF 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 97CF 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AFA3 		17 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
928def7158d851fdba92f3cec12c441f32dd456744718a2d71c9f67c66cccc7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 13:13:32 GMT
server
cafe
content-length
9689
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 97CF 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632137829538267"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFA3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DepDMvDIujS6nPgV9Y_ULKNpDJ8dRC91w7Vmmydf8IesNLks3mLX2cGEtbksC5B7VcSoye3SQnGZtXhvdzXwh62qrG858Ed5XminPEsHenjse6qWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame AFA3 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
5bddb0ce048b80cc54fb4dac134b835c13575e06cd0cf83f7bd1d008f4a44360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 12:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3977
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 14:49:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Tue, 21 Sep 2021 13:43:07 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/787359/56365210/ Frame AFA3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/787359/56365210/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.16.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-16-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2af595b9a6bc5f87d7ed6a964ee113933cc3b36037b6f3fa1fb3e384f888a493

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-server-name
app17.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame AFA3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:03:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AFA3 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1632137836110461"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame AFA3 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:05:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 028E 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 21 Sep 2021 13:13:32 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame AFA3 		24 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADhLz9hCV2sW-NXveGWj9bf-t4Xc_whqGU4DbdBc2VipD3Y6SFwJPFP061KfVhOdVdOqyGFQfOSvXpjG7mGhNTqVIzQ0zGrw0dygL8XlEdNDkvdzyvN877bOYnjDiXr8jlLfXbS7GHCKqQwdQCJWzTjgOPTw&cry=1&dbm_d=AKAmf-Atl2MU_jcRwZC7-FR02yRLMvFVJ9kJ8aIgSWptB6wTex7bM9hVBdPNUqNithBraM1azh7s5fSPKzHQRelM1B9msuqXOia6kWhkdQzmfbChCtcMqYF3_ij7Q6i0ou-470U4Rzw6C0OUHUn4bC9cpAF9vcX1Ar-Xjuj1XmVof7MZRTVYSpqUORFeNQNsXb_A9dvXKm0csax1mTJ9G38_TOP0-HeWv3zym6I739jqdfj22cBTmnzJ81soqLJJM84mm8YaEYRkhksIePeXGgy4PNpG-a0C9AGYGvMITZDgA_-qJAX62akpMldwa2TElOGKeEk4S6e68xh8fEGWO2F5YvXLjfC9bCd5DZxtHL-VWsIwIV5MrhDhZbfV7d81TBjfQLMpiaWUw3DUobUy-RLZTdwmfH_hlmtaGA89GoFUIPCUQEtPRMhciFdnPFEp0UFfVdbF5QtK5UyEWg6EsgY9lfs2PVdLtZaO6lvELglDtqp3-St3kT8MNorcmBsATm8CAeiCQcz31mybtD4Gm3XDlnRFwqapLZ16IDTfzIA-ur-rnJL6JXY1qwmBzHey4HfaK5HZei73ITXZL-PdWdkc3OZAv5CjlKMfMcdFNaRCt1z9_Nado93nTbzALNui6nRgsveGMTDOxD8BlVt5IVKeeP3Bnfhps2Cpo0AYrh9vdTnByBFlJlkcaThsQp2BUyhEQPYYigvTkN0f_GvF27pbMVfMxm9NL9g-KAdqjjmiOeHYpUcEkvFqq3-9RE9jXaXwpJcPr24yWYEJXy1C3FItYGM7gh-a0NWzZCvPGJFUMCIA2HBVj3iBp-fW30k5pSfrWHi0bKltncckBD1TWoaXf_ynWVCH27sTAB6wdeClcwV3oXHGV_H6MoWbV-_GCWUGHQBQogcT2SRC4JEuy46mbuHepSivHAme4EwdAOmslzVGbSWNrD143iLuKe4strHZq4tAv5wkvvZrE7mkP03EqDQi-ftNIvxhIWmOUW8wPPa7Tt3-VivmYS2qst-KkiOA5BMFLh4fYHyvdWGtj_Y7SUcioLH8IfJQKEatmSDvvcKax-r1nahT6UDtJonuvQUQWrKkQ8iMXKfO_6X4CyOavxZyu7Y1CpFTNn4Tf_3JfeZLkuNEEQJt46bF-1Q9RbZkpPIA3Awsgm6y1EW3awN_H8AbJgthqr0rmVaxKsw9FEtDb2htRuXst0N9d9SqYVIOSSLExCD2L2AVqA0hA82Tro2LlYyJ31Y4pP0nUhRN79pZ0HxhEUrpcm-7lOIUjHv74YZvo3m-OVuFIjbPgzRmB01rtGlsUFNP3Vr79aS9pfwP1t5S0nJEyO1XxhirnQwMwqk6iqJbHSwWqJlgCa5DCgyE57zz1rjQXaToUDuRN9QEpdUevM71gA7iSSxnAI-gNBNWmVH9FHJeFfJYdu23kvpHC4NUImNsEckZsp-m7ugYgOQdFk1l-gYTEOaIjjQFfZhKSPURH7FN2wA8Jcq1XNeUEt2BjLYZktP2OT7sWnn-zXTGLADTow-wLT6INCSN2YhWabrs-JYN6S8A5kPEVPZhY_tH20Lh-_7FYu5UEbTnnXmfsCPnPEzhc-I6WcZ19eNywgThpRr9rkGOatuwsKMBhyx30uwFhUDXWQdaphs6Wcwxg-ZkReJ4uD_rj2uAJNCylSezMuFyqLsIN3T7mH0jzTz5qpfRNOmPW8zM9jX-ThTsQbKktqaLJkXIaVI3XMlgoX4M7iIbPkscdM6RaWt0s82nuzgtkBBBVybgFvIwSX98MTFCJ1JeKhi9AZ8fzATI1S3Dax75cLU4DFkhQDmydyXZXsHdf9C7DkcW8RdHsGKB7FRzp-yKk74fThfV1iYCcR7jpBtHx2QZHrJiFEGBa09sdHP6W0lTHdPTH1zhBO-maSJUOzuhnuTTn5GVHPw-O5KT9KETUSgLNx00Q_0PSJ5U5HspwCSi5cpOpQmVxEP8Ui-8wa_KFjqzhY2rFXm0BQWZWJ6K8ce90Pgm1CGR0w62D-s5FpLwfpG8vnfRfNlUE1mcsYT8ieY8hYBpc0nzLXLn1I7Dfvs3O2HiT5_WEytfCTJ4x7keCVGEpTixm6l-vxw_sWHqemphanX1ctcYpsDzrDdB53Wo7Lcnr8-kYPKNkmqxVc-m2jNE4Z_y3ss1hKW9UrbjsxKmPlb-tu3VyaY66AM6X-U9ciZt5NFRD2pUwTCOERhEffKL-6wbT5IjLXTzf9y9X8JAasYvFJ5Dly6vQnevMsdo92Cn7YteEF6F488nmQOPU5i4PijX8ZJqS7iGpYDtZf2s3y5fmQqzinU_gjM1p5OXX_zofV5duySKSBNs1NbHl6Gxt6ZbFVvo46VB1Af0nfD72oy24iSXU3g7cTlX_Z4F1fC17IMR9ZhSHBzt7nPRST33Wwga-vg_jTJgutOkn0_4DCrVkZgifYKXPYGgFAxiltKeGTDVImA2Qo4oBzFJr-2_Vbe65OIPskevObB2E8_4K4yNYA_8y01o9muYw7uZeMpqZC3OC5f1DTCloIZ4znKNkGnzVInilLsYvK2zYVIVi2ITy_BpB4fbr9121sUY9IsAdqisOpWeY7f6W-SmvF9oTkSQtWwwremyyIIgNA8qwJw4F2dAZc_2vCVaBayWSp9Wqb31KBI0BkPrLPQHGUOt4l7TLU4zCCfMRRl8X2UUftpx2Swxw4wyQjoVgT59LmiDKuvSc6dgwJeHdHzuhufcW--0LhOYcaOmGI-34PinRkF6VIbccK7r_zGR-KHfOMpJ4XuCOZXOwivo2KFCgdb6q1sQMV4AJ_uMYLY33B4i7qH4hS1-vgqH9evLno75FnAed_OJxcnmVsH1XVk0-qE5n1EDktEhtM-ikQW5HUNnbfoIDunIduSOnScqqtXSXHpxFrexqgu5y0Or0jez1kR3dtKfcA7-pkYcHQHAisV-YvNCNSt7qXLM95w9TK-vMnleioqh0sjN1Vh4bsdx8JubXob0s_nK-RWxDuFXZHem-nKxaWp91PgYbJkjGYhT-JLP5GbxnuZzQQ&cid=CAASEuRo7ddSwlHbKK92e5B8hBgKJg&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a9adc5628e239c448cb4d6205994b4ff14bb8d497f578dcc507b00b7cd226450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12829
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 028E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 21 Sep 2021 13:13:33 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 21 Sep 2021 13:13:33 GMT
rum
dsum-sec.casalemedia.com/ Frame 028E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUnafZ1KjI8-kJ-6DsEOVAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 21 Sep 2021 13:13:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 028E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:33 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
84b14c9e-4489-4078-a758-d8807445602d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 028E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhihjqGyATAB&v=APEucNX1emZqorL_4B7BCnGB6J5rOw11xRhgQcDRi7E-EPpXsP3uINTbEytzdeAWZgpwwHO6t-XwZ_KQ8brDT50yFDma9RvtZF-sSBoWNWyL7-H7JcbFTPKr1iiz1rCs3saA4Ls7bwatRaqFcsVzNYadtbqBJf1GNl0Fm--gZ6myYl_NpK8ig4In8VrxVGAsQy0U_Ffw8I_GXBLcPn_Ro8-HAiXEb8O18A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:32 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
765f83b3-78c3-4bed-be6d-0d60b88a03d6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame AFA3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADhLz9hCV2sW-NXveGWj9bf-t4Xc_whqGU4DbdBc2VipD3Y6SFwJPFP061KfVhOdVdOqyGFQfOSvXpjG7mGhNTqVIzQ0zGrw0dygL8XlEdNDkvdzyvN877bOYnjDiXr8jlLfXbS7GHCKqQwdQCJWzTjgOPTw&cry=1&dbm_d=AKAmf-Atl2MU_jcRwZC7-FR02yRLMvFVJ9kJ8aIgSWptB6wTex7bM9hVBdPNUqNithBraM1azh7s5fSPKzHQRelM1B9msuqXOia6kWhkdQzmfbChCtcMqYF3_ij7Q6i0ou-470U4Rzw6C0OUHUn4bC9cpAF9vcX1Ar-Xjuj1XmVof7MZRTVYSpqUORFeNQNsXb_A9dvXKm0csax1mTJ9G38_TOP0-HeWv3zym6I739jqdfj22cBTmnzJ81soqLJJM84mm8YaEYRkhksIePeXGgy4PNpG-a0C9AGYGvMITZDgA_-qJAX62akpMldwa2TElOGKeEk4S6e68xh8fEGWO2F5YvXLjfC9bCd5DZxtHL-VWsIwIV5MrhDhZbfV7d81TBjfQLMpiaWUw3DUobUy-RLZTdwmfH_hlmtaGA89GoFUIPCUQEtPRMhciFdnPFEp0UFfVdbF5QtK5UyEWg6EsgY9lfs2PVdLtZaO6lvELglDtqp3-St3kT8MNorcmBsATm8CAeiCQcz31mybtD4Gm3XDlnRFwqapLZ16IDTfzIA-ur-rnJL6JXY1qwmBzHey4HfaK5HZei73ITXZL-PdWdkc3OZAv5CjlKMfMcdFNaRCt1z9_Nado93nTbzALNui6nRgsveGMTDOxD8BlVt5IVKeeP3Bnfhps2Cpo0AYrh9vdTnByBFlJlkcaThsQp2BUyhEQPYYigvTkN0f_GvF27pbMVfMxm9NL9g-KAdqjjmiOeHYpUcEkvFqq3-9RE9jXaXwpJcPr24yWYEJXy1C3FItYGM7gh-a0NWzZCvPGJFUMCIA2HBVj3iBp-fW30k5pSfrWHi0bKltncckBD1TWoaXf_ynWVCH27sTAB6wdeClcwV3oXHGV_H6MoWbV-_GCWUGHQBQogcT2SRC4JEuy46mbuHepSivHAme4EwdAOmslzVGbSWNrD143iLuKe4strHZq4tAv5wkvvZrE7mkP03EqDQi-ftNIvxhIWmOUW8wPPa7Tt3-VivmYS2qst-KkiOA5BMFLh4fYHyvdWGtj_Y7SUcioLH8IfJQKEatmSDvvcKax-r1nahT6UDtJonuvQUQWrKkQ8iMXKfO_6X4CyOavxZyu7Y1CpFTNn4Tf_3JfeZLkuNEEQJt46bF-1Q9RbZkpPIA3Awsgm6y1EW3awN_H8AbJgthqr0rmVaxKsw9FEtDb2htRuXst0N9d9SqYVIOSSLExCD2L2AVqA0hA82Tro2LlYyJ31Y4pP0nUhRN79pZ0HxhEUrpcm-7lOIUjHv74YZvo3m-OVuFIjbPgzRmB01rtGlsUFNP3Vr79aS9pfwP1t5S0nJEyO1XxhirnQwMwqk6iqJbHSwWqJlgCa5DCgyE57zz1rjQXaToUDuRN9QEpdUevM71gA7iSSxnAI-gNBNWmVH9FHJeFfJYdu23kvpHC4NUImNsEckZsp-m7ugYgOQdFk1l-gYTEOaIjjQFfZhKSPURH7FN2wA8Jcq1XNeUEt2BjLYZktP2OT7sWnn-zXTGLADTow-wLT6INCSN2YhWabrs-JYN6S8A5kPEVPZhY_tH20Lh-_7FYu5UEbTnnXmfsCPnPEzhc-I6WcZ19eNywgThpRr9rkGOatuwsKMBhyx30uwFhUDXWQdaphs6Wcwxg-ZkReJ4uD_rj2uAJNCylSezMuFyqLsIN3T7mH0jzTz5qpfRNOmPW8zM9jX-ThTsQbKktqaLJkXIaVI3XMlgoX4M7iIbPkscdM6RaWt0s82nuzgtkBBBVybgFvIwSX98MTFCJ1JeKhi9AZ8fzATI1S3Dax75cLU4DFkhQDmydyXZXsHdf9C7DkcW8RdHsGKB7FRzp-yKk74fThfV1iYCcR7jpBtHx2QZHrJiFEGBa09sdHP6W0lTHdPTH1zhBO-maSJUOzuhnuTTn5GVHPw-O5KT9KETUSgLNx00Q_0PSJ5U5HspwCSi5cpOpQmVxEP8Ui-8wa_KFjqzhY2rFXm0BQWZWJ6K8ce90Pgm1CGR0w62D-s5FpLwfpG8vnfRfNlUE1mcsYT8ieY8hYBpc0nzLXLn1I7Dfvs3O2HiT5_WEytfCTJ4x7keCVGEpTixm6l-vxw_sWHqemphanX1ctcYpsDzrDdB53Wo7Lcnr8-kYPKNkmqxVc-m2jNE4Z_y3ss1hKW9UrbjsxKmPlb-tu3VyaY66AM6X-U9ciZt5NFRD2pUwTCOERhEffKL-6wbT5IjLXTzf9y9X8JAasYvFJ5Dly6vQnevMsdo92Cn7YteEF6F488nmQOPU5i4PijX8ZJqS7iGpYDtZf2s3y5fmQqzinU_gjM1p5OXX_zofV5duySKSBNs1NbHl6Gxt6ZbFVvo46VB1Af0nfD72oy24iSXU3g7cTlX_Z4F1fC17IMR9ZhSHBzt7nPRST33Wwga-vg_jTJgutOkn0_4DCrVkZgifYKXPYGgFAxiltKeGTDVImA2Qo4oBzFJr-2_Vbe65OIPskevObB2E8_4K4yNYA_8y01o9muYw7uZeMpqZC3OC5f1DTCloIZ4znKNkGnzVInilLsYvK2zYVIVi2ITy_BpB4fbr9121sUY9IsAdqisOpWeY7f6W-SmvF9oTkSQtWwwremyyIIgNA8qwJw4F2dAZc_2vCVaBayWSp9Wqb31KBI0BkPrLPQHGUOt4l7TLU4zCCfMRRl8X2UUftpx2Swxw4wyQjoVgT59LmiDKuvSc6dgwJeHdHzuhufcW--0LhOYcaOmGI-34PinRkF6VIbccK7r_zGR-KHfOMpJ4XuCOZXOwivo2KFCgdb6q1sQMV4AJ_uMYLY33B4i7qH4hS1-vgqH9evLno75FnAed_OJxcnmVsH1XVk0-qE5n1EDktEhtM-ikQW5HUNnbfoIDunIduSOnScqqtXSXHpxFrexqgu5y0Or0jez1kR3dtKfcA7-pkYcHQHAisV-YvNCNSt7qXLM95w9TK-vMnleioqh0sjN1Vh4bsdx8JubXob0s_nK-RWxDuFXZHem-nKxaWp91PgYbJkjGYhT-JLP5GbxnuZzQQ&cid=CAASEuRo7ddSwlHbKK92e5B8hBgKJg&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9237
x-xss-protection
0
server
cafe
etag
9463376652360951579
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:10:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AFA3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADhLz9hCV2sW-NXveGWj9bf-t4Xc_whqGU4DbdBc2VipD3Y6SFwJPFP061KfVhOdVdOqyGFQfOSvXpjG7mGhNTqVIzQ0zGrw0dygL8XlEdNDkvdzyvN877bOYnjDiXr8jlLfXbS7GHCKqQwdQCJWzTjgOPTw&cry=1&dbm_d=AKAmf-Atl2MU_jcRwZC7-FR02yRLMvFVJ9kJ8aIgSWptB6wTex7bM9hVBdPNUqNithBraM1azh7s5fSPKzHQRelM1B9msuqXOia6kWhkdQzmfbChCtcMqYF3_ij7Q6i0ou-470U4Rzw6C0OUHUn4bC9cpAF9vcX1Ar-Xjuj1XmVof7MZRTVYSpqUORFeNQNsXb_A9dvXKm0csax1mTJ9G38_TOP0-HeWv3zym6I739jqdfj22cBTmnzJ81soqLJJM84mm8YaEYRkhksIePeXGgy4PNpG-a0C9AGYGvMITZDgA_-qJAX62akpMldwa2TElOGKeEk4S6e68xh8fEGWO2F5YvXLjfC9bCd5DZxtHL-VWsIwIV5MrhDhZbfV7d81TBjfQLMpiaWUw3DUobUy-RLZTdwmfH_hlmtaGA89GoFUIPCUQEtPRMhciFdnPFEp0UFfVdbF5QtK5UyEWg6EsgY9lfs2PVdLtZaO6lvELglDtqp3-St3kT8MNorcmBsATm8CAeiCQcz31mybtD4Gm3XDlnRFwqapLZ16IDTfzIA-ur-rnJL6JXY1qwmBzHey4HfaK5HZei73ITXZL-PdWdkc3OZAv5CjlKMfMcdFNaRCt1z9_Nado93nTbzALNui6nRgsveGMTDOxD8BlVt5IVKeeP3Bnfhps2Cpo0AYrh9vdTnByBFlJlkcaThsQp2BUyhEQPYYigvTkN0f_GvF27pbMVfMxm9NL9g-KAdqjjmiOeHYpUcEkvFqq3-9RE9jXaXwpJcPr24yWYEJXy1C3FItYGM7gh-a0NWzZCvPGJFUMCIA2HBVj3iBp-fW30k5pSfrWHi0bKltncckBD1TWoaXf_ynWVCH27sTAB6wdeClcwV3oXHGV_H6MoWbV-_GCWUGHQBQogcT2SRC4JEuy46mbuHepSivHAme4EwdAOmslzVGbSWNrD143iLuKe4strHZq4tAv5wkvvZrE7mkP03EqDQi-ftNIvxhIWmOUW8wPPa7Tt3-VivmYS2qst-KkiOA5BMFLh4fYHyvdWGtj_Y7SUcioLH8IfJQKEatmSDvvcKax-r1nahT6UDtJonuvQUQWrKkQ8iMXKfO_6X4CyOavxZyu7Y1CpFTNn4Tf_3JfeZLkuNEEQJt46bF-1Q9RbZkpPIA3Awsgm6y1EW3awN_H8AbJgthqr0rmVaxKsw9FEtDb2htRuXst0N9d9SqYVIOSSLExCD2L2AVqA0hA82Tro2LlYyJ31Y4pP0nUhRN79pZ0HxhEUrpcm-7lOIUjHv74YZvo3m-OVuFIjbPgzRmB01rtGlsUFNP3Vr79aS9pfwP1t5S0nJEyO1XxhirnQwMwqk6iqJbHSwWqJlgCa5DCgyE57zz1rjQXaToUDuRN9QEpdUevM71gA7iSSxnAI-gNBNWmVH9FHJeFfJYdu23kvpHC4NUImNsEckZsp-m7ugYgOQdFk1l-gYTEOaIjjQFfZhKSPURH7FN2wA8Jcq1XNeUEt2BjLYZktP2OT7sWnn-zXTGLADTow-wLT6INCSN2YhWabrs-JYN6S8A5kPEVPZhY_tH20Lh-_7FYu5UEbTnnXmfsCPnPEzhc-I6WcZ19eNywgThpRr9rkGOatuwsKMBhyx30uwFhUDXWQdaphs6Wcwxg-ZkReJ4uD_rj2uAJNCylSezMuFyqLsIN3T7mH0jzTz5qpfRNOmPW8zM9jX-ThTsQbKktqaLJkXIaVI3XMlgoX4M7iIbPkscdM6RaWt0s82nuzgtkBBBVybgFvIwSX98MTFCJ1JeKhi9AZ8fzATI1S3Dax75cLU4DFkhQDmydyXZXsHdf9C7DkcW8RdHsGKB7FRzp-yKk74fThfV1iYCcR7jpBtHx2QZHrJiFEGBa09sdHP6W0lTHdPTH1zhBO-maSJUOzuhnuTTn5GVHPw-O5KT9KETUSgLNx00Q_0PSJ5U5HspwCSi5cpOpQmVxEP8Ui-8wa_KFjqzhY2rFXm0BQWZWJ6K8ce90Pgm1CGR0w62D-s5FpLwfpG8vnfRfNlUE1mcsYT8ieY8hYBpc0nzLXLn1I7Dfvs3O2HiT5_WEytfCTJ4x7keCVGEpTixm6l-vxw_sWHqemphanX1ctcYpsDzrDdB53Wo7Lcnr8-kYPKNkmqxVc-m2jNE4Z_y3ss1hKW9UrbjsxKmPlb-tu3VyaY66AM6X-U9ciZt5NFRD2pUwTCOERhEffKL-6wbT5IjLXTzf9y9X8JAasYvFJ5Dly6vQnevMsdo92Cn7YteEF6F488nmQOPU5i4PijX8ZJqS7iGpYDtZf2s3y5fmQqzinU_gjM1p5OXX_zofV5duySKSBNs1NbHl6Gxt6ZbFVvo46VB1Af0nfD72oy24iSXU3g7cTlX_Z4F1fC17IMR9ZhSHBzt7nPRST33Wwga-vg_jTJgutOkn0_4DCrVkZgifYKXPYGgFAxiltKeGTDVImA2Qo4oBzFJr-2_Vbe65OIPskevObB2E8_4K4yNYA_8y01o9muYw7uZeMpqZC3OC5f1DTCloIZ4znKNkGnzVInilLsYvK2zYVIVi2ITy_BpB4fbr9121sUY9IsAdqisOpWeY7f6W-SmvF9oTkSQtWwwremyyIIgNA8qwJw4F2dAZc_2vCVaBayWSp9Wqb31KBI0BkPrLPQHGUOt4l7TLU4zCCfMRRl8X2UUftpx2Swxw4wyQjoVgT59LmiDKuvSc6dgwJeHdHzuhufcW--0LhOYcaOmGI-34PinRkF6VIbccK7r_zGR-KHfOMpJ4XuCOZXOwivo2KFCgdb6q1sQMV4AJ_uMYLY33B4i7qH4hS1-vgqH9evLno75FnAed_OJxcnmVsH1XVk0-qE5n1EDktEhtM-ikQW5HUNnbfoIDunIduSOnScqqtXSXHpxFrexqgu5y0Or0jez1kR3dtKfcA7-pkYcHQHAisV-YvNCNSt7qXLM95w9TK-vMnleioqh0sjN1Vh4bsdx8JubXob0s_nK-RWxDuFXZHem-nKxaWp91PgYbJkjGYhT-JLP5GbxnuZzQQ&cid=CAASEuRo7ddSwlHbKK92e5B8hBgKJg&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:06 GMT
impl_v79.js
www.googletagservices.com/dcm/ Frame AFA3 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v79.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
44abe3410418a547f3412ba93a94ffdfd1dbadf9c785418af8ef15d7877fa2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 12:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15928
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 19:19:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Wed, 21 Sep 2022 12:43:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4586 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 17 Sep 2021 08:58:07 GMT
expires
Sat, 17 Sep 2022 08:58:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
360926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIY...
ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/ Frame 3264 		40 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
d2289cbce30e2fe366060334f7362d457db61cf0cdfcc60ce54e2fc3dc0e7679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 21 Sep 2021 13:13:33 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
21193
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.gr.19.8.244.js
static.adsafeprotected.com/ Frame AFA3 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.244.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/787359/56365210/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.251.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
9386029f96e56c9e0ad9858b5e7bc96440669636cf6bb3a4c95a6b1e8d2b913f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 17:04:54 GMT
server
nginx/1.16.1
etag
W/"166c202a35674c304e5acde5dc5e6bb8"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6414 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 20 Sep 2021 21:06:15 GMT
expires
Tue, 21 Sep 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
58038
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
pagead2.googlesyndication.com/bg/ Frame 4586 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
72c561fa658c163b0d597cc2eadd3cedca62712ef8aab4d7a1dcff790e60fa94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 10:01:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
11500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13281
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 21 Sep 2022 10:01:53 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 6414 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMxDABAWVXzh14arJQzXQiQ&google_cver=1&google_push=AYg5qPKv-N14vnUrWAUtVZeNN9YMMzUJr-B9BaOLF7_vdMRVDRN8rH37neX1AzhaEvXickK1Axx6y_v6pQGnFtzpQKmzBie_qIY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.137 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams03-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 6414
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDlEXcaB4qEFjE2YNblMeas&google_cver=1&google_push=AYg5qPLpDXfqZVKji2v5vz_RKpw8QDVDk-fu-ck372iyfxOi8i5cZ8hVvZnZismsHEwrMijGBWiVBrxJQdG...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLpDXfqZVKji2v5vz_RKpw8QDVDk-fu-ck372iyfxOi8i5cZ8hVvZnZismsHEwrMijGBWiVBrxJQdGGLDyFZzdUZUnY2VA&google_hm=o_dADd7LS2WqxyKkETYEURs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLpDXfqZVKji2v5vz_RKpw8QDVDk-fu-ck372iyfxOi8i5cZ8hVvZnZismsHEwrMijGBWiVBrxJQdGGLDyFZzdUZUnY2VA&google_hm=o_dADd7LS2WqxyKkETYEURs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:32 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLpDXfqZVKji2v5vz_RKpw8QDVDk-fu-ck372iyfxOi8i5cZ8hVvZnZismsHEwrMijGBWiVBrxJQdGGLDyFZzdUZUnY2VA&google_hm=o_dADd7LS2WqxyKkETYEURs
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6414
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJJ61yPl4DPw7QNDY3f8aiY&google_cver=1&google_push=AYg5qPKHJBTvWFMRX_bQ5L008cINtXD5c_eEQxFySNeUm9m2N_0vKFDqT29pzf9zb2KNiHVIETYsmeZTbSOiTs...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMDM3NDUxNjgxMTg4ODc4Ng%3D%3D&google_push=AYg5qPKHJBTvWFMRX_bQ5L008cINtXD5c_eEQxFySNeUm9m2N_0vKFDqT29pzf9zb2KNiHVIETYsmeZTbSOiTsGcGh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMDM3NDUxNjgxMTg4ODc4Ng%3D%3D&google_push=AYg5qPKHJBTvWFMRX_bQ5L008cINtXD5c_eEQxFySNeUm9m2N_0vKFDqT29pzf9zb2KNiHVIETYsmeZTbSOiTsGcGhD_kbVblv4_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMDM3NDUxNjgxMTg4ODc4Ng%3D%3D&google_push=AYg5qPKHJBTvWFMRX_bQ5L008cINtXD5c_eEQxFySNeUm9m2N_0vKFDqT29pzf9zb2KNiHVIETYsmeZTbSOiTsGcGhD_kbVblv4_
Date
Tue, 21 Sep 2021 13:13:33 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 6414
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESENEJOWy8fW647ckbgSjtwQg&google_cver=1&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESENEJOWy8fW647ckbgSjtwQg&google_cver=1&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=q5Ak3ar9lU09IFLtk0yJxg&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2RI2Pw_ECCRpxQsCxKdJH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=q5Ak3ar9lU09IFLtk0yJxg&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2RI2Pw_ECCRpxQsCxKdJHM_eNS5KEnTzZRQAATth
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 21 Sep 2021 13:13:33 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=q5Ak3ar9lU09IFLtk0yJxg&google_push=AYg5qPIeAy0KVdl8K__oGWbQErawqi1A5JixSIlJSuzTrfFEG6Wab3dy7kZC2RI2Pw_ECCRpxQsCxKdJHM_eNS5KEnTzZRQAATth
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
238
pixel
cm.g.doubleclick.net/ Frame 6414
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB7GtO4c6hGuRGI09c8qTPA&google_cver=1&google_push=AYg5qPL4tW7ckjySD2b64SiTrfZW_H6pljO_C3CXKQGfhS9T6x7mv6wG5EqTvB5b2tQEriDeEORq_Vr01bRsM4L...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=BTAM6cHeT3t9FaObwcJjBdiDbxs&google_push=AYg5qPL4tW7ckjySD2b64SiTrfZW_H6pljO_C3CXKQGfhS9T6x7mv6wG5EqTvB5b2tQEriDeEORq_Vr01bRsM4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=BTAM6cHeT3t9FaObwcJjBdiDbxs&google_push=AYg5qPL4tW7ckjySD2b64SiTrfZW_H6pljO_C3CXKQGfhS9T6x7mv6wG5EqTvB5b2tQEriDeEORq_Vr01bRsM4Lx9hiajJvoNbla
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=BTAM6cHeT3t9FaObwcJjBdiDbxs&google_push=AYg5qPL4tW7ckjySD2b64SiTrfZW_H6pljO_C3CXKQGfhS9T6x7mv6wG5EqTvB5b2tQEriDeEORq_Vr01bRsM4Lx9hiajJvoNbla
Date
Tue, 21 Sep 2021 13:13:33 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 6414
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHBQLkX5U_naOSwQcqbWMvw&google_cver=1&google_push=AYg5qPJAg7Bj6Ntb9iI6lcwlnpOGkLZKVNwkeYzx_60zUjzICUufLrrfucIJv_GK2dBtSvNe19WZXJbmajqirtdh-k8JhLk...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAg7Bj6Ntb9iI6lcwlnpOGkLZKVNwkeYzx_60zUjzICUufLrrfucIJv_GK2dBtSvNe19WZXJbmajqirtdh-k8JhLkRQ5AgPw&google_hm=Nzc5Nzg3N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAg7Bj6Ntb9iI6lcwlnpOGkLZKVNwkeYzx_60zUjzICUufLrrfucIJv_GK2dBtSvNe19WZXJbmajqirtdh-k8JhLkRQ5AgPw&google_hm=Nzc5Nzg3NTQ3Njk1MTE2MjQ0Mw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJAg7Bj6Ntb9iI6lcwlnpOGkLZKVNwkeYzx_60zUjzICUufLrrfucIJv_GK2dBtSvNe19WZXJbmajqirtdh-k8JhLkRQ5AgPw&google_hm=Nzc5Nzg3NTQ3Njk1MTE2MjQ0Mw==
Date
Tue, 21 Sep 2021 13:13:33 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6414
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEBcUVsLZfBqUn_EQu_DYUfc&google_cver=1&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw
  • https://ads.avads.net/sync/ggl?google_gid=CAESEBcUVsLZfBqUn_EQu_DYUfc&google_cver=1&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewA...
  • https://ads.avads.net/sync/ggl?google_gid=CAESEBcUVsLZfBqUn_EQu_DYUfc&google_cver=1&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRs...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6414 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6gntUcxtyTdxJpWAFI0QgbMM78Qr0GW-Pv9W6UGkIPZY3D6dxutNMa3SOWIaec1Npd1J8WJo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
08182021-080336905-Love_DE_DE_728x90_728x90_ger_-_German.jpg
s0.2mdn.net/3392373/ Frame 3264 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/3392373/08182021-080336905-Love_DE_DE_728x90_728x90_ger_-_German.jpg
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
fd85608ed11e3c5f170be5e7af3b2d7a5b6ec738c066678a9cd7d38ce03d8e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 05:01:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Aug 2021 15:03:36 GMT
server
sffe
age
29498
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45120
x-xss-protection
0
expires
Wed, 22 Sep 2021 05:01:55 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/xfa/ Frame 3264 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
3833feb2a43e5054ba5f4fe4dfd2232c1117e029c3efbe9f1984c2fc48bd0b7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 22:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4323
x-xss-protection
0
server
cafe
etag
5801917593407317204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 22:41:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame 3264 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3143
x-xss-protection
0
server
cafe
etag
2416364338287085106
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:11:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3264 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1632137836110461"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3264 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuspTWkATDzWJ1NojdPiXiz4p0dp_PQUE4z--MvWvkU_oiHzb4iDVvhDiz8yZKaCJpdi3yo-nJCL87YJ5ggyUAlLMUxRQ_9QSZM7YdzV2fQ-JQBEjGYoJN612ILq0WFpXdHwdSu8x7cexsRiOkb0fZCFPryMWLY9SN5F15UwUcRhETPZrhMEg&sig=Cg0ArKJSzILnKKgGUCrjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210916.49871&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3264 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3264 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2d32ff6fb6d3b507369e60077359d34ea6ddda9cfa22e818283e2c09881ef666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4571
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DA4C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 17 Sep 2021 08:58:07 GMT
expires
Sat, 17 Sep 2022 08:58:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
360926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SPug
simage4.pubmatic.com/AdServer/ Frame C974 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
skeleton.js
static.adsafeprotected.com/ Frame AFA3
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/787359/56365210/skeleton.js?adsafe_url=https%3A%2F%2Fsecurityaffairs.co&adsafe_type=g&adsafe_url=https%3A%2F%2Fsecurityaffairs.co%2F&adsafe_type=e&adsafe_ur...
  • https://static.adsafeprotected.com/skeleton.js
17 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.251.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
nginx/1.16.1
age
2368965
etag
"53fab767ecbd3bf07990b10246befbd4"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
17

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 4B68 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.251.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
nginx/1.16.1
age
1737058
etag
W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
dt
dt.adsafeprotected.com/ Frame AFA3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=272ede4a-5238-1b03-d70e-2bc144ca6744&tv=%7Bc:oR20Lq,pingTime:-3,time:276,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:247%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:276,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:246,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJEqNfO+11%7C12%7C13%7C141*.787359-56365210%7C1411%7C1412%7C14131%7C1414%7C142%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1h%7C1i%7C1j%7C1k,idMap:141*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.11.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-11-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame AFA3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=272ede4a-5238-1b03-d70e-2bc144ca6744&tv=%7Bc:oR20Ls,pingTime:-6,time:278,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:278,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:246,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJEqNfO+11%7C12%7C13%7C141*.787359-56365210%7C1411%7C1412%7C14131%7C1414%7C142%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1h%7C1i%7C1j%7C1k,idMap:141*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:securityaffairs.co*%2Csecurityaffairs.co*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.11.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-11-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
pagead2.googlesyndication.com/bg/ Frame DA4C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
72c561fa658c163b0d597cc2eadd3cedca62712ef8aab4d7a1dcff790e60fa94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 10:01:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
11500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13281
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 21 Sep 2022 10:01:53 GMT
dt
dt.adsafeprotected.com/ Frame AFA3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=272ede4a-5238-1b03-d70e-2bc144ca6744&tv=%7Bc:oR20LC,pingTime:-2,time:288,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:436,bdZ:599,beA:635,beZ:636,mfA:857,cmA:859,inA:859,inZ:865,prA:865,prZ:875,si:883,poA:884,poZ:899,cmZ:899,mfZ:899,loA:912,loZ:916,ltA:922,ltZ:923%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:247%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:246,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJEqNfO+11%7C12%7C13%7C141*.787359-56365210%7C1411%7C1412%7C14131%7C1414%7C142%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1h%7C1i%7C1j%7C1k,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:39,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.11.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-11-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4586 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4KE-fNpJYY6YOt2L7_UPxdaF-AMAAAAAOAHgBAI&bg=!oaKloubNAAZWaDWkVmg7ACkAdvg8WhocvaJBLZtkjZtsEwbqKymYIMQyk2gQVjJqbYUzqb7UB7DsQgIAAACVUgAAAEVoAQcKABbMWP3KfRhDcF9RRl9B2pssYb4bu--KmQLsfI1UvqEhOFGUaERd_1AMl17sXuRD9pUxFWwt_iWzmWLUVwWd9H2jJWVj9GDnNmlolkEUeIJEwXHvCYA1C0Fd_70Hjg2C7gQjh3YFc5mGsd6wTzU-ziDuENmU8ts2zSpYGc0RkYFqqKGEUCM97I7D1RTMDfdCa8xef2ZZneMfvRocU85M9UNHgLShWw2A_BLBwIWComkCByM5ck7b8HdmM3lA2I0oFubFDi80OvLjcrDiOlyIFfx7LUmhD1Yl-NkSV16NK4PUcQ3eXh6mW7CL4GHP5032zu6DNDjpUwWq3R9QYTi8xH51BOHNhFnPDbNSKWu8M5B6fn3yhAlBMitAUWBDtwMcL7X_7u5YCO5mK617hLRtYBEWd7C65LcvROKDm5dqAixHu2Jq84V2HQ-3sSLrSJl9t2oBKXT_TSYX9Hk0Jq1HpP8LK9lePpsogTLIhW59CP0PEk6ZOXnVY3BJH53jSM9-kAs0OKfpEFxSIUZMxWLEErr1UFvOHLX3lUq6gdg_E04scMdX-Fl8ufoJNYLemuEdCIbYYl-dCNLn2VLzbQHFwBSz5MtOb68fVG1RLiky7In5TdW6ztiGF_nIV0BMg1cGCMSAU1NHMqMZz1sEECWpfL7uXz0bk13eokscqxhUaUSWKM0nXNPgrAvD1MU9eVkaod31Cj-yFWgso2KJUCuUIXb1IkJaTON9DQaZSoJxrRkDyt-JbwWo4vRrhPs2bOKYch6566HvJ1p3m4RsznOsaKZ13xCyuToewtiG8PB_C-n7P0C057InEv20TgL13jTVE4Fcvo7VwUwpm2xe-CmZlzujjT3HoGF5C-vAIhmiwDsUDoVR546QLdE9GVATNfv55CzruYDjxGCN_Q1i-v7LaNTlhHhRwm5FtP9FvnSdYNq0_wBTKTvUfs5KQ5OlzYLZD05zGo-MciVtpLTa-s2kaUbmClWnsL0aTKKQQg2PdqKblrDWKrDKL5zHQdXiNhfPsrM8ecccNA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3264 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuspTWkATDzWJ1NojdPiXiz4p0dp_PQUE4z--MvWvkU_oiHzb4iDVvhDiz8yZKaCJpdi3yo-nJCL87YJ5ggyUAlLMUxRQ_9QSZM7YdzV2fQ-JQBEjGYoJN612ILq0WFpXdHwdSu8x7cexsRiOkb0fZCFPryMWLY9SN5F15UwUcRhETPZrhMEg&sig=Cg0ArKJSzILnKKgGUCrjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&vt=11&dtpt=164&dett=2&cstd=0&cisv=r20210916.49871&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame AFA3 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=272ede4a-5238-1b03-d70e-2bc144ca6744&tv=%7Bc:oR20O2,time:439,type:e,im:%7Bimprf:%7Bttecl:550,ecd:29,tsecr:35%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:439,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:246,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B212~0%5D,as:%5B212~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sJEqNfO+11%7C12%7C13%7C141*.787359-56365210%7C1411%7C1412%7C14131%7C1414%7C142%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1h%7C1i%7C1j%7C1k,idMap:141*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.11.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-11-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA4C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlUBZfdpJYa3BCpyQ7_UP--mByAIAAAAAOAHgBAI&bg=!Pj2lPXnNAAZWaDWkVmg7ACkAdvg8Wv7drQo8QvwUSD321nxzkMYxsl3RXsVBrIyjt8kmEMl2frJP5AIAAAC1UgAAABBoAQeZAxq9dORVhW0_wKtNsuPnqs5VxW94ifhM5tIsQe3v9kXo5rMmY3Zv87MDXcZ91WcIHTe-8kIURJ9UJ8DUfelya0RaD6Y94zwj-S8Uh3vvRFqv3xjB8Lb3l6FjpJ66hpgSn5NDraOrSXHqx_CMTcmnqiNvk8wjJLDV0sqJ7Wk81PbV6adET9UT7bFsXg4zOTcdvLmDpAmSGTIUtPa80xOYFjZQi78zg4oWv7BWj9N_PwpzJUmqvMJ9zHZ38cUMZwc3xELUSNB8whzcyd2m0G3q_iR5WnzckkmKPRyyaQnA41P-pTFlk7wUfmfJ_OIHnMaxEcwGpIdP-VwN4uCdTkN_4suz2dVih7AETS6vuA_kbMbKS1yTfUKnp0CcZBkXuvaWc8W7OJBa9rM30GNfYpuaxpXUo-9f_cZFbJzYnzMU1hK-twUvz-T-5R9gBUgCuxM8tzGHKCeXYAHn4DGXSbBGR1F2uffVwh90lbDWleD6tB0EaWRlzsf90UqvfxI3_S7hnPfwI6ftCDHvMDaJsSw4dCsuuF9u6HjKqwB2sryfa7tIsPe59fmJrcDg7J34_mz2Noi8YtS7N2P59bDMgwCuWeJynvR4_T-OoAJrqtHNYv0I4noO0rSlQkxQyPac5UL8UdMJzy__wnSMg8cY-xUOA4AmJcE4FtWC-V6gJm-s3Pdf0jiJDseypcIO3UvA_KDt-GcdBjmaN0WQdY2cO7TQV8lmPU1dcOsSY0i3xb70ggCW7l74iz_v_pDJDegbv1Xw1XQqMmKKE8z-7vuAHiHa9Hn69Sh7wTuVTk-LGCR0x8x4d4B59K2GTSS_lcpQ4FR8QmLpjzD2bchLqJIeNxdl-t4Ce1Kr9pjARFwMdP3dNDGeNpLC88o9rE6QhenWdddkzsroenFqpkc4snFikDNuHcoRivr5xNO_BDPsNrHCTNH-CnbUgljhnwRPLthU8cb-KFlnmPuxKQmIdFo_3GrUt2AWo0-bqwdraYLo-6h-hm-83sgIFx28gmlOIhakBfWc-DY6fTRroiaWI3MlyeQ1qLPq57DrarYvANblbg
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6410.3885621DV360-JELLYFISH/B26230969.310867716;dc_ver=79.229;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=497053797;ord=t4nfye;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx3EfNpJYbWhIdiW9u8PtNaIYJKdiqNl-6XkgqMO8C4QASCjh5YeYJXikIKgB6ABxYjl0wHIAQmpAgaa-ZoKsbM-qAMBqgTPAU_QuXCkroluHKaAtEQB4DDXbXL9AILChaNKUSZaHuAcE5T_CngbmpoQ6BWDyd9b-3pPIzVXfnWcvX3wo9cCeTOFyZFjrGkXcQh4Qnzs8GLYO_riIFLfovt0rbxxky46jlG_Ap6S23zS6AuL0I0K4JYRbtXn4Y_ncheVrV990s9MBBfcTBfKwuh2u5R_uwaBt9G04fsrbOaOLsoHtwVdADJchCwKIIYfuE8xlCes3SQCEVgIPvZoAN-gQQcwOW_zAnWjLikcOYl_GTHFEJbGPsAE6MStkukD4AQDkAYBoAZNgAej95qsAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPNpsMM0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7ddSwlHbKK92e5B8hBgKJg%26sig%3DAOD64_3GTawtqeyqQs_aKGBXW7I--BY6mQ%26client%3Dca-pub-1575911585432548%26dbm_c%3DAKAmf-BEZ76F2QegHRK668Yy1pVBuuTYrFSk7sSAIdhP6TMeDnraA3_hRGEl9g1oXUCdaNCYAdKdffjXvyWMw5f8Rk3KNLU21G2mQBoIufkaREM4z9TU7m8jCWvzT9eBPcYiS01gRnUuzWs6cU-GPWUOH82yL2SsZw%26cry%3D1%26dbm_d%3DAKAmf-D-Hbn3TQiDBQlcvObN3vnUpomKO7o9JmKsa5EMC_WqR7sQaZXtdJyrgQCBcHX2d2RSxdF_0wjZpOuh1avlTs8hVyCtyviLNxcaOjYwtzRB6VIUzxu9CWINvfGuZEYrlFfw4GvC9uR4xKxnHAjh9_JUxF2UqncUweOHwhc7Vt9j_IlqSelLVInO9OQoomQ7Jw9j3fffaexj-NwIxaCNEFzmqBl-UzDFc-k21D258KvzeVNM9I4LSymuCl4AsyysB8kULxN4DADfxh2JKNXWnfznSmINthPF5YJQNxC82Gc_-uLJbmIrtJ-y0fpH7ODjesCbU-0KDJftzH-QzlxczatKp63PrDqTsSht1L2bZBJnZ_e3Lv9yjmgk7PpyE-auBrllX_mXEIQ3hvCgibiV2GRNYKKuaHqPLwj9s2qbOArywvNVM2aRHrlNpqPTxGpTqq7XRUQmuvdsIPZXUX4CgM2G862TPcDWz4CnuP1lsMSsUB5_sKbGauSM_KoEsskSFKk85Qw_L0HJPpeB9VkefupRE6eHwG_ozF6d_pwnMCzX-jj14a4%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fsecurityaffairs.co$2,https%3A%2F%2Fsecurityaffairs.co%2F$0;xdt=1;crlt=WH5RQ)91J_;osda=1;sttr=65;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ Frame 464A 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95714
x-xss-protection
0
server
cafe
etag
3232603846146272685
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 13:13:33 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ Frame 4A40 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95714
x-xss-protection
0
server
cafe
etag
3232603846146272685
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 13:13:33 GMT
dt
dt.adsafeprotected.com/ Frame AFA3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=272ede4a-5238-1b03-d70e-2bc144ca6744&tv=%7Bc:oR20QT,pingTime:-10,time:615,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1632230013710%7C%7C0d0b7f1089751220c648960e6cb592d6%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C4e0fc9e292a30728856a2e8f63a9395e%7C%7C4584e314f6452269fd66c693b7f869e0%7C%7C9e35fd8def20d91e3212233fd5737fc6%7C%7C0a860fafb1d07a331676e848ea98209d%7C%7Cf9abf7c5b8717e5c016dab612fafdc94%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696132&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1632230012&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230012261&bpp=15&bdt=2238&idt=165&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&correlator=269952746191&frm=21&ife=1&pv=2&ga_vid=1352141922.1632230009&ga_sid=1632230012&ga_hid=2021330701&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=627562904&scr_x=0&scr_y=0&eid=44747620%2C31062518&oid=3&pvsid=694293337181406&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f2jg2mtvhwic&fsb=1&xpc=RjlHBE0UbJ&p=https%3A//securityaffairs.co&dtd=198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.11.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-11-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:33 GMT
x-server-name
dt46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cookie.js
partner.googleadservices.com/gampad/ Frame 464A 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 464A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 464A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F590 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9298439166d209c3ec659c77adc93960abc4bf6dbd1d8dfd8236c9d549933a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 13:13:34 GMT
server
cafe
content-length
8330
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 464A 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632137829538267"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:33 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 4A40 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4A40 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4A40 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 08F3 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 13:13:34 GMT
server
cafe
content-length
8445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4A40 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632137829538267"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:33 GMT
truncated
/ Frame AFA3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4152d77e351b9fb09d7790db23ec7a330dac32737749be09402580abed6c4150

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3264 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 21 Sep 2021 13:13:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 97CF 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210916&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
02ef58acaf576fbc7d21c12ea7c284a888060999831922ca937d7bd92bbd8060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 13:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8658
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame AFA3 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=787359&asId=272ede4a-5238-1b03-d70e-2bc144ca6744&tv=%7Bc:oR20VB,time:907,type:e,im:%7Bpci:%7Btdr:621%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:907,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:246,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B680~0%5D,as:%5B680~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:109,fm:sJEqNfO+11%7C12%7C13%7C141*.787359-56365210%7C1411%7C1412%7C14131%7C1414%7C142%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1g6%7C1g7%7C1g8%7C1g9%7C1ga%7C1gb%7C1gc%7C1gd%7C1h%7C1i%7C1j%7C1k,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.11.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-11-13.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
x-server-name
dt45.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 97CF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 21 Sep 2021 13:13:34 GMT
csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
pagead2.googlesyndication.com/bg/ Frame 8C5E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
72c561fa658c163b0d597cc2eadd3cedca62712ef8aab4d7a1dcff790e60fa94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 10:01:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
11501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13281
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 21 Sep 2022 10:01:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F590 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpVJJqTlW6ygXU6cHIjx4YdVzGettL6ugoNUMZMyzMY6UUGOVIqC24-nTL-W5tR0zQp36BHBq-Y6FH2iVNi9DpCtm6sCeyju_MFyDccOQa1F8iHMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame F590 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:03:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F590 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1632137836110461"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame F590 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:05:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D74C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARih6-ioATAB&v=APEucNVS6o4_rjqjZpvcHQF3EpDmuP_RUXGJhGB5sUtKI8zSU2U_tSFtU93KwVVUZn7ijJsRhfugBJbuzb5D9wOWH0xDASO-hrr9Xqv4s724FF8HEFTAz8FLS8hyC-4t-PST6JpAghU7qeQnibFnlXsNZIXqXByyfbULkR_CUyT7pAbOstU4k_Jlr0THOmVNbEviSpL2V0i4uW9zDjJaLUJqbD_WaAchxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvjgQEQ_aOOARih6-ioATAB&v=APEucNVS6o4_rjqjZpvcHQF3EpDmuP_RUXGJhGB5sUtKI8zSU2U_tSFtU93KwVVUZn7ijJsRhfugBJbuzb5D9wOWH0xDASO-hrr9Xqv4s724FF8HEFTAz8FLS8hyC-4t-PST6JpAghU7qeQnibFnlXsNZIXqXByyfbULkR_CUyT7pAbOstU4k_Jlr0THOmVNbEviSpL2V0i4uW9zDjJaLUJqbD_WaAchxA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 21 Sep 2021 13:13:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F590 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_ItOnvYjNWJ6fae3bPDyj7MvK4HySKPt2pD1r3z-Xj1jX5xIo-gZb7LeI-ZiRKY0CAK_KKIUO6eR3lrpY6ZKPSLwSS3yhMc4zss6kZDV2X9qNxHQJpy4ZAtgndA28dWmKw9NeP9FgAXTlp3Mn22_1yE5VKg&dbm_d=AKAmf-Cyl1BEsTTF1Eir39bhbON1-gTNIB-ahrEB4SS0bD-7KON6mzij4RBDByK66AxomjRqmvijvSNJLnzK9Mb6hBVJCTa77SR5ipjbER6D2xTlMEZxwvC2ea0IwvZk5e3GuwDb-NH3eNh6EXrtJgatg7vBKMc58_t8Rybq3XeoqNW7s1pQVZYMA7hEGlw690D1AfT1v51TnnCok4dEnzWuuIV4oIKfleXjvy-U92LxSHS7CQ6klSVYJPGRNC-QySjMjZ6ZWZte8Iis7g5Btj-ezKK_dcT5YjsfkqCfkFr_Z7xWvPP461KmWNSmww9fpBd-4CZCqM1u1VyRtwcpnKZd5gmRYTomNF9Px87TGBL6UCqaCa-RMKawyIP4M0m53nUlbPqy4tdCao0JaJtYHnkRr6ASV0POfdtBqy-wmyPNjs8l-ME3l08cpg8I3FPOsaQ2QbdQxFJQ5qEGFgvwV6GPVMm21KugUexZZWGFojkeW5xP9o8512sbyQUV-nK0PTVHTczaf-zYssSNu2S0Zs_7Oxz57qRmdzNbWVy13hGzjKS1d80Ll66oAz3QAaEZa0EHA_AyWWupg27rq1VesR-HXPBzqhV9F5kDLfSIiTstChLIztlSds-iE9WFiU5HHSP5raOgNBRCGjXT5CaTxil5nnZRWYGyP867EnOgr0Ui5baQXUrzimmC6KTzTTujnHCqhke737zdxSdzp9XiohqpYC0VJcGcqbItq2f_bQp-3WH1Sxer5KqzyHcSnRMqZG6gp7fEClCWj97BPE_ENPP899cBNiJoRFiwbnTT4m_UzslUQwLo75eHFpc95_npTovbi--J80uN2xcuggbNKup_jjBo9vPmrXu_pQd7R8kR7bX2V5PvLGy5vxc5y6zZqxsRAoWMVLqzIstHXfC4qLIbVIoKw_HGxdl7Y6sYORTSpWSfIM1gYdSE8EGQR3N-96gjdhEi087MiE1cfCfOFTe8iYT76ALnTY1Wb1WNmWXhP6yIN7O_fNzTCkTMygVYn-uy8fXckHHUstyMcvNowtRNTEGgHehfiv9se9v8remrQDRG2wYz_fwEEGyi4p3ls9sCs5DuEzNlEPC4ammTXgCDuXt36ZZFjOzwMY4CwYQFZ-PjxyL1nRWd1iMn6NaJlDGUvsUW6pc8Q7gJ82TwYbv53YwETrMKyXu8wvPmkbsjtFv4X94tLXyzK7L-PT16-iOlRIOw3r20xSq6xbw-a9wja3b_8npgfalAP9M0c-lOVgvDXIrZjJpUEwOF6bSAKJz080QPQI0j1-bQiHxNrBZNS2R6jnVr1aDLJUd8qL_mGOsbCiaNkh_TPtY73i4i9ttME-3pvi8uR4a2sxnasKNk6AsIPCfVQptEq3DRMoq-V8eI-TCp5S-p2bbbQ9NDbpMTlN7fmN5hSg7QebF9Sh7rZwSoS4-_Bn02mx48mgucyAohpl7GT8Er8peDca-t8QY2XndtOd0aTfXsImMKoLIN0uXTovVzLhnK8ix7-rWJpwLJu72vu1kt2HSTMxF9wVNOopOgfMDe_basG0ZY3hFrScqGpSb_IKfVPSqaKxTg8WpjeNnywkKkhgtTusyUBMJl5DfGxiiWA80W01453vWuoWh_RoGlEETcLVBa8UBQEYUPpOqsYNA8_CLhRH0XPNYATTws_-GXXN2wmr6aJgNaT0vaTV8tlOGrYhE_bp2azyWa0yGaW338d6eMIYet2a3Dkbf2DCqWJN53ldGX0Kpf_-gQ4Qu3vNxv4YBuCb4a0nBZJaOoYFxSvfxahjCnhkrRlwIko1p_MaxHt1_HxZMv3rZw8u1bfl3QhND5MiHiX_0VXN5tR7VASbesp6zzhI_vj68vfa0sWHg60Xx1L1NNtMFYUBezOfJMiIV0FP4tFkxq35Cpp6fikonbrgWQI27haWgnce75GarUnpaWhBZTbrY3US9r1K34OcpiFem-7IloMqZpw21EUb0hg-VqiDPWfWjCijbpVCyvnT9Xi9ffbWo0RZUEfU6HLM5XJWovETutTwv7zSk_Cbuj5k5TDRf7-TqTZH8Ebfj4MV-KFso44s2_NzsvYev5LWL-oBtvRaEtZdXjhyEmM7MZM5jBiBVznSiYF-6fAUqKFh5Z0zzk4s_pmS-ESRI9izPnM0o-oD4j1zg4l0_n-fV1ZPXKAnRSI7rFzYaino2qxGBQ76k8yMZb6R62jIsMkRHJbGrEVti9vB9T-f7oTzzWB_0aO5O4zwH9EXZNvrE4F20qxlmEyz3X7jVHVWcxnKEybPFXgDXCol3W8lGv1FltUcSdzCxOuRcsn5brfPdnPZy1gL99XLNYUnw-qQIyTwWGB23cnsuk5bxai_niX-1FoErAnWPHUUG1dM_9F2pPA9pqt9pJnMOD8eT5tnzlPuSJRWLjtTkshnaymda9WhYZPiJ_qu6R_ESjSku5eO6o_yHKYvuldMxMv7RXpsy_duSX08Q_9UbtRx2Skb8yIgn-8H9T4iaa-S47Q-wtLK3OCyUOGFPrloW2GTylDmyFyUWJJl4G4zQxI1lxdQ5yQyiQXLeoHO8qKm1NKdLLPnDWGC4hRM4duXoMBz1-RyN5Soa9-Ewz67h8cKbBC9p5vhfIlMkdXCnn-l_j5F4afijHFyl78qiVYs1YIPh0dVacgnKM8tSqzvwwa_qL1xOKHiXbeZLMJj583kVGhDjSSTnMTm7x4_i9z6V5VLJ-ndU3X91bby_RsgkqY7-umEIzgRdZGL-vNBzPDPcp7KNpT-eTD7fR-XoQhZY_xhEN8j0FJ9-zVKQALGBNbj4fUphhVs9FwPPwJBNB5FK5pufmQYNQK6TYfw4mtvvF_9UKKmQoOlw6Jr6Q0xouqJ91-rd9DHKxaqvYgn0xmlRCxnDpaG6_0i5vbzVFOr_nEJ8g6HsN9KXpTra6VIfP_-GLgE5wc-ImNiy_iuktFpuVdEKWoeVCosxXPl0bFRMScLbwSPfEvTZNKVTAk1Ps0c_nC2Q&cid=CAASEuRoW2JS63kKXjBvB1o3gLZnzw&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
fde35050b78767be55572ad92bfd6c357085e69dd8d95fef81176279256b23cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29383
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E3CD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 21 Sep 2021 12:15:09 GMT
expires
Wed, 21 Sep 2022 12:15:09 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C683 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cqMAVWiI6o5JvIExhNN9yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://securityaffairs.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securityaffairs.co/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 21 Sep 2021 13:13:34 GMT
date
Tue, 21 Sep 2021 13:13:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-cqMAVWiI6o5JvIExhNN9yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame F590 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: t.co
URL: https://t.co/3eYwzjuEOS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Sep 2021 13:04:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame F590 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_ItOnvYjNWJ6fae3bPDyj7MvK4HySKPt2pD1r3z-Xj1jX5xIo-gZb7LeI-ZiRKY0CAK_KKIUO6eR3lrpY6ZKPSLwSS3yhMc4zss6kZDV2X9qNxHQJpy4ZAtgndA28dWmKw9NeP9FgAXTlp3Mn22_1yE5VKg&dbm_d=AKAmf-Cyl1BEsTTF1Eir39bhbON1-gTNIB-ahrEB4SS0bD-7KON6mzij4RBDByK66AxomjRqmvijvSNJLnzK9Mb6hBVJCTa77SR5ipjbER6D2xTlMEZxwvC2ea0IwvZk5e3GuwDb-NH3eNh6EXrtJgatg7vBKMc58_t8Rybq3XeoqNW7s1pQVZYMA7hEGlw690D1AfT1v51TnnCok4dEnzWuuIV4oIKfleXjvy-U92LxSHS7CQ6klSVYJPGRNC-QySjMjZ6ZWZte8Iis7g5Btj-ezKK_dcT5YjsfkqCfkFr_Z7xWvPP461KmWNSmww9fpBd-4CZCqM1u1VyRtwcpnKZd5gmRYTomNF9Px87TGBL6UCqaCa-RMKawyIP4M0m53nUlbPqy4tdCao0JaJtYHnkRr6ASV0POfdtBqy-wmyPNjs8l-ME3l08cpg8I3FPOsaQ2QbdQxFJQ5qEGFgvwV6GPVMm21KugUexZZWGFojkeW5xP9o8512sbyQUV-nK0PTVHTczaf-zYssSNu2S0Zs_7Oxz57qRmdzNbWVy13hGzjKS1d80Ll66oAz3QAaEZa0EHA_AyWWupg27rq1VesR-HXPBzqhV9F5kDLfSIiTstChLIztlSds-iE9WFiU5HHSP5raOgNBRCGjXT5CaTxil5nnZRWYGyP867EnOgr0Ui5baQXUrzimmC6KTzTTujnHCqhke737zdxSdzp9XiohqpYC0VJcGcqbItq2f_bQp-3WH1Sxer5KqzyHcSnRMqZG6gp7fEClCWj97BPE_ENPP899cBNiJoRFiwbnTT4m_UzslUQwLo75eHFpc95_npTovbi--J80uN2xcuggbNKup_jjBo9vPmrXu_pQd7R8kR7bX2V5PvLGy5vxc5y6zZqxsRAoWMVLqzIstHXfC4qLIbVIoKw_HGxdl7Y6sYORTSpWSfIM1gYdSE8EGQR3N-96gjdhEi087MiE1cfCfOFTe8iYT76ALnTY1Wb1WNmWXhP6yIN7O_fNzTCkTMygVYn-uy8fXckHHUstyMcvNowtRNTEGgHehfiv9se9v8remrQDRG2wYz_fwEEGyi4p3ls9sCs5DuEzNlEPC4ammTXgCDuXt36ZZFjOzwMY4CwYQFZ-PjxyL1nRWd1iMn6NaJlDGUvsUW6pc8Q7gJ82TwYbv53YwETrMKyXu8wvPmkbsjtFv4X94tLXyzK7L-PT16-iOlRIOw3r20xSq6xbw-a9wja3b_8npgfalAP9M0c-lOVgvDXIrZjJpUEwOF6bSAKJz080QPQI0j1-bQiHxNrBZNS2R6jnVr1aDLJUd8qL_mGOsbCiaNkh_TPtY73i4i9ttME-3pvi8uR4a2sxnasKNk6AsIPCfVQptEq3DRMoq-V8eI-TCp5S-p2bbbQ9NDbpMTlN7fmN5hSg7QebF9Sh7rZwSoS4-_Bn02mx48mgucyAohpl7GT8Er8peDca-t8QY2XndtOd0aTfXsImMKoLIN0uXTovVzLhnK8ix7-rWJpwLJu72vu1kt2HSTMxF9wVNOopOgfMDe_basG0ZY3hFrScqGpSb_IKfVPSqaKxTg8WpjeNnywkKkhgtTusyUBMJl5DfGxiiWA80W01453vWuoWh_RoGlEETcLVBa8UBQEYUPpOqsYNA8_CLhRH0XPNYATTws_-GXXN2wmr6aJgNaT0vaTV8tlOGrYhE_bp2azyWa0yGaW338d6eMIYet2a3Dkbf2DCqWJN53ldGX0Kpf_-gQ4Qu3vNxv4YBuCb4a0nBZJaOoYFxSvfxahjCnhkrRlwIko1p_MaxHt1_HxZMv3rZw8u1bfl3QhND5MiHiX_0VXN5tR7VASbesp6zzhI_vj68vfa0sWHg60Xx1L1NNtMFYUBezOfJMiIV0FP4tFkxq35Cpp6fikonbrgWQI27haWgnce75GarUnpaWhBZTbrY3US9r1K34OcpiFem-7IloMqZpw21EUb0hg-VqiDPWfWjCijbpVCyvnT9Xi9ffbWo0RZUEfU6HLM5XJWovETutTwv7zSk_Cbuj5k5TDRf7-TqTZH8Ebfj4MV-KFso44s2_NzsvYev5LWL-oBtvRaEtZdXjhyEmM7MZM5jBiBVznSiYF-6fAUqKFh5Z0zzk4s_pmS-ESRI9izPnM0o-oD4j1zg4l0_n-fV1ZPXKAnRSI7rFzYaino2qxGBQ76k8yMZb6R62jIsMkRHJbGrEVti9vB9T-f7oTzzWB_0aO5O4zwH9EXZNvrE4F20qxlmEyz3X7jVHVWcxnKEybPFXgDXCol3W8lGv1FltUcSdzCxOuRcsn5brfPdnPZy1gL99XLNYUnw-qQIyTwWGB23cnsuk5bxai_niX-1FoErAnWPHUUG1dM_9F2pPA9pqt9pJnMOD8eT5tnzlPuSJRWLjtTkshnaymda9WhYZPiJ_qu6R_ESjSku5eO6o_yHKYvuldMxMv7RXpsy_duSX08Q_9UbtRx2Skb8yIgn-8H9T4iaa-S47Q-wtLK3OCyUOGFPrloW2GTylDmyFyUWJJl4G4zQxI1lxdQ5yQyiQXLeoHO8qKm1NKdLLPnDWGC4hRM4duXoMBz1-RyN5Soa9-Ewz67h8cKbBC9p5vhfIlMkdXCnn-l_j5F4afijHFyl78qiVYs1YIPh0dVacgnKM8tSqzvwwa_qL1xOKHiXbeZLMJj583kVGhDjSSTnMTm7x4_i9z6V5VLJ-ndU3X91bby_RsgkqY7-umEIzgRdZGL-vNBzPDPcp7KNpT-eTD7fR-XoQhZY_xhEN8j0FJ9-zVKQALGBNbj4fUphhVs9FwPPwJBNB5FK5pufmQYNQK6TYfw4mtvvF_9UKKmQoOlw6Jr6Q0xouqJ91-rd9DHKxaqvYgn0xmlRCxnDpaG6_0i5vbzVFOr_nEJ8g6HsN9KXpTra6VIfP_-GLgE5wc-ImNiy_iuktFpuVdEKWoeVCosxXPl0bFRMScLbwSPfEvTZNKVTAk1Ps0c_nC2Q&cid=CAASEuRoW2JS63kKXjBvB1o3gLZnzw&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3143
x-xss-protection
0
server
cafe
etag
2416364338287085106
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:11:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame F590 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_ItOnvYjNWJ6fae3bPDyj7MvK4HySKPt2pD1r3z-Xj1jX5xIo-gZb7LeI-ZiRKY0CAK_KKIUO6eR3lrpY6ZKPSLwSS3yhMc4zss6kZDV2X9qNxHQJpy4ZAtgndA28dWmKw9NeP9FgAXTlp3Mn22_1yE5VKg&dbm_d=AKAmf-Cyl1BEsTTF1Eir39bhbON1-gTNIB-ahrEB4SS0bD-7KON6mzij4RBDByK66AxomjRqmvijvSNJLnzK9Mb6hBVJCTa77SR5ipjbER6D2xTlMEZxwvC2ea0IwvZk5e3GuwDb-NH3eNh6EXrtJgatg7vBKMc58_t8Rybq3XeoqNW7s1pQVZYMA7hEGlw690D1AfT1v51TnnCok4dEnzWuuIV4oIKfleXjvy-U92LxSHS7CQ6klSVYJPGRNC-QySjMjZ6ZWZte8Iis7g5Btj-ezKK_dcT5YjsfkqCfkFr_Z7xWvPP461KmWNSmww9fpBd-4CZCqM1u1VyRtwcpnKZd5gmRYTomNF9Px87TGBL6UCqaCa-RMKawyIP4M0m53nUlbPqy4tdCao0JaJtYHnkRr6ASV0POfdtBqy-wmyPNjs8l-ME3l08cpg8I3FPOsaQ2QbdQxFJQ5qEGFgvwV6GPVMm21KugUexZZWGFojkeW5xP9o8512sbyQUV-nK0PTVHTczaf-zYssSNu2S0Zs_7Oxz57qRmdzNbWVy13hGzjKS1d80Ll66oAz3QAaEZa0EHA_AyWWupg27rq1VesR-HXPBzqhV9F5kDLfSIiTstChLIztlSds-iE9WFiU5HHSP5raOgNBRCGjXT5CaTxil5nnZRWYGyP867EnOgr0Ui5baQXUrzimmC6KTzTTujnHCqhke737zdxSdzp9XiohqpYC0VJcGcqbItq2f_bQp-3WH1Sxer5KqzyHcSnRMqZG6gp7fEClCWj97BPE_ENPP899cBNiJoRFiwbnTT4m_UzslUQwLo75eHFpc95_npTovbi--J80uN2xcuggbNKup_jjBo9vPmrXu_pQd7R8kR7bX2V5PvLGy5vxc5y6zZqxsRAoWMVLqzIstHXfC4qLIbVIoKw_HGxdl7Y6sYORTSpWSfIM1gYdSE8EGQR3N-96gjdhEi087MiE1cfCfOFTe8iYT76ALnTY1Wb1WNmWXhP6yIN7O_fNzTCkTMygVYn-uy8fXckHHUstyMcvNowtRNTEGgHehfiv9se9v8remrQDRG2wYz_fwEEGyi4p3ls9sCs5DuEzNlEPC4ammTXgCDuXt36ZZFjOzwMY4CwYQFZ-PjxyL1nRWd1iMn6NaJlDGUvsUW6pc8Q7gJ82TwYbv53YwETrMKyXu8wvPmkbsjtFv4X94tLXyzK7L-PT16-iOlRIOw3r20xSq6xbw-a9wja3b_8npgfalAP9M0c-lOVgvDXIrZjJpUEwOF6bSAKJz080QPQI0j1-bQiHxNrBZNS2R6jnVr1aDLJUd8qL_mGOsbCiaNkh_TPtY73i4i9ttME-3pvi8uR4a2sxnasKNk6AsIPCfVQptEq3DRMoq-V8eI-TCp5S-p2bbbQ9NDbpMTlN7fmN5hSg7QebF9Sh7rZwSoS4-_Bn02mx48mgucyAohpl7GT8Er8peDca-t8QY2XndtOd0aTfXsImMKoLIN0uXTovVzLhnK8ix7-rWJpwLJu72vu1kt2HSTMxF9wVNOopOgfMDe_basG0ZY3hFrScqGpSb_IKfVPSqaKxTg8WpjeNnywkKkhgtTusyUBMJl5DfGxiiWA80W01453vWuoWh_RoGlEETcLVBa8UBQEYUPpOqsYNA8_CLhRH0XPNYATTws_-GXXN2wmr6aJgNaT0vaTV8tlOGrYhE_bp2azyWa0yGaW338d6eMIYet2a3Dkbf2DCqWJN53ldGX0Kpf_-gQ4Qu3vNxv4YBuCb4a0nBZJaOoYFxSvfxahjCnhkrRlwIko1p_MaxHt1_HxZMv3rZw8u1bfl3QhND5MiHiX_0VXN5tR7VASbesp6zzhI_vj68vfa0sWHg60Xx1L1NNtMFYUBezOfJMiIV0FP4tFkxq35Cpp6fikonbrgWQI27haWgnce75GarUnpaWhBZTbrY3US9r1K34OcpiFem-7IloMqZpw21EUb0hg-VqiDPWfWjCijbpVCyvnT9Xi9ffbWo0RZUEfU6HLM5XJWovETutTwv7zSk_Cbuj5k5TDRf7-TqTZH8Ebfj4MV-KFso44s2_NzsvYev5LWL-oBtvRaEtZdXjhyEmM7MZM5jBiBVznSiYF-6fAUqKFh5Z0zzk4s_pmS-ESRI9izPnM0o-oD4j1zg4l0_n-fV1ZPXKAnRSI7rFzYaino2qxGBQ76k8yMZb6R62jIsMkRHJbGrEVti9vB9T-f7oTzzWB_0aO5O4zwH9EXZNvrE4F20qxlmEyz3X7jVHVWcxnKEybPFXgDXCol3W8lGv1FltUcSdzCxOuRcsn5brfPdnPZy1gL99XLNYUnw-qQIyTwWGB23cnsuk5bxai_niX-1FoErAnWPHUUG1dM_9F2pPA9pqt9pJnMOD8eT5tnzlPuSJRWLjtTkshnaymda9WhYZPiJ_qu6R_ESjSku5eO6o_yHKYvuldMxMv7RXpsy_duSX08Q_9UbtRx2Skb8yIgn-8H9T4iaa-S47Q-wtLK3OCyUOGFPrloW2GTylDmyFyUWJJl4G4zQxI1lxdQ5yQyiQXLeoHO8qKm1NKdLLPnDWGC4hRM4duXoMBz1-RyN5Soa9-Ewz67h8cKbBC9p5vhfIlMkdXCnn-l_j5F4afijHFyl78qiVYs1YIPh0dVacgnKM8tSqzvwwa_qL1xOKHiXbeZLMJj583kVGhDjSSTnMTm7x4_i9z6V5VLJ-ndU3X91bby_RsgkqY7-umEIzgRdZGL-vNBzPDPcp7KNpT-eTD7fR-XoQhZY_xhEN8j0FJ9-zVKQALGBNbj4fUphhVs9FwPPwJBNB5FK5pufmQYNQK6TYfw4mtvvF_9UKKmQoOlw6Jr6Q0xouqJ91-rd9DHKxaqvYgn0xmlRCxnDpaG6_0i5vbzVFOr_nEJ8g6HsN9KXpTra6VIfP_-GLgE5wc-ImNiy_iuktFpuVdEKWoeVCosxXPl0bFRMScLbwSPfEvTZNKVTAk1Ps0c_nC2Q&cid=CAASEuRoW2JS63kKXjBvB1o3gLZnzw&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9237
x-xss-protection
0
server
cafe
etag
9463376652360951579
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:10:01 GMT
rum
dsum-sec.casalemedia.com/ Frame D74C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARih6-ioATAB&v=APEucNVS6o4_rjqjZpvcHQF3EpDmuP_RUXGJhGB5sUtKI8zSU2U_tSFtU93KwVVUZn7ijJsRhfugBJbuzb5D9wOWH0xDASO-hrr9Xqv4s724FF8HEFTAz8FLS8hyC-4t-PST6JpAghU7qeQnibFnlXsNZIXqXByyfbULkR_CUyT7pAbOstU4k_Jlr0THOmVNbEviSpL2V0i4uW9zDjJaLUJqbD_WaAchxA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 21 Sep 2021 13:13:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D74C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUnafZ1KjI8-kJ-6DsEOVAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
0
0
setuid
ib.adnxs.com/ Frame D74C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARih6-ioATAB&v=APEucNVS6o4_rjqjZpvcHQF3EpDmuP_RUXGJhGB5sUtKI8zSU2U_tSFtU93KwVVUZn7ijJsRhfugBJbuzb5D9wOWH0xDASO-hrr9Xqv4s724FF8HEFTAz8FLS8hyC-4t-PST6JpAghU7qeQnibFnlXsNZIXqXByyfbULkR_CUyT7pAbOstU4k_Jlr0THOmVNbEviSpL2V0i4uW9zDjJaLUJqbD_WaAchxA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:34 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
58a2471d-3abf-4304-ad8d-33ef421221c2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhuE0D313aPPAzrdmeXoKw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D74C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARih6-ioATAB&v=APEucNVS6o4_rjqjZpvcHQF3EpDmuP_RUXGJhGB5sUtKI8zSU2U_tSFtU93KwVVUZn7ijJsRhfugBJbuzb5D9wOWH0xDASO-hrr9Xqv4s724FF8HEFTAz8FLS8hyC-4t-PST6JpAghU7qeQnibFnlXsNZIXqXByyfbULkR_CUyT7pAbOstU4k_Jlr0THOmVNbEviSpL2V0i4uW9zDjJaLUJqbD_WaAchxA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 13:13:34 GMT
X-Proxy-Origin
216.131.111.27; 216.131.111.27; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6d11a744-5298-4780-bf08-91aa9f9baad5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxNzUzNzgyNTEyNDYwNTc5Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08F3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0wyfQPpppmfFt8afuxsf2kRcczBtK5LEu_bPGW6cUNbT4GO5_mxpqH9LcxpR7CAotRD7dbN0PQi1pZ_fV_q-X5MySmVvaA2H6P4wT_3YWxaZ8nFk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 08F3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:03:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:03:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 08F3 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1632137836110461"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 13:13:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 08F3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 13:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 13:05:19 GMT
l
www.google.com/ads/measurement/ Frame 08F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRS8BPjXMkouvioJIKPlCEZktxyydxPtLSnrjMabMx8O6WjDFMxYZGY2__Aw275GlN8by2m3GgiZQOv8gE_wMBhfyvLiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 976E 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi_6uioATAB&v=APEucNWakuOM5Mp7DoHq8DP1nXYzclekyRnb6XDgiq94ch30XYNjEgO9OLeHjYjVU0KUTQEkWTx_N6EWOAb3cb5QWQciKwSNBwQJ9iub7ji3DWmgBriVUtmrIWUfzZyl7J1cVkW45B0wEPZOiqoVNC2mYvbzNhlWT7BLUtD6CPdXLg18s_0rX92U5Tn85SfTk1VS8wPlNO1kKmiSyKKAc_SpqhWcUgpkhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvjgQEQ_aOOARi_6uioATAB&v=APEucNWakuOM5Mp7DoHq8DP1nXYzclekyRnb6XDgiq94ch30XYNjEgO9OLeHjYjVU0KUTQEkWTx_N6EWOAb3cb5QWQciKwSNBwQJ9iub7ji3DWmgBriVUtmrIWUfzZyl7J1cVkW45B0wEPZOiqoVNC2mYvbzNhlWT7BLUtD6CPdXLg18s_0rX92U5Tn85SfTk1VS8wPlNO1kKmiSyKKAc_SpqhWcUgpkhA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 21 Sep 2021 13:13:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 08F3 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Anv5b9hF7aar0kSMGWbcdGraQaOYtA8YZZa3n8xaT5ykeNoGG0IurdLCV273iLqNxLFWtOe1UEF2QulxVFhoBrjlZwPtDTNio63b2mrPbJvZLTn2t8OaH6VKewIY0AqBYDIQH3kCWHApWyB1RGE1n2PNXcwQ&dbm_d=AKAmf-Be1Jg94PdlTY36MlmIXXJjZiiLQxG9ohAQb2EBT_K4uI8AdXBtvBqbfgVIF6OgG0DzlUEDb4CR_clAiUhELAgAC84ijbxisjSS-QLilZd4-y7Kq5AKWGbsQrXmhuBHV0ftLW7ZP6Ar_EAmEQPeyX1ZAMZ0-Wy2ohsnAJWFqyqGGLCKE-VBj-RVCmIdiJ4qBLSLC0K2NdSpIJgzsLaBFotJX4knrCcGLQnfCzIElZG_bt6lCXOBESR3dWzLIwj03uj7w0dMjcNzHmgQTc6YS743NlOup_JrOXi18ocXdumnKZOnHwI--S1dcvxQ-HIJP-BUlLKfy3dKQ7U-6gOOdBzQLCyU_CwmZVk-g5mOycYQaK86oqRmIvBzIBhCvPEuR8oMvmM15VSXqaKwN77NvhTrGkZyJ6f8-QeRqk4t_2nu2UBLo6WF_Gs_aUpOP9ioe2kXPiH9pHxxSu4-71DEAuHAfBqKFeW2gr6k9-OqA8NkYBzTixtvKa28m2GAMm24Vo_UhwJF-Ptql7wJJV-SgXlZ2izV4kNHNzm_sPcq35PD8G5Fhr7yiDS5JfM9cI3_003LZS8xm_rFfeYAwhpBc9StsbkADSflGy-ZeYDJiZ_a9uI0yVM5D5NogEMuDex-6uEV3VeNKAcKicUAhVEkKbjQazMdeO43p3aWK0tw3fhBLPgXKNZb0GWLLw8aZh0NTJbYbRgYci35_hSfWjwzWHhk7H5KmnRScwbv3RlrKqSVi4vmlzfynJj2_8EHgUnoXfcgrl-FRMmL-QxCEfH9i_hM_bUNO-_nIe08XBXnoF69CRiJ1jEPEXbYCvCX6ZqlzC0qz0dzaxXFspvhuf9MSh7sjvphXzzJg0EN8IHXeCHimtx8PGBgG6iPG78tnraOniw9AhBzicsutNr-iJdrKiUWKDUJjYj3tUKBc-K1ACvsxeD7TGgCzHiRnFJ0FACqEt2jEiX3urZyE9LdsIQiic77SEPlN92ziwQSI5fIVr4plGChaNV9F-wlWy0EVrWPy-GIACfYWVGSnhLNQNah8qGsVkyZx3J-mzSuTZ_z7jLk55tAtjFJfuvbx1tW-jllmbNSKeBMMGwMN0oVbLOi849MpC8dsxYczPpA5eBcr3oz4ioGuE6IPZBOh_HJ6lAiIGHnyXu6Dw1yWN2eYy_QyQVWnzIMb9CetswGQHLdFS0J-bGHo6kOfAwVv79MAMNM1hlAUdwscA0LCkJzfAzHi0OVjzkkbJ1oI7tPoDgkiIteDr8xuIRNwysq56eG8uvfrLZXhHwVYFQIAo-8Nl3iYXFLLKtunt1Q3s1KIF0LDBUw1QVt00houUxg3Os7uXM0a1-Dq2Y8pBJyoDkrVHAYrB3N2fiUzhaHpy1lvYnpMwsKwcqI1S0pxHCwjAVpR8Id763Pq-3IHsmyJDCUTCGqzStcUvMrjK1VP7jZvIkh5et4tLwvsVbeyhbxaO7Hf7xkGfzLmlDuMT5VX408uY_sKDNkW4HeZu63dtv1EBcvN9DFcK4lmasO6S_v6jyivQaoI_Q7ZayDdpyVgyPqZctMWZBfBEtDGoZjhZdeiW3fOdNL5GSeQVgFITYqR5DQaSl05dR890j0kBHTE464Tpg8egZfiGir1cWMmIJ-Yp9aDK1r1FPoNK-1uVhPmw06ww9o0opT2jBnyIEQmCvoUA4lmb3bT5HTUdOYodyxPAVJGbJ3146b0DlHHQ5AZcZ2dBHpEVDop-mXv72J0SD3G7PJG2FIGJCHwy1yS7ZkTtKmxQW4ta5xrRLYa6J-knbrR3LXG7HlfGxvaekLmDQNVRqI-2as6wfdJDTegiwe74ipzwRtkBKdOSO2JCzzPdG6_zT_u9v7VKe1JOVZuHcKJbYAXWpREvNA03MA1AEXvpDGSLy1C1jOXJim4LnwTkzZhOO_IFIC0rFnE3UM4taIgcJW-xwuj5Cm9qWr12txkYUtnSDULhI0S-R9yZGiRMBrshDsIDjMuPtATRm_bWfxf1V-PFp56vFizoYo2aZy9ZlPFC_AbunmQoHq_H2iEM4nkvxVc5RVBWdoIN9rjlBctlBbzVij87t9uEkG8w4t5Swp0Owr1KUyUkCwX4mwtxaM_Bb-p8qMTZbip2Aeeye8lI-JVTRfxPrOGw--TYlVaP6b2LGTuxbxF2zzNzaTWG9Q4nMdtA_5yq-Rf9FiHyw7w-NrtQ4z77uSKDyaNxQh0hXHx8Q06oOcZnm062wHvZsEA0JaP1-cdKr3i-wFYO2yGFLtxQPdGdR6SHFSdttnozz9bW-rgMeaIy_dUvEAA7KfvAQOZMXHmUbZ2MHOK6qWv70kUiBvyZswp-W3BbkzyjqICEsW01Hr_gobW0MXhe7GbDfVWLtDpxBRF8MxdbsyzAdPxdXCTzurDOf6wB93aeCxYhTiS52MjX4BOiJrl9HIfPUxOxEaWtpWT38I5Z2DmG3649hr6czsHjMQWw3Hk18vjJWHg1-3dCYcVTsl8Rijrfi5zstsNkbNdEliXHD5Jk7msAnk9l6VpZ1y1kRRpTqYWwRqn0nJ4zodWQ4LI0OHGmNUe3EHvpUgsc1Cz_o8u4ZzS4u1OqR1wzt7oswb3L_5-uU3nXrYfOTSayJdzdcJ_6tcKpigKrw-XMQ-Un4nJ6ii_mL87c9rSu1U8w4y7jXRk9hV9t83ZKrp7aVjN3uXDzmy4tIlsMCzF1O93Cj7iX_T_wgzfizQzuLZWZIL-6W3q6LhVi1fTeqEiU_M8Z0Fpy6H85Jb8AXSA98mDf7-ueF_rQe4CtkrFx8uJJ9_MEiJHiuBt68fusRfXEWKc5NV_7e8psnyG3X8pEDamT1AiEDdJi0tkH1B5s7-OJlxaAgXxZYwa12NRGjMWhxRC72Mw88EQRggVhlj8k1UdFBusJx5Nxy9WY1beg9WtkLODf7rul2ImeVwzeX0lbv4VcgJoH6fHN_-hl8gAPkpLPX0BQqmc7OmermgdwS0hAt9BH2WxL0bQKFaV9g&cid=CAASEuRoS72w74FryaHxnnxVjM0ZEA&rfl=2%2Chttps%253A%252F%252Fsecurityaffairs.co%242%2Chttps%253A%252F%252Fsecurityaffairs.co%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013685&bpp=6&bdt=3640&idt=114&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1790206020&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=868&biw=1600&bih=1200&isw=320&ish=50&ifk=623843494&scr_x=0&scr_y=0&eid=44748553&oid=3&pvsid=498093175582371&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3a9za1mzcav4&fsb=1&xpc=9dnbP8XiTv&p=https%3A//securityaffairs.co&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 13:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F590 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4458 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696130&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1632230013&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F122293%2Fsecurity%2Fcve-2021-40539-zoho-bug-attacks.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632230013678&bpp=6&bdt=3612&idt=88&shv=r20210916&mjsv=m202109200101&ptt=5&saldr=sa&cookie=ID%3Dea6aaf5273f982c9-22d3a71d3ec90076%3AT%3D1632230012%3ART%3D1632230012%3AS%3DALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw&correlator=269952746191&frm=21&ife=1&pv=1&ga_vid=1352141922.1632230009&ga_sid=1632230014&ga_hid=1797809592&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=320&ady=2915&biw=1600&bih=1200&isw=300&ish=250&ifk=2542770202&scr_x=0&scr_y=0&oid=3&pvsid=2771682650165434&pem=158&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9djy68m81qqr&btvi=1&fsb=1&xpc=H8AabhhKhL&p=https%3A//securityaffairs.co&dtd=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 20 Sep 2021 21:06:15 GMT
expires
Tue, 21 Sep 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
58039
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F590 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 976E 		0
0
rrum
dsum-sec.casalemedia.com/ Frame 976E 		0
0
pixel
cm.g.doubleclick.net/ Frame 976E 		0
0
getuid
ib.adnxs.com/ Frame 976E 		0
0
csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
pagead2.googlesyndication.com/bg/ Frame E3CD 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C683 		0
0
300x250.html
s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/ Frame F853 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame F590 		0
0
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 08F3 		0
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame 08F3 		0
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 08F3 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=4e9fb397a60a1f94ccb51524dee6bbf2
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=4e9fb397a60a1f94ccb51524dee6bbf2
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=4e9fb397a60a1f94ccb51524dee6bbf2
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=4e9fb397a60a1f94ccb51524dee6bbf2
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7?gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/CNnuDB5hFi7e87r0PgA2rw?csrc=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnHg93ZBGoVp1L2n48tkvQ&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210916&jk=694293337181406&rc=
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=dePVytUeoT&t=1&renderingType=2
Domain
googleads4.g.doubleclick.net
URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9cTTWnlQ3zIvVCcCR7Cc9unZphPz3xpOMnScS2Ms_8w7tmi8tAeQTNo3-RKUBuQH5mefLyKaOc6YuFCrsR5za4lYGtcNYOO-pr9KtJjlbWm9sGzjFUkgUpXM9XXpufezimLM64XFCcMBwcNX4vLdpalwvSmUrwvBc35PxGI6AO3MasYrK5x9MhmW3C0T1XUtgWh7pk3-sttyF1zFk22EgHHugc69E6poqlYQyNtHbPdUUhQryepHCBc7VGVFD54mY24e420NoZkDBA6q-WI6_9-M4i0yPbjD1hv6JzDJeW4tADJHZ63kvFB9ybflXq_f_rrdXsdeNekxOdhFvcros5wpHOdpXvNnkYtz6fSgS3exVrANg7GfV3-Pqno3YtFq1G9RJ5AT9h7a57J1mruecJzBmChOyk6fF-SqHIF4vupYzGRV636jNHjsFR1cFFpSJApk_b7CovHUKVA1E0LpBsmTDDxcUKb9Nl55vFXjQyMB0EtyPuJNd6kmNYKyOYtlsszjI2Ivhq7nSIFEY9fNAZf2NvXRiEh5-rC1D74lDrX5qm8JtChehLxW66rfIrWYJZx2T3yL4BE4h6LQ1msymSJeX84v4Ki0D3BtuTA8aT_oNOiUESWOcrC4BM4eBUeC85Pot54jv3zBcDrlRpS7UipdrWs4acoThSU3Di1pT1CJpRgwoB759cGXJEFOmbbe33eCcJ19lNLQIjsrniP50f456-kAPgrVCvT-cCI3dOVLGvwtRd9Ya2XldAQQl7W5BrN-3JF7Sifo7oPK_PUvFfVKHhQNCKPAfuL8YCTw6kIhAgOItSFfSXipLRVaRNnO7zREEZAB6TLphGV07JdNNCm10hHvJ-nRerhihvO_pV61Df9Jn4KOdNbsmxfAotMJ8HWqPJCAJmH53kUL1z1AX_IWzayzpd3rYd9B3NeXNodkyCE0JuYNR6CiJTwpS7DvzOjOkpnqCBzt4VrkN0QZzgiG7q_O5knfL36To_-sXGC2lshBB3ubIfkCK2IHQ2icTReV69FID_briIhYnDZEKvIrxEyJoZtLbiU1dxfRkPjRHM0zyNybEzgKuI17IzNfHSaOLQVWernJYnLqJnSlJHY61I4St-Ossbr4tjLCSH4QCTZmw0dDOoEGtPD2TNUfqCbw8B6jeD3evTtIwjCKGzB84a5muKf6y9hY&sai=AMfl-YRJTTBjfeslAnOwlUSYj8r6sIAwGyTgQ8ChbRTzOt-3Hm-qgGVbkq_INYHp1-Gu-rSY_bIc6qKOdwXmiSo_9xhrgODQsxSDRP3njFrHc99lhBHY_TUo34T0OuZagV5ds0qM_Y88qu8332UMvUOjKi1SQU1kIA&sig=Cg0ArKJSzKf-u_V3ePoBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=138&cisv=r20210916.51105&adurl=
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/omrhp.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite.js

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect boolean| originAgentCluster string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion string| refQuery object| stLight boolean| st_showing object| st object| __stdos__ function| __sharethis__docReady object| __sharethis__ object| icwp_wpsf_vars_lpantibot object| iCWP_WPSF_LoginGuard_Gasp boolean| cli_flush_cache object| _mN object| _mNSrv function| setup string| _mN_Idf number| _mN_ctr string| _mN_ctrM object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| _mNadPrvLog object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture object| WPCOM_sharing_counts object| click_object object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| wp object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq function| st_go function| linktracker_init object| wpcom object| FB object| twemoji object| gaplugins object| gaGlobal object| gaData string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed boolean| isPending string| prebid_file function| findCMP_PixFuture function| pbjs_pixChunk object| pbjs_pix object| _pbjsGlobals object| mnet object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

167 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 98dda666-880f-489d-bf6d-89289b5d4b1c
.dy.si/ Name: ui
Value: j4Pz+uGTSEWqzbm6nVplVA==
.dy.si/ Name: _wl
Value: 63767826804956
dy.si/ Name: _wlb
Value: 63767826804956
engage.bah.com/ Name: articleShareClick
Value: %7B%22articleId%22%3A%22d8419884-1e27-4ada-a300-b1d083f9aad5%22%2C%22userChannelId%22%3A%2255427%22%7D
engage.bah.com/ Name: g
Value: faf3838f-93e1-4548-aacd-b9ba9d5a6554
engage.bah.com/ Name: c
Value: 260586
.media.net/ Name: gdpr_status
Value: 1
securityaffairs.co/ Name: session_depth
Value: securityaffairs.co%3D1%7C816788371%3D2%7C647633027%3D1
.securityaffairs.co/ Name: _ga
Value: GA1.2.1352141922.1632230009
.securityaffairs.co/ Name: _gid
Value: GA1.2.111632493.1632230009
.securityaffairs.co/ Name: _gat_gtag_UA_59069958_1
Value: 1
.securityaffairs.co/ Name: _gat
Value: 1
securityaffairs.co/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.co/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
securityaffairs.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
securityaffairs.co/ Name: _lr_retry_request
Value: true
securityaffairs.co/ Name: _lr_env_src_ats
Value: false
securityaffairs.co/ Name: cto_bidid
Value: Kf2XXV9vWWV1clhxd2FETEZ2RXBDYjVvcVJaTm9pUSUyQkRPUnhTZ3J5cGg1NU1TbG10amhaJTJCdXhqMmxiajRPUXgzSiUyRkxjSDlZYk5hSHQ0bklIMTQzTTRJWEdpUSUzRCUzRA
securityaffairs.co/ Name: cto_bundle
Value: ZZ5ojF9oQngyU0lCajNPQkdVWUZudk96TzBxR21kN0JNYVpVRVVWbjFwN1BtcSUyRlFhMyUyRk5odHJnTDM2Ulh3R1ZUYkpHVDhoSFVjMW1TZzNTSjl4S0N2c3QyTmhNZFhSSW5WQiUyQktEUDU2N1JnbiUyRks3MWpLMm9hdXNGNSUyRmhnOW5NV1RwZ3g
.adsrvr.org/ Name: TDID
Value: 008d8d84-4841-4a0e-9544-fbfb6fea018d
securityaffairs.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22008d8d84-4841-4a0e-9544-fbfb6fea018d%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-21T13%3A13%3A29%22%7D
.go.sonobi.com/ Name: __uis
Value: eb1366af-5e2c-408a-8918-c88aa5db75a9
.go.sonobi.com/ Name: _usd_securityaffairs.co
Value: 00f5d8ac-d226-4f16-bf51-28a54514e4f1
.go.sonobi.com/ Name: __uin_rx
Value: RX-90fbfd40-44df-4474-9e10-0658769e5197-003
.go.sonobi.com/ Name: __uin_an
Value: 7254671348349070441
.go.sonobi.com/ Name: __uin_tl
Value: 12278095240039962086
.go.sonobi.com/ Name: __uin_ox
Value: 0bf22929-8a9a-49a0-b0c7-b7315cc93aa0
.go.sonobi.com/ Name: __uin_vb
Value: eyJ0ZW1wVUlEcyI6eyJzb25vYmkiOnsidWlkIjoiZWIxMzY2YWYtNWUyYy00MDhhLTg5MTgtYzg4YWE1ZGI3NWE5IiwiZXhwaXJlcyI6IjIwMjEtMDktMjdUMTU6Mzk6MjguODEyMTg4OTcxWiJ9fSwiYmRheSI6IjIwMjEtMDktMTNUMTU6Mzk6MjguODEyMTg1NzgzWiJ9
.go.sonobi.com/ Name: __uin_en
Value: e749eb18-d925-4d09-98a8-e0c9899c206d
.go.sonobi.com/ Name: __uin_sr
Value: x-f18a2392-8787-40c5-aa51-c6d181f2eefc
.go.sonobi.com/ Name: __uin_bw
Value: 12c3138f-29f2-40f0-b147-74442c202b4b
.go.sonobi.com/ Name: __uin_pp
Value: DAasLcTMF6RK
.go.sonobi.com/ Name: __uin_mm
Value: b0346065-fbeb-4e00-ab0d-827e9aa0b3a8
.go.sonobi.com/ Name: __uin_ym
Value: mk6c707d8a-48a3-44ee-8de4-3a79a9fa2a1e
.go.sonobi.com/ Name: __uin_td
Value: 073b07f2-68a1-4888-a32e-33a5a13b0645
.go.sonobi.com/ Name: __uin_zt
Value: 1875819622778243922
.openx.net/ Name: i
Value: 3bf66590-671a-452d-ab2f-65c7539f4d08|1632230009
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: vis15
Value: 378734^1
.rubiconproject.com/ Name: ses2
Value:
.rubiconproject.com/ Name: vis2
Value: 378734^1
.rubiconproject.com/ Name: khaos
Value: KTU3LS2C-X-9ZUK
.rubiconproject.com/ Name: ses43
Value:
.rubiconproject.com/ Name: vis43
Value: 378734^1
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoAI6xQClvaDPatZmarlGKs8Vdw+9gcgdVP3+MeMVJWXAqbF9i1EU5J751PgjmsPd3gcRgjl6EitQhJSJ8nY+hF3OlDu/ORdD8=
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 1
.go.sonobi.com/ Name: __uir_eb
Value: 1
.go.sonobi.com/ Name: __uir_so
Value: 1
.go.sonobi.com/ Name: __uin_bp
Value: 1
.go.sonobi.com/ Name: __uir_bp
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 1
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|YUnaf
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: c608f17f-e248-40d2-ab4e-3e39c6acdf57#1632230007839#2
.openx.net/ Name: pd
Value: v2|1632230011|gekin0vNiygu
.360yield.com/ Name: tuuid
Value: 549b4841-6e21-4eae-beeb-5cb4d4254d44
.360yield.com/ Name: tuuid_lu
Value: 1632230011
.tapad.com/ Name: TapAd_TS
Value: 1632230011142
.tapad.com/ Name: TapAd_DID
Value: f0fea7c1-3389-4a94-b6ce-b4fd321d8a54
.semasio.net/ Name: SEUNCY
Value: BD403225BD10E6F1
eus.rubiconproject.com/ Name: pux
Value: 1512%3D102757%262249%3D102757%262307%3D102757%262974%3D102757%263778%3D102757%26idl%3D102757%26goog%3D102757%262249-DV360-Hosted%3D102757%26
.intentiq.com/ Name: IQver
Value: 1.9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUm0wbsBhv4_TupDGK2Dm4eaFDEwhr1ufYMgpsmtD9dcGSSod658mN46CPzT4mI
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: mc
Value: 6149da7b-3f4c4-394de-5789c
.mathtag.com/ Name: uuid
Value: b7bc6149-da7b-4c00-b03a-da8e5e1f022e
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 127D3C1A-1C70-4C7E-BA5B-E3BD9BE0FFB7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1633392000%3A201_197_219%7C1632268800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1634774400%3A203%7C1633478400%3A35%7C1632787200%3A15_2_223%7C1633046400%3A63%7C1633392000%3A71_22_55_99_231_3_7_204_220_56_166_234_81_189_21_8_88_54_222_13_230_161_165_176
.quantserve.com/ Name: d
Value: ENsBEQGmJPijCJiTAA
.adform.net/ Name: uid
Value: 180873488361116431
.adnxs.com/ Name: uuid2
Value: 4217537825124605792
.mathtag.com/ Name: mt_mop
Value: 9:1632230011
.bidswitch.net/ Name: tuuid
Value: f37eeaba-a6c2-4954-a2f1-91d13d620233
.bidswitch.net/ Name: c
Value: 1632230011
.bidswitch.net/ Name: tuuid_lu
Value: 1632230011
.gumgum.com/ Name: vst
Value: e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1
.onaudience.com/ Name: cookie
Value: 54c812cb2e8a0d55
.onaudience.com/ Name: done_redirects104
Value: 1
.go.sonobi.com/ Name: __uin_eb
Value: CAESEI_C0Q1sj5way3m1wM4-2Yc||1
.erne.co/ Name: u
Value: gsyGMIh3hph5WyNe23IwXhO5
.simpli.fi/ Name: suid
Value: A4FFE8C292CC40FB86F3587EEE0A819A
.taboola.com/ Name: t_gid
Value: ad92e27a-7984-463d-b900-e265687cbbba-tuct8435ffb
.yahoo.com/ Name: A3
Value: d=AQABBHvaSWECECMubHE86rTD7Ba8T2MYA4UFEgEBAQErS2FTYQAAAAAA_eMAAA&S=AQAAArl-3eCZXRtv1aPjTqiWhDM
.360yield.com/ Name: um
Value: !79,4a5dNCpoNCxBDQQn-5.L7CpRueNdUfcenbCWIUEQRwJNm.8vCnlRd6aEsOV7g2S4e8HtCV0u-EOdds-9,1640006011!313,4a5dNBkZ3Vk3zFdg74FVSOER7BvULB-8QitCXWmaZpAUYma1w-qZ30WfjB5Jh6qm98GAgQXb.GUACklv,1640006011
.360yield.com/ Name: umeh
Value: !79,0,1694438011,-1!313,0,1694438011,-1
.de17a.com/ Name: guid2
Value: 1.2955880079904287960
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~20j1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4217537825124605792
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&16514-CAESEAP6sZuQNAdLd_kYjZAKobQ&KRTB&23025-CAESEAP6sZuQNAdLd_kYjZAKobQ
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-gsyGMIh3hph5WyNe23IwXhO5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG&KRTB&22979-vUG4ze8Ru5amQ-rA6EShx7JE6JGmRbvMshP9MMPG
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2955880079904287960
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUnaewADOiMXtwAR
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&16736-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&23019-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e&KRTB&23114-uid:b7bc6149-da7b-4c00-b03a-da8e5e1f022e
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-180873488361116431&KRTB&23263-180873488361116431
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-008d8d84-4841-4a0e-9544-fbfb6fea018d&KRTB&22918-008d8d84-4841-4a0e-9544-fbfb6fea018d&KRTB&23031-008d8d84-4841-4a0e-9544-fbfb6fea018d
.adfarm1.adition.com/ Name: UserID1
Value: 7010374516811888786
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7010374516811888786
.turn.com/ Name: uid
Value: 2741627285496339598
.sitescout.com/ Name: ssi
Value: 506c93e5-9c06-492d-8ff1-e8419e7f9982#1632230011440
.bidr.io/ Name: bito
Value: AADbkU7Ck7UAACMi2IOboA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_f02b2456-5cb3-4a1e-a462-af8a6604a1a1
.britepool.com/ Name: _britepool_bpid_
Value: %7B%22value%22%3A%22fdc64cba-236b-4abc-b47c-b9b6bfdd26c6%22%2C%22expiryTimeMS%22%3A1636118011424%2C%22t%22%3A0%7D
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YUnaewADOiMXtwAR&KRTB&23194-YUnaewADOiMXtwAR&KRTB&23209-YUnaewADOiMXtwAR&KRTB&23244-YUnaewADOiMXtwAR
ads.playground.xyz/ Name: connect.sid
Value: s%3AmidKgi9Tvx_PwTACnqoWAtfrROpZQo5A.YIM3zWA7354jfop51rH238%2BaNN7lyfgS5gIJaN8Be9o
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTYzMjIzMDAxMTQ2Nn0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2741627285496339598
.adsby.bidtheatre.com/ Name: __kuid
Value: 4a153aed-af3a-43b6-8f2a-7a40c0eb1cb4.401444011
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-506c93e5-9c06-492d-8ff1-e8419e7f9982-6149da7b-5553
.onaudience.com/ Name: done_redirects147
Value: 1
pool.admedo.com/ Name: tuuid
Value: 6a41dce5-3755-4fd5-8683-eb6f548b3e19
pool.admedo.com/ Name: c
Value: 1632230011
pool.admedo.com/ Name: tuuid_lu
Value: 1632230011
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj859XC9ML-ORAFGAEgASgCMgsI2p_X8YrD_jkQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects219
Value: 1
ads.avct.cloud/ Name: uuid
Value: 60b078bb-2e7d-45eb-8dde-e0107139f4e9
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f37eeaba-a6c2-4954-a2f1-91d13d620233
.pubmatic.com/ Name: PugT
Value: 1632230011
.zeotap.com/ Name: zc
Value: 0f1278a1-1a5a-47bf-55cf-349f04ef37be
.zeotap.com/ Name: zsc
Value: %E7%A96%CC%00%9C%88%DBOp%97A%E0.%5E%09%22%9F%EA%7F%13K%19%86%DFt+%3A%25%3F%2B%15%9Eq.%FD%16%E3S%FF%FC%13cC%DCf%40%D2%F90%A17%257jae%B2%0A8%ED%CA%0E%CF%88y%AA%C1%02%D0qKJ%F9%21LD%B9%04%91%C1%E3%86
.tribalfusion.com/ Name: ANON_ID
Value: atns6EriItgP3PTReGiYj9HZajuOpgIdCKSCFPtXGBm0kjb5gGm4V7CteAIZdnRgZdf7j1cnAXCUZdUWYHUKdF5h
.mediarithmics.com/ Name: mics_vid
Value: 20907976079
.mediarithmics.com/ Name: mics_uaid
Value: web:1:9e4c52c5-5d3a-45f4-a470-ecdf63b7b16f
.mediarithmics.com/ Name: mics_lts
Value: 1632230011785
.id5-sync.com/ Name: 3pi
Value: 434#1632230007848#-2130512858|146#1632230008357#-1507248890|18#1632230008567#-1538323498|916#1632230007963#922205843|441#1632230008108#-1578504036|124#1632230008135#922205843
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 451e8e64910027ae
.smartadserver.com/ Name: pid
Value: 6011243408898996674
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADbkU7Ck7UAACMi2IOboA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADbkU7Ck7UAACMi2IOboA
.securityaffairs.co/ Name: __gads
Value: ID=ea6aaf5273f982c9-22d3a71d3ec90076:T=1632230012:RT=1632230012:S=ALNI_MYSg5aTu9xUcMRovH2woi-6ea0xfw
.casalemedia.com/ Name: CMPS
Value: 3229
.casalemedia.com/ Name: CMID
Value: YUnafZ1KjI8-kJ-6DsEOVAAA
.casalemedia.com/ Name: CMPRO
Value: 1138
.casalemedia.com/ Name: CMST
Value: YUnafWFJ2n0A
.casalemedia.com/ Name: CMRUM3
Value: 2d6149da7d2760CAESENnHg93ZBGoVp1L2n48tkvQ
.ctnsnet.com/ Name: cid_a3f7400ddecb4b65aac722a411360451
Value: 1
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129XAK9MmOMA2Nz0v0Dy4PTC5MCvctKwcAgM8hiR4AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNje3NLcwNzUxN7M0NTQ0MzIxMRbiM9RNNXL3dg_TjXA3c7eQ4jU0MzYyMjYwMDQ2MrAAALfkqsk0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNje3NLcwNzUxN7M0NTQ0MzIxMRbiM9RNNXL3dg_TjXA3c7cAAD1-e_MlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129XAK9MmOMA2Nz0v0Dy4PTC5MCvctKw_iNTQzNjIyNjAwNDYysHjFiMoHAHjNJ9E9AAAA
.ads.avads.net/ Name: av-mid
Value: 4bf7c9ce-1061-4c01-9442-5067e95cfaf7
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.m6r.eu/ Name: test
Value: true
.pubmatic.com/ Name: SPugT
Value: 1632230011
.m6r.eu/ Name: cct
Value: 1632230013312
.m6r.eu/ Name: id
Value: ab9024ddaafd954d3d2052ed934c89c6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-05300ce9-c1de-4f7b-7d15-a39bc1c26305.W6JnrEZ7jAScQbVtjvT3W%2BGa%2FbU2DCmtBx9iedr6ez0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-05300ce9-c1de-4f7b-7d15-a39bc1c26305%24ip%24216.131.111.27.5mvHeIQdXZRBf9gUjQZFE%2BCyGiZi1qWgOJZg2wP64xE

10 Console Messages

Source Level URL
Text
security error URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html(Line 511)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=4e9fb397a60a1f94ccb51524dee6bbf2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html(Line 512)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=4e9fb397a60a1f94ccb51524dee6bbf2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html(Line 513)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=4e9fb397a60a1f94ccb51524dee6bbf2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html(Line 514)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=4e9fb397a60a1f94ccb51524dee6bbf2'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://securityaffairs.co/wordpress/122293/security/cve-2021-40539-zoho-bug-attacks.html
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://securityaffairs.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGJmN2M5Y2UtMTA2MS00YzAxLTk0NDItNTA2N2U5NWNmYWY3&google_push=AYg5qPIyvGAJpP_k2dgnIHEzzVvowd5ZO373bPkxcxz9De0X98aF8ajdHxJse1wa5OtFYRsJ76io5b7flBHXLEiO23zXBNQBGDewAw
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.rlcdn.com
bh.contextweb.com
btlr.sharethrough.com
buttons-config.sharethis.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.pixfuture.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
csync.loopme.me
cvision.media.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dy.si
engage.bah.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
gcm.ctnsnet.com
google-analytics.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
l.sharethis.com
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixfuture2-d.openx.net
platform-api.sharethis.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.britepool.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
secure.gravatar.com
securityaffairs.co
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
static.adsafeprotected.com
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
tracking.m6r.eu
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s0.2mdn.net
sync.crwdcntrl.net
104.18.11.207
104.18.12.5
104.21.192.83
104.244.42.69
104.26.10.156
104.89.30.126
104.89.5.227
13.32.121.33
13.32.99.78
142.250.181.226
142.250.185.130
142.250.185.132
142.250.185.134
142.250.185.162
142.250.185.194
142.250.185.200
142.250.185.225
142.250.185.70
142.250.186.162
142.250.186.36
142.250.186.66
142.250.186.78
146.59.148.16
151.101.193.108
151.101.2.49
151.101.65.44
154.50.198.10
157.240.240.17
159.65.197.210
162.55.6.213
169.197.150.7
169.50.137.190
172.217.23.98
172.67.13.182
178.162.133.149
178.162.133.150
178.250.2.146
178.250.2.151
18.156.0.31
18.156.157.131
18.169.90.17
18.66.139.10
18.66.97.22
185.29.132.241
185.33.221.15
185.33.221.89
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.131
192.0.73.2
192.0.76.3
192.0.77.2
193.0.160.129
198.148.27.140
2.18.234.21
2.18.235.93
213.155.156.166
213.19.147.44
213.19.162.31
217.160.0.146
23.37.42.132
3.120.169.248
3.226.175.117
31.13.92.14
34.102.149.62
34.149.20.76
34.241.251.11
34.247.198.95
34.249.16.8
34.98.107.212
35.157.246.167
35.186.193.173
35.210.53.219
35.227.248.159
35.244.159.8
35.244.174.68
37.157.6.251
46.228.164.11
51.89.21.30
52.209.129.133
52.29.0.64
52.44.53.247
52.73.11.13
54.77.19.59
64.13.171.10
66.155.71.25
67.202.105.21
68.183.31.14
69.173.144.139
69.173.144.165
72.251.241.196
72.251.244.140
72.251.249.14
76.223.111.131
77.243.60.138
85.114.159.93
87.98.252.5
89.207.16.137
91.228.74.226
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
02ef58acaf576fbc7d21c12ea7c284a888060999831922ca937d7bd92bbd8060
05999befd49ad70a0d0648a08d12fa80206fa88822a907ff426f0eadcc437c1a
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0758ad694d2f74d096d49d79e32cb100eeb38dc6ff11c2f9a870de5eb5a35b5f
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdb519e9746b7b770969e860e0bbf41606bc4b814479ddd4f8688f2cafcc01a
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
1523ddaa632d195a1240668fb5c6870519e3cdfeabd5a346141bcbb03222e2e7
160725f0669b767a404c771a72ad89aa96e1616d0971af61d39994b2e5bf6abf
175437ab2d5703d39c01d0f479b19f9b1569bfb2cf43dca8cbf30ff962f0f48b
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
184a707c76a3d3b40bcbe02ed2ca125f25ed811ce9d0fc8ee0bc28ad523eb07d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1abb7da15e075154c1ce53f92d0cea61b873c03d4ce186bf73d813154c607e60
1b11f2c81cddaa0d12147ff5fbecdec023a921b64088411da37f81915b8b4b40
217087763cc2f9f8ad5e0f889b4c7f38ec3e056660923b002de3078aab12f9bf
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
29e095bc0a0496e0f4c3ef3d30d43114890008cb64702d1428e181f00de0db29
2af595b9a6bc5f87d7ed6a964ee113933cc3b36037b6f3fa1fb3e384f888a493
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2d32ff6fb6d3b507369e60077359d34ea6ddda9cfa22e818283e2c09881ef666
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
3112e23b29bd4efa653ddfcd406ad3beb33963b7452975c72e0cd47b424855b8
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
36a3b8cc21c2aa36f5eab65ee9f6489d77a3769c29c5336ecb0abdb4f001ccc7
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
3833feb2a43e5054ba5f4fe4dfd2232c1117e029c3efbe9f1984c2fc48bd0b7f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2b332fc17b435451acb8b9d786be723eba33ee737809eadb8aa919a1a93d15
3f9ede3ab2a8e57dd61afc5ab0c075b9a0f850022705fc190549aabf8b636a8a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
4152d77e351b9fb09d7790db23ec7a330dac32737749be09402580abed6c4150
438d5718d677eb0d1d809a25f3eb862110b5164ca622358274bea1012d5150c5
44abe3410418a547f3412ba93a94ffdfd1dbadf9c785418af8ef15d7877fa2c8
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
474776eb17d0e4ca038f4994076ede6f4017ecdf91eff0d3d074c3b7bb6a5a97
4ab65765b405f7599879aaa82504b293e9b216c5ef8828756cac7880f6ef0a67
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fc1644139e1ea770f0c7809c8b5952bdad3c54a546e7da606766e199eec321c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5256d55a499ecb71f04dd716cfdf75bf9fe5f863620ec6634e3b43b4e6b11fd8
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5478a58e273007bb37b0f168fdbaf319580f1bd42af6219320ef76e82e5b7808
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
5567b7605fb292b7fecb2606b7353a8a8c1d880cefc15de2f67e6f0998d8492d
5bddb0ce048b80cc54fb4dac134b835c13575e06cd0cf83f7bd1d008f4a44360
5c8bd0c2f891239145b9a187e6490a89c8af9f6b5224cea83884f6c5662d1b48
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5ff61d63d0aaf012059a32bc1a1dc630c7dc3bc25d838b0f4b3416417c1071ac
62c21e78f03fb7eb12c78fcd435c4543f67234388361ef541d197bdaf5cd2fff
641e7c97f7120b12a9ccf8f7b2f6066f5de79662c6b43c42f0200ba25af998fa
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
6828f1bdae5c7b89d801df314049a2d65159a4284ee530e5c848a153eadf8c87
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1
72c561fa658c163b0d597cc2eadd3cedca62712ef8aab4d7a1dcff790e60fa94
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
7739eefcdee8afcb00fbe9a35cc795fff0cff7092b10d56c4190484d42892433
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7982d925c88e8c36e31652485ce71249a84875f542c61c66affa217b2ae5abf1
7b62cab8c06bd5d44c37287e6c5eeb56055164df5696ee74b278ba5f186a4e0f
82cd5ddf774e3c30e08e538ee705703cb2e00e4509671cab4ab30da1ab57906a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac43663b3ab298ed3c79ca17210db31e3d4e96df1ddf7c6982baeecbbc3d1d4
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f96a42949b4f94a1f21a77ad77f4c1cc5cec85e3897fd7c6443d563633e0146
905457f17fcbf10e6c7dc8494ace0d839b39a21012febf78ef5ce2c163bd9842
9282ea078a317f764d3883e732d14a2e80575e437b710144396d453f5a19139a
928def7158d851fdba92f3cec12c441f32dd456744718a2d71c9f67c66cccc7d
9298439166d209c3ec659c77adc93960abc4bf6dbd1d8dfd8236c9d549933a8f
9386029f96e56c9e0ad9858b5e7bc96440669636cf6bb3a4c95a6b1e8d2b913f
95180d4a8fc66bf96641d3bc4dc1391e8e943a9242eebf4e05bb420be208a95e
97d71d9bbf25055de5a913fff7c46ad7cba0401de007cecd154f717babc3b945
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9c8a8cc233ec82f4d825279aa82384620ebc5f93168d783877048a50e53d2bb6
9e01b6e422cb01a818f04d491b41ba2886ebbf5b71ad7c12ee9ae15e62935736
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
a2f40ef82fbc0f5c544b020709847069965126b5378323fd2d5004f6f610b180
a4693a8fc5d568e72254284a2985d117e44605ab389e14d8d0521d2dd92ec024
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9adc5628e239c448cb4d6205994b4ff14bb8d497f578dcc507b00b7cd226450
aab8a7213ae099900c73e10038babec3652ba7e2c6f6d63ee19af911351b3de5
aba9b7158d4802fa22538abc53413e5d3ddb05bdb74aa991e39a670337d48fa3
acb780a3b993b70917b2ac759b6f85aaf456d537bbcea40cc95d85bec9c861ec
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0534210815c3c9ee7e1df828e0916d2997bf39db55466c2cb7353e423db4499
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
bc29c34d0738c5cb3f96585219667566799d9e142699e982f9406d5b04fa9794
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be234a16884f4b7536e792dbd8dbb471485adfa97bb935c5f62efdcea842627c
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c3f1a5ad6718156fa01232f60e191e9c5295703794644d7de3a3e21055437d50
c722c8fe00c0efaa2103dca182e0ca6c23f1c5ca7ffbcf4f835ae10415a87fdb
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cdb42a7328c629aba38eab96d2ef893bb9d6af7a77da1e8728d6ae62d8869676
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9b76f5559de92c2cc7df8fa751c09d9a3bbfada6123d975c75c4a093f8cfeb
d1d3821fcc13f5ed5eb68647c5492334b786ffb2640d70d9b4be7ed169e03a17
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
d2289cbce30e2fe366060334f7362d457db61cf0cdfcc60ce54e2fc3dc0e7679
d236eed9587f12322a00882066264ef4fe0648dae4f50dc397fa9020446b3acc
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d9166dbe2aab0210d104c36c312339e6d312c6da5455e64c577be393ad2b9eb4
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd93f327d26596fc02540f791f931612e8f9112f2d9d5115273d101eb40e9cea
e0bf842260dd5c9f94a62627fbc7c2bc556cdcc420d7ace97f816248d9bb2c3e
e1414ece4029a0c9a4bfa91c01f82a30e22017dfe940586e7b7039dfb402e06a
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
ea0b536a7617d6ca9391fa95562b9e0858fd71f1d60244e24344b367c9ea3027
ea9237999cb5776602a2ad4e94d7c7b6ba4a402e17e06ac7349e881c0ac97248
eba999334c6bfe6dc81a86947c27265ededb8379ee3e0fd9499da35316152612
ed84ac7d34ed9020ee36f97a3c11367c3c040f1a7a97c0f88f524fc38e184161
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f59beec2f0344ce89a96106b176cd996515640b8e7e629a10c9b52b882490b0e
f9fae20d30474c95bf8745df26cfa5c62803462a9ee57dd710c8266d7ece3f3e
fcb6eca8a48ea1b4a478052fbb67f0e473e4744dcd510ff0d3b973307af861c6
fd0d1be04239766d562629f6c7d75879d0c0bdf299b2464542dad6094d436f05
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd85608ed11e3c5f170be5e7af3b2d7a5b6ec738c066678a9cd7d38ce03d8e4a
fde35050b78767be55572ad92bfd6c357085e69dd8d95fef81176279256b23cf
ffe9fb05147ac3c04e21758191d648474f95758c677c3e4a87ca33933702443b