urlscan.io logo urlscan.io
SecurityTrails logo

threatpost.com Open in urlscan Pro
35.173.160.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/8lJFwsBe3n
Effective URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium...
Submission: On April 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 8 countries across 84 domains to perform 469 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com. The Cisco Umbrella rank of the primary domain is 147547.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.
This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.244.42.133 13414 (TWITTER)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
34 35.173.160.135 14618 (AMAZON-AES)
11 65.9.66.8 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
14 2600:9000:205... 16509 (AMAZON-02)
10 2600:9000:214... 16509 (AMAZON-02)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 185.85.15.23 200107 (KL-EXT)
5 65.9.62.173 16509 (AMAZON-02)
1 10 151.101.130.137 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
7 151.101.2.137 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
12 142.250.74.194 15169 (GOOGLE)
2 52.215.111.225 16509 (AMAZON-02)
9 18.191.18.57 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
2 6 2620:116:800d... 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
1 34.253.74.200 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
1 1 52.51.88.158 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 51.89.20.87 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 3.121.156.220 16509 (AMAZON-02)
1 19 35.244.159.8 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 178.128.135.80 14061 (DIGITALOC...)
1 4 216.52.2.19 29791 (VOXEL-DOT...)
4 52.28.203.152 16509 (AMAZON-02)
4 2602:803:c004... 26667 (RUBICONPR...)
4 13 185.33.220.100 29990 (ASN-APPNEX)
1 35.158.60.56 16509 (AMAZON-02)
9 3.248.114.100 16509 (AMAZON-02)
5 213.19.147.43 26120 (RHYTHMONE)
3 23.37.38.181 16625 (AKAMAI-AS)
3 185.64.189.112 62713 (AS-PUBMATIC)
1 3 147.75.38.124 54825 (PACKET)
26 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
1 64.140.160.2 18450 (WEBNX)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.157.246.167 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.230 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2600:9000:206... 16509 (AMAZON-02)
1 178.250.0.160 44788 (ASN-CRITE...)
8 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 52.215.248.120 16509 (AMAZON-02)
3 20 142.250.181.226 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
3 35.227.252.103 15169 (GOOGLE)
4 4 198.47.127.19 62713 (AS-PUBMATIC)
4 6 69.173.144.139 26667 (RUBICONPR...)
2 4 35.244.174.68 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 8 184.30.20.241 16625 (AKAMAI-AS)
5 184.30.20.198 16625 (AKAMAI-AS)
3 151.101.65.108 54113 (FASTLY)
4 4 185.29.134.244 30419 (MEDIAMATH...)
5 5 37.157.2.236 198622 (ADFORM)
2 7 35.71.131.137 16509 (AMAZON-02)
1 2620:1ec:bdf::44 8068 (MICROSOFT...)
3 6 13.248.245.213 16509 (AMAZON-02)
1 1 134.209.129.254 14061 (DIGITALOC...)
1 205.185.216.42 ()
6 23.79.143.124 16625 (AKAMAI-AS)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.65.142.105 16509 (AMAZON-02)
3 5 35.211.178.172 19527 (GOOGLE-2)
2 2 3.125.247.50 ()
2 4 52.215.3.215 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 7 209.54.180.3 16509 (AMAZON-02)
3 3 64.202.112.255 23352 (SERVERCEN...)
1 14 63.32.216.168 16509 (AMAZON-02)
1 67.202.105.21 32748 (STEADFAST)
1 51.38.120.206 16276 (OVH)
2 185.86.137.107 201081 (SMARTADSE...)
1 1 216.52.2.48 30282 (AS-INAPCD...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
3 178.162.133.149 60781 (LEASEWEB-...)
4 4 18.156.0.31 16509 (AMAZON-02)
2 169.197.150.8 ()
4 4 69.173.144.138 26667 (RUBICONPR...)
2 3 52.95.115.196 16509 (AMAZON-02)
1 2a00:1288:80:... ()
1 1 23.88.75.187 ()
3 185.86.137.133 ()
1 1 185.33.221.52 ()
3 4 64.202.112.159 ()
3 3 3.120.46.78 ()
1 1 52.71.178.197 ()
1 1 52.2.37.89 ()
1 132.226.63.138 ()
1 1 184.30.16.79 ()
2 2 3.248.155.194 ()
3 34.241.76.6 ()
2 2 213.19.147.45 3356 (LEVEL3)
1 1 198.148.27.139 ()
1 1 151.101.2.49 ()
2 2 23.37.42.132 ()
2 3 18.195.155.181 ()
1 1 124.146.215.50 ()
2 2 185.184.8.90 ()
1 178.162.133.148 ()
1 69.173.151.100 ()
469 105
2    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
34    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
threatpost.com
kasperskycontenthub.com
11    65.9.66.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-8.fra56.r.cloudfront.net
tagan.adlightning.com
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2606:4700:3030::ac43:cf70 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
14    2600:9000:2057:ca00:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.threatpost.com
10    2600:9000:214f:aa00:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.threatpost.com
11    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    185.85.15.23 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
5    65.9.62.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-62-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
10    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
lit.connatix.com
img.connatix.com
5    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
7    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    52.215.111.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
dpm.demdex.net
9    18.191.18.57 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-18-57.us-east-2.compute.amazonaws.com
capi-tier-2-us-east-2.connatix.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    34.253.74.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com
kaspersky.demdex.net
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
kaspersky.d3.sc.omtrdc.net
1    52.51.88.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com
id5-sync.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    3.121.156.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-156-220.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
19    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
teachingaids-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
gift-connect-d.openx.net
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    178.128.135.80 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
4    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
4    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
13    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.158.60.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
tlx.3lift.com
9    3.248.114.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
ads.servenobid.com
5    213.19.147.43 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
3    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
26    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:206f:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
2    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    2a02:26f0:3500:7::17d8:4dd2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
9582686.fls.doubleclick.net
26    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:206f:b600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
8    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.215.248.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-248-120.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
20    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
8    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
6    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
1    205.185.216.42 (None, )

ASN- ()
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a05:d018:d29:3605:2e02:fe1c:9c40:529 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.65.142.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-105.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    3.125.247.50 (None, )

ASN- ()
ads.creative-serving.com
4    52.215.3.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-3-215.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    64.202.112.255 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
14    63.32.216.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
pixel.33across.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2a00:1288:80:807::1 (None, )

ASN- ()
ads.yahoo.com
1    23.88.75.187 (None, )

ASN- ()
csync.loopme.me
3    185.86.137.133 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    185.33.221.52 (None, )

ASN- ()
secure.adnxs.com
4    64.202.112.159 (None, )

ASN- ()
sync.outbrain.com
3    3.120.46.78 (None, )

ASN- ()
pixel.advertising.com
1    52.71.178.197 (None, )

ASN- ()
sync.srv.stackadapt.com
1    52.2.37.89 (None, )

ASN- ()
sync.ipredictive.com
1    132.226.63.138 (None, )

ASN- ()
sync.technoratimedia.com
1    184.30.16.79 (None, )

ASN- ()
stags.bluekai.com
2    3.248.155.194 (None, )

ASN- ()
ad.360yield.com
3    34.241.76.6 (None, )

ASN- ()
usersync.gumgum.com
2    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
1    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    23.37.42.132 (None, )

ASN- ()
secure-assets.rubiconproject.com
3    18.195.155.181 (None, )

ASN- ()
cs.emxdgt.com
1    124.146.215.50 (None, )

ASN- ()
tg.socdm.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    178.162.133.148 (None, )

ASN- ()
go.sonobi.com
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
56 threatpost.com
threatpost.com — Cisco Umbrella Rank: 147547
assets.threatpost.com — Cisco Umbrella Rank: 399303
media.threatpost.com — Cisco Umbrella Rank: 354086
1 MB
55 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
643 KB
41 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
9582686.fls.doubleclick.net — Cisco Umbrella Rank: 340449
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
281 KB
26 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3428
cds.connatix.com — Cisco Umbrella Rank: 3539
capi.connatix.com — Cisco Umbrella Rank: 3917
lit.connatix.com — Cisco Umbrella Rank: 7406
ins.connatix.com — Cisco Umbrella Rank: 5944
capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 4444
vid.connatix.com — Cisco Umbrella Rank: 4140
img.connatix.com — Cisco Umbrella Rank: 4251
2 MB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 348
eus.rubiconproject.com — Cisco Umbrella Rank: 551
token.rubiconproject.com — Cisco Umbrella Rank: 669
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
41 KB
22 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 23504
rtb.openx.net — Cisco Umbrella Rank: 1485
u.openx.net — Cisco Umbrella Rank: 730
eu-u.openx.net — Cisco Umbrella Rank: 1942
us-u.openx.net — Cisco Umbrella Rank: 399
gift-connect-d.openx.net
4 KB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1523
rtb.gumgum.com — Cisco Umbrella Rank: 1242
usersync.gumgum.com
5 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
pix.eu.criteo.net — Cisco Umbrella Rank: 7880
csm.eu.criteo.net — Cisco Umbrella Rank: 7886
35 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 560
secure.adnxs.com
72 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1196
48 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 76
5 KB
14 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 795
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1133
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
ads.yahoo.com
6 KB
14 gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.gstatic.com
434 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
image6.pubmatic.com — Cisco Umbrella Rank: 610
ads.pubmatic.com — Cisco Umbrella Rank: 453
32 KB
11 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1406
255 KB
10 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2023
public.servenobid.com — Cisco Umbrella Rank: 4173
7 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 470
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
8 KB
8 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 45
707 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
2 KB
7 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14133
ads.eu.criteo.com — Cisco Umbrella Rank: 7887
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10325
gum.criteo.com — Cisco Umbrella Rank: 389
mug.criteo.com — Cisco Umbrella Rank: 2685
60 KB
7 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1309
sync.1rx.io — Cisco Umbrella Rank: 534 Failed
1 KB
7 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 566
eb2.3lift.com — Cisco Umbrella Rank: 325
3 KB
7 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3180
sync.serverbid.com — Cisco Umbrella Rank: 5979
1 KB
7 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 24025
324 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
245 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
www.linkedin.com — Cisco Umbrella Rank: 595
px4.ads.linkedin.com — Cisco Umbrella Rank: 4868
4 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5640
adservice.google.de — Cisco Umbrella Rank: 8069
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 962
pixel.quantserve.com — Cisco Umbrella Rank: 418
cms.quantserve.com — Cisco Umbrella Rank: 1104
12 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
40 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1219
rtb-csync.smartadserver.com
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
2 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 602
ce.lijit.com — Cisco Umbrella Rank: 908
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
388 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1004
go.sonobi.com
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 489
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 438
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 599
887 B
4 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1018
pixel.everesttech.net — Cisco Umbrella Rank: 3303
sync-tm.everesttech.net
1 KB
3 emxdgt.com
cs.emxdgt.com
468 B
3 advertising.com
pixel.advertising.com
1002 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 709
5 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1149
806 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1085
337 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1906
mp.4dex.io — Cisco Umbrella Rank: 2659
24 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1658
id5-sync.com — Cisco Umbrella Rank: 607
12 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
kaspersky.demdex.net — Cisco Umbrella Rank: 256293
5 KB
2 creativecdn.com
creativecdn.com
695 B
2 360yield.com
ad.360yield.com
624 B
2 deepintent.com
match.deepintent.com
60 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 873
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 782
694 B
2 omtrdc.net
kaspersky.d3.sc.omtrdc.net — Cisco Umbrella Rank: 233441
560 B
2 kasperskycontenthub.com
kasperskycontenthub.com — Cisco Umbrella Rank: 350744
1 KB
2 t.co
t.co — Cisco Umbrella Rank: 463
757 B
1 socdm.com
tg.socdm.com
687 B
1 contextweb.com
bh.contextweb.com
383 B
1 bluekai.com
stags.bluekai.com
1 KB
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
578 B
1 loopme.me
csync.loopme.me
242 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 725
754 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 841
814 B
1 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2431
1 bing.com
c.bing.com — Cisco Umbrella Rank: 230
594 B
1 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 906
324 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1381
689 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 938
3 KB
1 ipify.org
geo.ipify.org — Cisco Umbrella Rank: 63408
599 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 518
458 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 894
352 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 622
6 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1664
17 KB
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 134181
48 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 2814
363 B
0 liadm.com Failed
i6.liadm.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
469 84
Domain Requested by
32 threatpost.com t.co
threatpost.com
26 tpc.googlesyndication.com tagan.adlightning.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
26 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tagan.adlightning.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
20 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
g2.gumgum.com
14 assets.threatpost.com threatpost.com
assets.threatpost.com
13 rtb.gumgum.com 1 redirects g2.gumgum.com
13 ib.adnxs.com 4 redirects qd.admetricspro.com
cds.connatix.com
acdn.adnxs.com
11 www.google.com 1 redirects threatpost.com
tagan.adlightning.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
11 tagan.adlightning.com threatpost.com
tagan.adlightning.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
10 securepubads.g.doubleclick.net tagan.adlightning.com
www.googletagservices.com
securepubads.g.doubleclick.net
threatpost.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
10 media.threatpost.com threatpost.com
9 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
9 capi-tier-2-us-east-2.connatix.com cd.connatix.com
8 pix.eu.criteo.net ads.eu.criteo.com
7 s.amazon-adsystem.com 4 redirects eb2.3lift.com
ssum-sec.casalemedia.com
7 match.adsrvr.org 2 redirects u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
7 eu-u.openx.net u.openx.net
qd.admetricspro.com
eu-u.openx.net
7 static.criteo.net ads.eu.criteo.com
7 googleads.g.doubleclick.net tagan.adlightning.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 www.gstatic.com www.google.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 qd.admetricspro.com threatpost.com
qd.admetricspro.com
7 www.googletagservices.com threatpost.com
tagan.adlightning.com
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 eus.rubiconproject.com qd.admetricspro.com
eus.rubiconproject.com
g2.gumgum.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 eb2.3lift.com 3 redirects qd.admetricspro.com
eb2.3lift.com
6 us-u.openx.net 1 redirects u.openx.net
eu-u.openx.net
6 pixel.rubiconproject.com 4 redirects g2.gumgum.com
6 e.serverbid.com 1 redirects qd.admetricspro.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
threatpost.com
6 vid.connatix.com cd.connatix.com
cds.connatix.com
5 x.bidswitch.net 3 redirects eb2.3lift.com
g2.gumgum.com
5 c1.adform.net 5 redirects
5 ads.pubmatic.com cds.connatix.com
qd.admetricspro.com
g2.gumgum.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 tag.1rx.io qd.admetricspro.com
cds.connatix.com
5 www.googletagmanager.com threatpost.com
www.googletagmanager.com
5 cds.connatix.com threatpost.com
cd.connatix.com
5 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 token.rubiconproject.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 match.prod.bidr.io 2 redirects eu-u.openx.net
ssum-sec.casalemedia.com
4 pr-bh.ybp.yahoo.com 3 redirects eu-u.openx.net
4 sync.mathtag.com 4 redirects
4 id.rlcdn.com 2 redirects ssbsync.smartadserver.com
4 image6.pubmatic.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 adservice.google.com tagan.adlightning.com
9582686.fls.doubleclick.net
4 adservice.google.de tagan.adlightning.com
adservice.google.com
4 px.ads.linkedin.com 2 redirects eb2.3lift.com
4 fastlane.rubiconproject.com qd.admetricspro.com
4 ap.lijit.com 1 redirects qd.admetricspro.com
public.servenobid.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
3 cs.emxdgt.com 2 redirects serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3 usersync.gumgum.com g2.gumgum.com
3 pixel.advertising.com 3 redirects
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 sync.go.sonobi.com public.servenobid.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3 b1sync.zemanta.com 3 redirects
3 acdn.adnxs.com cds.connatix.com
qd.admetricspro.com
3 js-sec.indexww.com cds.connatix.com
qd.admetricspro.com
3 rtb.openx.net googleads.g.doubleclick.net
eu-u.openx.net
3 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 pixel.quantserve.com 2 redirects threatpost.com
3 prebid.a-mo.net 1 redirects qd.admetricspro.com
cds.connatix.com
3 hbopenbid.pubmatic.com qd.admetricspro.com
cds.connatix.com
3 htlb.casalemedia.com qd.admetricspro.com
cds.connatix.com
3 c2shb.ssp.yahoo.com qd.admetricspro.com
3 teachingaids-d.openx.net qd.admetricspro.com
cds.connatix.com
3 btlr.sharethrough.com qd.admetricspro.com
2 creativecdn.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com ssum-sec.casalemedia.com
g2.gumgum.com
2 sync.1rx.io public.servenobid.com
2 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
2 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
2 ads.creative-serving.com 2 redirects
2 pm.w55c.net 2 redirects
2 u.openx.net cds.connatix.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 pixel.everesttech.net 2 redirects
2 cms.quantserve.com googleads.g.doubleclick.net
2 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 partner.googleadservices.com tagan.adlightning.com
2 9582686.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 c2shb.pubgw.yahoo.com cds.connatix.com
2 www.google.de threatpost.com
2 stats.g.doubleclick.net www.google-analytics.com
2 id5-sync.com qd.admetricspro.com
cdn.id5-sync.com
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
2 img.connatix.com threatpost.com
2 dpm.demdex.net media.kaspersky.com
threatpost.com
2 kasperskycontenthub.com threatpost.com
2 t.co threatpost.com
1 pixel-us-east.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 gift-connect-d.openx.net serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 tg.socdm.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 csync.loopme.me 1 redirects
1 ads.yahoo.com
1 p.rfihub.com 1 redirects
1 ce.lijit.com 1 redirects
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 serverbid-sync.nyc3.cdn.digitaloceanspaces.com qd.admetricspro.com
1 sync.serverbid.com 1 redirects
1 public.servenobid.com qd.admetricspro.com
1 odr.mookie1.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 ads.eu.criteo.com 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 geo.ipify.org qd.admetricspro.com
1 analytics.twitter.com tagan.adlightning.com
1 rules.quantcount.com secure.quantserve.com
1 tlx.3lift.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 s0.2mdn.net imasdk.googleapis.com
1 cm.everesttech.net 1 redirects
1 kaspersky.demdex.net tagan.adlightning.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 ins.connatix.com cd.connatix.com
1 lit.connatix.com cd.connatix.com
1 capi.connatix.com cd.connatix.com
1 cd.connatix.com 1 redirects
1 media.kaspersky.com threatpost.com
1 bit.ly 1 redirects
0 i6.liadm.com Failed serverbid-sync.nyc3.cdn.digitaloceanspaces.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
469 151
Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
threatpost.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
assets.threatpost.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
media.threatpost.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
kasperskycontenthub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
media.kaspersky.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-23 -
2022-04-28		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
e.serverbid.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-17		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh

This page contains 70 frames:

Primary Page: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Frame ID: EE85FCC4E40D028270FAEBCCA82BE43A
Requests: 150 HTTP requests in this frame

Frame: https://cds.connatix.com/p/157363/connatix.player.dc.js
Frame ID: C601C9C1E5864ECCED58152EB92480B9
Requests: 23 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: BC4D78F7020BEBC3C76F1331325A7211
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: A933BB64B216F2F6DBA7F17EA6EC389B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: D4E75844A0578EBE35CB1AC4EF3F555C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: D180A52724843BC0DC44CFAACB0D3831
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3730DE00BFD6125D01BD566D19A44713
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4D8F4A95E6AF5A69D8F0B2F38D5822A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E83633BAD8D13A1758C059230B556254
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Frame ID: 27D7CD92DD23608189CC7A93128EC02D
Requests: 16 HTTP requests in this frame

Frame: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46391A07A7B319CD1E0BACF106A156D1
Requests: 1 HTTP requests in this frame

Frame: https://9582686.fls.doubleclick.net/activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Frame ID: AA4CEFFC0941675C1F27B3B25D12310C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9430C01BEB576A0D84D1C9D540601364
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5F54DA7AF140793FD521344D6290C3D
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Frame ID: 885B55587711D37EAC6BCCF1C885CE86
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Frame ID: 975EC0A2C8A10905D3140FF525C86D21
Requests: 1 HTTP requests in this frame

Frame: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D0B0CB73C941D5068F15164509BCFEFB
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Frame ID: 4A84CF8DB2AF08594E8207795E58CCBB
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Frame ID: F17C2328AD4599B0F1728F1D1603EF79
Requests: 14 HTTP requests in this frame

Frame: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0DB5574ABA184AC7A465C08E5D7EEB1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 3FF03DAAA903BB1AA4E715948469D75B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Frame ID: F22E0F2B3844F393062F420B4CF0C178
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 004D926F556860F047D9AAF13946E073
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Frame ID: 2D1809FC12CA897D8729116638A2FD58
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Frame ID: A05011F0472CB9146B0EE5436ADDDD1B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0B6E3593C521EF6924DB85A3B03F234A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 333FB74C4FCB0AACD4405E50F839903D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D9CBFE17452053CA581C6E8E73A52C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A2AEA66DF42806476273D1490124046
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E95BF4EEA3C6161734FF211038A2DBB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F22A2BF61CE96446B17B48CE1802E387
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 682E0ADAA7BA653283482F1F2B94017E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Frame ID: 0370FB03F3CC589E0D6CB3E6A1BFAF7A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Frame ID: 71E2B62B40E8345B3965C3CC104B4526
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 12A91D3B1E2B46B9D33990E285AEE5DF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D119DEBB90C511BDC885A43D4BEFA69C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 83390DFA19E60BFF83E43CE20D810F6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 1860A0424D9192D9F5339B11841F6614
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: C02ECF5881BEEFA661E4147BA0D88797
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 543550B852ADDC4B049B49255F731C30
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 397A81B98C1C354C5AF629FAD3DD7455
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 80C5FA0DF70B1AD4B22AD3AD8893EBD7
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E2A9EDF7DAE73AFF1034B4F13E75327C
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: E709B1A0BFD82D3A817643D9F760E530
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C39F6DE4B2E5EF8ADF44E1878FA92DED
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 04FF320146A71C743835C9FA38CA8489
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: 27BA77F647EB9095B336283C95836F19
Requests: 7 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: 2E04D0F11879017570FDC254A0533D47
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 78AB4D02FEF8D2DC8EB254FFDA66460E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CDC8C14B11B8D51D3154D392AD2FC608
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: CFDB2D5A365440C1BFE516EEE6572A55
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F103BEEC598BDF0AEF0D5618F6A74756
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: A058725E850985EAAEC002295EAADF1D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F7945E5A5CE00DB742A9ED8D640D6BFC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: E17177DAA8C73ED26DBB5566F4BB8B6A
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: CCA38123B24D82250249C3D3B84AC8A0
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=0&gdpr_consent=
Frame ID: A47F99CD2B54EAEE78C8F0D697B12900
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YkrsYQAAAFzv4gQS&gdpr=0&gdpr_consent=
Frame ID: BB43796E423CA190908CA43992A828BA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYzRmOWMwMy05OGJhLTQwMmYtYTZiYS0xNzEwNWRmOWU2NjU=&gdpr=0&gdpr_consent=
Frame ID: 3897DD548060725A481DE56DD633455F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9D8A9D07A3A4B66B72060B859310CB97
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=aec56716-60b8-45e2-ba5b-1871f829bba8&t=1651669353
Frame ID: 9F7ABD3C829EFE46F26008D38B60FFF6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6A311E0A230CBF5005505F8AD68D0875
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=1664355947555136799brt309291649077353087286f1
Frame ID: 35FB5AA95FDC3A545668C5ECFB7D1887
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YkrsacCo8X0AAC9eHBEAAAAA
Frame ID: E57D9DEA9B97A4D9FF8366D05C7ED0FF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=300sOgMA8FRdlTt13BQi&pi=gumgum&tc=1
Frame ID: E4D042EFE433DD823B3E6369D517E83F
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: D2E297FFF94CD1506BC0447C382C0083
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 8B40A28B7ADCEFA99B7698EEB6FEDF38
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: DA14B7BCF535D2A1CA5143BDEBF3C758
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: 9FC567B5E03EE45BD26CABC0D63BE25B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: AE0A1AE64B1D4954445D2C9138FCC3CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch | Threatpost

Page URL History Show full URLs

  1. https://t.co/8lJFwsBe3n Page URL
  2. https://bit.ly/3tD5yFE HTTP 301
    https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_sourc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

469
Requests

86 %
HTTPS

29 %
IPv6

84
Domains

151
Subdomains

105
IPs

8
Countries

6575 kB
Transfer

15317 kB
Size

109
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/8lJFwsBe3n Page URL
  2. https://bit.ly/3tD5yFE HTTP 301
    https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/157363/connatix.player.dc.js
Request Chain 98
  • https://cm.everesttech.net/cm/dd?d_uuid=31996850983410927710179151836438174771 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkrsYQAAAFzv4gQS
Request Chain 181
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_content%3Dnews%26utm_medium%3Drss HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1649077346714%26url%3Dhttps%253A%252F%252Fthreatpost.com%252Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%252F179103%252F%253Futm_source%253Dtwitter%2526utm_content%253Dnews%2526utm_medium%253Drss%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_content%3Dnews%26utm_medium%3Drss&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_content%3Dnews%26utm_medium%3Drss&liSync=true&e_ipv6=AQIfsdpLWwPPSgAAAX_0q2OxOXV9CdfjVDemuIU4mrcIfD6UH1WuigdT4JVpxs7kkhD9HQszrIglY2z03ACSSwmg6bqwoQ
Request Chain 189
  • https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews HTTP 302
  • https://9582686.fls.doubleclick.net/activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Request Chain 278
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 315
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIeWlOJun1sP8y1EnKmGB0ZEUsEVqg8wvRLDWAqZhgnwXKTrYaV5Zfj9xig98QIKVj2lsljJ-6BdWLgUFD6s27b0momyAC1&google_gid=CAESEKnWUTJIqf23fXlny1fS19k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPIeWlOJun1sP8y1EnKmGB0ZEUsEVqg8wvRLDWAqZhgnwXKTrYaV5Zfj9xig98QIKVj2lsljJ-6BdWLgUFD6s27b0momyAC1
Request Chain 318
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOW712sImf4ZZ656amWQx_4&google_cver=1&google_push=AYg5qPJQ_Qo3FpKQhnTN9p4gK2VuqANXhHJjbWSOQ_izNvT0lLuiUrgKCERjTgWh4-OiMTTO6D7rkwpFiSOHLdTv2L0w5k7f0ag HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOW712sImf4ZZ656amWQx_4&google_cver=1&google_push=AYg5qPJQ_Qo3FpKQhnTN9p4gK2VuqANXhHJjbWSOQ_izNvT0lLuiUrgKCERjTgWh4-OiMTTO6D7rkwpFiSOHLdTv2L0w5k7f0ag&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UgBsQFGhSn2EPopt8vqv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJQ_Qo3FpKQhnTN9p4gK2VuqANXhHJjbWSOQ_izNvT0lLuiUrgKCERjTgWh4-OiMTTO6D7rkwpFiSOHLdTv2L0w5k7f0ag
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJxuX_XMwJH0f1zuwmYmzoc&google_cver=1&google_push=AYg5qPJYjRj33u_1JK441o4NvHaHy-NVMtSijfsEw4hKLLRB_W1K5M5ekoUoLY9sGkAoHxPKBdWMaX5dQ7I_MbL0KdvsaQp1Jhs9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPJYjRj33u_1JK441o4NvHaHy-NVMtSijfsEw4hKLLRB_W1K5M5ekoUoLY9sGkAoHxPKBdWMaX5dQ7I_MbL0KdvsaQp1Jhs9
Request Chain 320
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_cver=1&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1
Request Chain 326
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJKaNAe-eizVe8_y5ciGHDjw86f_RSN9g71x5OfVJwQ0PH8MWx1PYiRfKv8cf-551SORBI64F_IrhgufKI-hErwN3AgyxE&google_gid=CAESEKnWUTJIqf23fXlny1fS19k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPJKaNAe-eizVe8_y5ciGHDjw86f_RSN9g71x5OfVJwQ0PH8MWx1PYiRfKv8cf-551SORBI64F_IrhgufKI-hErwN3AgyxE
Request Chain 327
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKkJ6I1HzOF3KBPanf-5R_X_JpNjmoy2GbpY-ebAWgESmALI0WUj_BQ21Bq0YHQ3-X-Ods4fnwJfd9QZ8CNrRKRbX93xv0&google_gid=CAESEL_LfPuUj6y0kPIm35-YiLE&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOXYq5IGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLa0o2STFIek9GM0tCUGFuZi01Ul9YX0pwTmptb3kyR2JwWS1lYkFXZ0VTbUFMSTBXVWpfQlEyMUJxMFlIUTMtWC1PZHM0Zm53SmZkOVFaOENOclJLUmJYOTN4djA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdjhpNmZaZUVVMTRhLWlFdkM2R05wRE00U2VIRHNjR2MyUFA1SGFFUWRhSQ==&google_push
Request Chain 329
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOW712sImf4ZZ656amWQx_4&google_cver=1&google_push=AYg5qPKS2HFZM_RLpicjJZ_Vu2fH-iUVG66qKzptlfCn6PTkcGmwxPuvCC4_nauX6VxLfacpVazyGu_yZBJ4MuuztizINb2xhnk HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOW712sImf4ZZ656amWQx_4&google_cver=1&google_push=AYg5qPKS2HFZM_RLpicjJZ_Vu2fH-iUVG66qKzptlfCn6PTkcGmwxPuvCC4_nauX6VxLfacpVazyGu_yZBJ4MuuztizINb2xhnk&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pE4oCbs0TLmvJ8Yu6sAvNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKS2HFZM_RLpicjJZ_Vu2fH-iUVG66qKzptlfCn6PTkcGmwxPuvCC4_nauX6VxLfacpVazyGu_yZBJ4MuuztizINb2xhnk
Request Chain 330
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJxuX_XMwJH0f1zuwmYmzoc&google_cver=1&google_push=AYg5qPLDF2Wn4fSGFcUkEU3HtD8F8YKfLllTzEpLAL-bTm6OD6hsxoikomJitFD00FQ510v2m2QUTGSTKJQi4M1ppxiBi6tYdLs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPLDF2Wn4fSGFcUkEU3HtD8F8YKfLllTzEpLAL-bTm6OD6hsxoikomJitFD00FQ510v2m2QUTGSTKJQi4M1ppxiBi6tYdLs
Request Chain 337
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=3Z3bsXxlOXJ3L3hER0FLRVpwTDRkWUxQcFdmR3JsZjhZKzloNWF6WVpNUG9pZUVZOWwzdHVYVWdTbTl5VFAzclZ3d0NrbVMvYU9Rc3lrRStBWmhNS1ZXY1BFTXU4TldQZG5zWGxQQjRleDBXbFNEQ0F1S1M4TWsvVGpqeUdvUk84T3JwUko0U3FVZWFSdE85cTE5MFJVZ0VOcHIrSFJ5N2ducllHNnhlSEVNemVsa2tmcFhBUDhCd3RlYitJVjhlZFR3S0x6VlRTbzA2WWJ2YWVQSUY3SFM0MGxNamZ1Z1ZPUmV0b0F4cU41R3JLYWRjPXw&cppv=2
Request Chain 349
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff8e624a-ec65-4d00-b348-4e33eb4c2ada
Request Chain 350
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
Request Chain 351
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4730746617753112390
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
Request Chain 355
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d91624a-ec65-4500-8419-8b05b61f5bd5
Request Chain 356
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
Request Chain 357
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8166380972068872673
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
Request Chain 372
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 374
  • https://sync.serverbid.com/ss/2000891.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Request Chain 380
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ncf50Y081NBmlO5
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=613af705-9966-4c10-bc6c-e2f98394d1e5 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=613af705-9966-4c10-bc6c-e2f98394d1e5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=cd207872-7f33-4be8-8857-735adcdd8257&ssp=openx&expires=30&user_group=5&bsw_param=613af705-9966-4c10-bc6c-e2f98394d1e5 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=613af705-9966-4c10-bc6c-e2f98394d1e5&gdpr=&gdpr_consent=
Request Chain 382
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1664355947555136799
Request Chain 388
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
Request Chain 390
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
Request Chain 392
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1003343697020636669915?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xNt5ER9E2oQ0fsqiPh5LaBwAAX_j97U0VtSxWwS5Vg--~A&dongle=0883
Request Chain 395
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1003343697020636669915 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1003343697020636669915&dcc=t
Request Chain 396
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 402
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1664355947555136799
Request Chain 403
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=c973407aa08308819fb7ad04
Request Chain 406
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5131077721067698872
Request Chain 408
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=4b5900e0-cf97-4ace-9daf-16205d8ea36b&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 409
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-0PTNXalE2uGAglUN0PwlhC6xKz3gikfI0veEky8-~A
Request Chain 410
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&dcc=t
Request Chain 413
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkrsZT8zjabB7Ro.6wDdUQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBh8f1f7B-traY2u6N6XWcU&google_cver=1&gdpr=1&google_hm=2
Request Chain 417
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=1&gdpr_consent=
Request Chain 419
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1KQ2NT8-N-2BVI
Request Chain 421
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ
Request Chain 422
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NPWhYqKdRc2aQk_Crn4o0Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NPWhYqKdRc2aQk_Crn4o0Q
Request Chain 423
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0foRY9Z-TjiAOsJ4T2T5Aw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0foRY9Z-TjiAOsJ4T2T5Aw
Request Chain 425
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1KQ2NT8-N-2BVI&sigv=1&esig=2~9d37c0f2caf936b7f4b787e61de036618d862690
Request Chain 426
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/oUucJH6nmMYWeHRoTdEoXQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3098776790394225786
Request Chain 429
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=28d3328f-2efd-4242-89ba-438a57aa0241&gdpr_consent=null&gdpr=0
Request Chain 430
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8166380972068872673&gdpr=0&gdpr_consent=
Request Chain 431
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFFWE7EldkAADcMNZDlzg&gdpr=0
Request Chain 432
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1664355947555136799
Request Chain 434
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28YLgQhxftzadEKioEw3xWEcKmsWUlj2HtOFYkwluEOu4EACJpj2C8JSJGceu7UQPQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28YLgQhxftzadEKioEw3xWEcKmsWUlj2HtOFYkwluEOu4EACJpj2C8JSJGceu7UQPQ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ac4f9c03-98ba-402f-a6ba-17105df9e665&obuid=ENC(YLgQhxftzadEKioEw3xWEcKmsWUlj2HtOFYkwluEOu4EACJpj2C8JSJGceu7UQPQ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
Request Chain 435
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=d7726b72-088b-4c68-ab6d-8ae93b481474
Request Chain 436
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-ae3f4c31-88f5-487a-745b-9c383c23faf1$ip$84.19.175.183
Request Chain 437
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-9LERLFRE2pctysAcCCR7XzTlMLr_Qew4OsJN~A
Request Chain 438
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=7df94c00-b417-11ec-aad8-9f94043e2d80
Request Chain 441
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ac4f9c03-98ba-402f-a6ba-17105df9e665&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=8XMS5r-ad0ECWazPbaCL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OCYJVJTK4RNMFSDARKDK5QXUUDCMFBUYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OCYJVJTK4RNMFSDARKDK5QXUUDCMFBUYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=8XMS5r-ad0ECWazPbaCL&us_privacy=1---
Request Chain 442
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=657386e7-9a55-427f-8af0-564a55c330a3
Request Chain 443
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1649077352469 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 444
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=lx70ravrAiYt&ev=1&pid=558355
Request Chain 447
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=0&gdpr_consent=
Request Chain 448
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YkrsYQAAAFzv4gQS&gdpr=0&gdpr_consent=
Request Chain 451
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=aec56716-60b8-45e2-ba5b-1871f829bba8&t=1651669353
Request Chain 452
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 453
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=1664355947555136799&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&uid=1664355947555136799brt309291649077353087286f1
Request Chain 454
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YkrsacCo8X0AAC9eHBEAAAAA
Request Chain 455
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=300sOgMA8FRdlTt13BQi&pi=gumgum&tc=1
Request Chain 459
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 463
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1664355947555136799
Request Chain 464
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YkrsZT8zjabB7Ro.6wDdUQAA%261153
Request Chain 465
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c973407aa08308819fb7ad04
Request Chain 467
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
Request Chain 468
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
Request Chain 469
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D HTTP 302
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab HTTP 303
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab&_li_chk=true&previous_uuid=b15eeae7212e4eec900d979de76c507f HTTP 303
  • https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab

469 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8lJFwsBe3n
t.co/ 		221 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/8lJFwsBe3n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
175
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 13:02:21 GMT
expires
Mon, 04 Apr 2022 13:07:22 GMT
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
c00e2554b4a38861e6ca1d1c7222bb677029dadf0ff6be393ec96dc25f252e45
x-response-time
123
x-xss-protection
0
Primary Request /
threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/
Redirect Chain
  • https://bit.ly/3tD5yFE
  • https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
90 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Requested by
Host: t.co
URL: https://t.co/8lJFwsBe3n
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1a10f9fa7c2fb4c634ffe3409b7b2ea3e11135e7a6e58ee930c25603ad19baf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/8lJFwsBe3n
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:23 GMT
Link
<https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/179103>; rel="alternate"; type="application/json" <https://threatpost.com/?p=179103>; rel=shortlink
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Debug-Auth
off
X-Frame-Options
SAMEORIGIN
X-Request-Host
threatpost.com
X-XSS-Protection
1; mode=block
x-cache-hit
MISS

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
235
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 13:02:23 GMT
location
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
referrer-policy
unsafe-url
server
nginx
via
1.1 google
museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
"624ab72d-3ca8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15528
museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:26 GMT
Server
nginx
ETag
"624ab72e-5124"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20772
museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:28 GMT
Server
nginx
ETag
"624ab730-3dcc"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15820
museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
"624ab72d-51a4"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20900
museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:26 GMT
Server
nginx
ETag
"624ab72e-5c74"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23668
museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
"624ab72d-5194"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20884
museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
"624ab72d-5bac"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23468
museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:28 GMT
Server
nginx
ETag
"624ab730-51b8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20920
museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:28 GMT
Server
nginx
ETag
"624ab730-5b34"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23348
museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:24 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:26 GMT
Server
nginx
ETag
"624ab72e-50c8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20680
op.js
tagan.adlightning.com/math-aids-threatpost/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d94a0f51bade076fa154e469f12563fcee377fd94d79ca6d080d231e0e8b1d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
HkG2Wiu3pjH4_E8Lal0CHGT1z3YrEXeV
content-encoding
gzip
etag
"c4d48c8dc1b5ae975f43aaa90c2be257"
age
550
x-cache
Hit from cloudfront
content-length
18353
x-amz-meta-git_commit
7b120a5
last-modified
Sat, 02 Apr 2022 00:32:20 GMT
server
AmazonS3
date
Mon, 04 Apr 2022 13:00:55 GMT
content-type
application/javascript
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
OnMUneU6wBq5EEdWb5lpp6Mzw85FyxWdM5kAI8xpbebKI9xo8dGIhA==
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f10d6df70aeb2a13a4dbc1884367e40efee7505ca85f7e600662649de16c56c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28207
x-xss-protection
0
server
sffe
etag
"1177 / 130 of 1000 / last-modified: 1649070439"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Apr 2022 13:02:25 GMT
ros-layout.js
qd.admetricspro.com/js/threatpost/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a647d79b31b4b19f30c795aac862bcf5b424731c732e239775127b8ac4aae0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Mar 2022 04:05:55 GMT
server
cloudflare
etag
W/"67e2-5d9c136d2119a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQJ30To8zSL6ALwJO3nBRNDzuPr3fqIPtzpIJJrhB7JD1RLCsmYJaOmYywGB53GxzUnBgP6bgNPuQqxZY3Dk4XH%2FOhGa4xreu5n9Uztw%2BBhNVb8Vch2H4hPSClKk7dEB%2FpzgoYwSppPZHTGFIIAEPW48"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6f6a3cf7cc2768ef-FRA
expires
Mon, 04 Apr 2022 13:09:07 GMT
cmp.js
qd.admetricspro.com/js/threatpost/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqt71iMx7GNmcjxITTICyYem9wpHypN1gWREi%2FhLTwKjNtUwE%2FKOlGUehnyQ35J4SVI9%2FzPvmw3Np8lfkyEjpa5UHXZLreako3E8heNXvJq6J6h5SjKVoHyRh3YmBhsWbMrRinC3d0Tgp4suUicaAmP1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6f6a3cfeb92868ef-FRA
expires
Mon, 04 Apr 2022 13:08:13 GMT
uspcmp.js
qd.admetricspro.com/js/threatpost/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw6zvrneZW6f7ICRbSqGaRHFjZLhVJbrVyDkkhsvdPdjUWiRZyv2y%2F6zOVYWisp3MjziO3wtANgbm%2FaIP0AxFPV5QVQoBDrDehR3t0NLkFY6i0tDAmd6FEfjL0mZteEBxtq1oV8LlppAzHa0jWajtQjV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6f6a3cfeb92968ef-FRA
expires
Mon, 04 Apr 2022 13:08:18 GMT
targeting.js
qd.admetricspro.com/js/threatpost/ 		393 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 21:50:12 GMT
server
cloudflare
etag
W/"189-5c8c2c96f96c7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75qAAqd138ozoBKJHt44N0BlwOL9aBjQW8kWRNZ%2BufHvx9S9Rz7C9CvpAcwmQcSg%2FjEhFCaRrlmeYabrumfr7o5pdbr8jxmul1KQZjW4xa8Cnos%2B5%2Bcl6A5FjZSo3Zc0vrrlNfBfUgRNwa1J8BoSgZY%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6f6a3cfeb92c68ef-FRA
expires
Mon, 04 Apr 2022 13:08:18 GMT
prebid.js
qd.admetricspro.com/js/threatpost/ 		430 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Oct 2021 15:35:01 GMT
server
cloudflare
etag
W/"6b738-5ce51d26ef74c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaDRHMiVdQSKHHoyfEcHjZAUhq4G%2FbsVy0fHLdfVL2T597U05vWHkxEGWAkqiP13C931iwcj3zG33fOPyBH562cg5lSQ%2By2iXsi%2Bi4XP9xCWh%2BPe%2BSI%2BcV3qP2iGIUx7TT3qxdNmRFHyzjbeSiLIoxps"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6f6a3cfeb92d68ef-FRA
expires
Mon, 04 Apr 2022 13:08:51 GMT
engine.js
qd.admetricspro.com/js/threatpost/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/engine.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Jan 2022 02:31:38 GMT
server
cloudflare
etag
W/"8cae-5d64ac49b9c1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSau7fLhi14PTCmKiMepNxL%2F64Xvy0c6rTgsqoky7H7ID8DHEvfgldq9iwF5%2Bxe1XqO0%2BCNsgXfkTVQ1IlwtyuBH1DUopVeAhhPMFfsf5RHSKKHy14icvHFXWpMNRREWx4l6NZXoxFRZosJQLsWkJ1Gi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6f6a3cf7cc2c68ef-FRA
expires
Mon, 04 Apr 2022 13:09:14 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		294 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
42696
x-cache-hit
HIT
last-modified
Mon, 04 Apr 2022 09:15:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
Cte0McwQDv2CFG2pS9BPvIyzZT4REChP0E_SZUQUjd9AJa7TE-1lFg==
expires
Tue, 05 Apr 2022 09:18:00 GMT
jquery-1.12.4-wp.js
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:27 GMT
Server
nginx
ETag
W/"624ab72f-17a56"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:24 GMT
alert_text.js
threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/ 		107 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js?ver=1649063725
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-6b"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:24 GMT
alert.js
threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js?ver=1649063725
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-104a"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:24 GMT
public.js
threatpost.com/wp-content/plugins/honeypot-comments/public/assets/js/ 		116 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/honeypot-comments/public/assets/js/public.js?ver=1.0.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
931dc539e87db7f509be9c77dfcc9b2baee0b91e5236aa04580ab14ed81e2cc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jun 2014 19:20:42 GMT
Server
nginx
ETag
W/"5398ac0a-74"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:24 GMT
kaspersky-twitter-pullquote.js
threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/ 		599 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-257"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:24 GMT
loadmore.js
threatpost.com/wp-content/themes/threatpost-2018/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/loadmore.js?ver=5.9.2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-11e7"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:24 GMT
social-share.js
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js?ver=1.0.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-484d"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
chrome_bug.png
media.threatpost.com/wp-content/uploads/sites/103/2022/03/25091849/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/25091849/chrome_bug.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02f9d93789c1c6eb90e5a580da466fb57aa49759c8a2caac2a945744eb66f60f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:20:05 GMT
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 25 Mar 2022 13:18:50 GMT
server
AmazonS3
age
862941
etag
"67d9ff812dfd90afe68ab2556074c911"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
38095
x-amz-cf-id
7YUOWr2WSjvcNhTnl8qwZ18Ds_N7ip15RQKEIqEd-fNqXo7OAnTsiQ==
expires
Sat, 25 Mar 2023 13:18:49 GMT
apple-with-bandaid-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/10/27115334/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/10/27115334/apple-with-bandaid-540x270.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84bd5c5ee263222372ea62269eb1814c32b3a241bd37fcb5d6b7c5584590c8ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 10:41:19 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Wed, 27 Oct 2021 15:53:39 GMT
server
AmazonS3
age
526867
etag
"c0525d43b32f781b689054a198fedaa7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
17027
x-amz-cf-id
al-EaBAuJuFKex8mdRhYlcefdci46snEor-KjAapfdOCVduT9YXAaA==
expires
Thu, 27 Oct 2022 15:53:38 GMT
api.js
www.google.com/recaptcha/ 		852 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8fb4a4f4521a94032afdb851a8612f898a1e8a40705d06df03ddfa932d3ca274
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 13:02:25 GMT
scripts.js
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-828"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
api.js
www.google.com/recaptcha/ 		852 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
68cc26362c0cc4baa161311ed8f92a440624b120f844cecef402a4c7f94bf39d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Mon, 04 Apr 2022 13:02:25 GMT
main.js
threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js?ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-ab4"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/ 		172 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.2
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
9e89048f0456e3b02cedb7cf76410b3576a32bad0f1cc024640f01e1339b3a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"8044e984f147d81:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
alt-svc
h3=":443"; ma=86400
content-length
49271
x-xss-protection
1; mode=block
last-modified
Mon, 04 Apr 2022 06:59:25 GMT
server
x-frame-options
SAMEORIGIN
date
Mon, 04 Apr 2022 13:02:24 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
fr1/FRA2
accept-ranges
bytes
x-content-type-options
nosniff
main.js
threatpost.com/wp-content/themes/threatpost-2018/assets/js/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/main.js?ver=202107061113
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0b5563ff1fc5175d65e11e1546bee1945486d65d76c9248bdd77487532dadf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:26 GMT
Server
nginx
ETag
W/"624ab72e-1c643"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
regenerator-runtime.min.js
threatpost.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 00:51:39 GMT
Server
nginx
ETag
W/"622a9d1b-195e"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
wp-polyfill.min.js
threatpost.com/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 00:51:39 GMT
Server
nginx
ETag
W/"622a9d1b-4b3d"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
dom-ready.min.js
threatpost.com/wp-includes/js/dist/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 00:51:39 GMT
Server
nginx
ETag
W/"622a9d1b-4e9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
hooks.min.js
threatpost.com/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 00:51:39 GMT
Server
nginx
ETag
W/"622a9d1b-163a"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
i18n.min.js
threatpost.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 00:51:39 GMT
Server
nginx
ETag
W/"622a9d1b-28a7"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
a11y.min.js
threatpost.com/wp-includes/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 00:51:39 GMT
Server
nginx
ETag
W/"622a9d1b-bfd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
jquery.json.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-730"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
gravityforms.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69f0ade8cca67112ef495f707fb73c68fd5099a6cd9c51d9ba9ceda8dcca16f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-abe0"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
conditional_logic.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
W/"624ab72d-213f"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
placeholders.jquery.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
public
Date
Mon, 04 Apr 2022 13:02:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 09:15:27 GMT
Server
nginx
ETag
W/"624ab72f-121f"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Mon, 11 Apr 2022 13:02:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.62.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-62-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
511
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0A9Q6WEPY226WTH995NS
date
Mon, 04 Apr 2022 13:02:25 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XWXOAX3MiypLpsGTZc-Nes7Yx2QlTBdTLkOd1kH40gLH3NXcFtGEPw==
connatix.player.dc.js
cds.connatix.com/p/157363/ Frame C601
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/157363/connatix.player.dc.js
858 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/157363/connatix.player.dc.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ac2e8b703898e10c303ba046d2ab970637e88801cbc4cdda6585e61b6f9b01b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:24 GMT
content-encoding
br
last-modified
Mon, 04 Apr 2022 11:50:13 GMT
fastly-original-body-size
879015
age
3918
etag
"e2a47e99d492d2432a43ae24aeccf37d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
204758

Redirect headers

location
https://cds.connatix.com/p/157363/connatix.player.dc.js
date
Mon, 04 Apr 2022 13:02:24 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
fastly-original-body-size
0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/157363/ Frame C601 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:24 GMT
content-encoding
br
last-modified
Mon, 04 Apr 2022 11:50:13 GMT
fastly-original-body-size
165383
age
4111
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
/
kasperskycontenthub.com/ 		0
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=1694928002&back=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:25 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
x-cache-hit
MISS
Transfer-Encoding
chunked
X-Debug-Auth
off
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Request-Host
kasperskycontenthub.com
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa2ac853e14f092148ab831e2e5805f1d1e36f104497830866d5ccc53171f47f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61807
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 13:02:25 GMT
gtm.js
www.googletagmanager.com/ 		503 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e61a23517fe663c24700bfd537832559c0537236ea6a276453c6b90f7db2504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119632
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 13:02:25 GMT
icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:25 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
"624ab72d-328e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
12942
icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:25 GMT
Last-Modified
Mon, 04 Apr 2022 09:15:25 GMT
Server
nginx
ETag
"624ab72d-328e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
12942
logo.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:26 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72e-4a32"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18994
x-amz-cf-id
-rnI_QIkRn5EKIuqZujUiaDfrKm0FE2Qixjj0j-biv_0Me1VSwL8JA==
expires
Mon, 11 Apr 2022 13:02:25 GMT
museosans-700-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:26 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72e-51a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20900
x-amz-cf-id
KIToQDM5xid3d3U2rHiA7Vbv0qjlKEOhQeaUUjEbDdleMmVj9vS6ow==
museosans-100-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-50c8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20680
x-amz-cf-id
SuDLAH6PGLv_Os44jSBH_fvm4jQfYeZNgdvcMWjXz5yrcD4EzrgUuA==
museosans-300-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-51b8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20920
x-amz-cf-id
D76qTJY-qtwhtkC6o_j8hiUuyEIb8kUY0mGumnw28pjgDGAbpi8ptg==
museosans-500-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:26 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72e-5194"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20884
x-amz-cf-id
YyCTKygoyiQDA-ehH3I6SQah42gsQQ7BSKgmpqG-tmrGsdG6o-dHCg==
Liz-Montalbano-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095657/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095657/Liz-Montalbano-headshot.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
369c67a5afb2ffa25d4480b3781a938e7fe7c5633f89d36570e2c1cc23c49eff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 10:59:52 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 15:45:08 GMT
server
AmazonS3
age
3895354
etag
"09775ac22fdd614b1588724aaef06c61"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
78876
x-amz-cf-id
8u_Z52qVKnK78Pk1K0UfSnbkx38DQ1OV_5lhZQfvzpb7vfpMLs34sg==
expires
Wed, 11 May 2022 15:45:07 GMT
mail-plane-light.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-33c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
828
x-amz-cf-id
ewgWO1egCWME_KLpyMto39U3idj-TBmqB0_BhSij-pVh9AStkzb1kQ==
twitter-blue.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:28 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab730-364"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
868
x-amz-cf-id
s6lbh8mRpgkL0UxYKQacqn1way8-fy0OXlgYAqUuQpiwNMwWwpXVzA==
museosans-700italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-3dcc"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15820
x-amz-cf-id
mq2mrVfAL7wy5sqUBpPdOT2U5xACO-1017fNmnRScS4-6TaRbkOCsw==
museosans-300italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-5bac"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23468
x-amz-cf-id
EZfJoh9TaB-nA42sga1eZq0SVziiK7q4Getk9Zq3kCKA5NUqysLEOw==
player.css
cds.connatix.com/p/157363/ 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/157363/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdfd60b477fc3a53026309cc91965dae061323c4a99562dabdd08831147528b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
last-modified
Mon, 04 Apr 2022 11:50:13 GMT
fastly-original-body-size
57474
age
3919
etag
"379e0d01d797a7cf7455b95630ef6907"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8612
mail-plane-large-dark.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		812 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-32c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
812
x-amz-cf-id
3eFQknhg6A1WGDslhEbXDvBRSBu7YdgVtlJQKzFXi8dIBiKEwJq7bw==
logo-white.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
public
date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-260a"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
9738
x-amz-cf-id
S_b83uCC12l9z21JcekH0R1Bs2d8LeWxnPOtASlLC8jnj_yUw4nS7w==
expires
Mon, 11 Apr 2022 13:02:25 GMT
Russia-Ukraine-540x270.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2022/02/24192129/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/02/24192129/Russia-Ukraine-540x270.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d40a2cf12ea21acda522d8dc8ab7129f169a6d23ff557b10ac40bb865fea0fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:09:41 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 25 Feb 2022 00:21:45 GMT
server
AmazonS3
age
327164
etag
"2c8a74996aaa8029c779c1037e338339"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
32625
x-amz-cf-id
XFQX7rRhuX5eEyfed86HONtf5_uFYWwLP7tzGHTZtjlZ3QjW3AoSKw==
expires
Sat, 25 Feb 2023 00:21:44 GMT
2020-honda-civic-1024x516-1-540x270.png
media.threatpost.com/wp-content/uploads/sites/103/2022/03/31104615/ 		244 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/31104615/2020-honda-civic-1024x516-1-540x270.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfb48a9884ea1ce7b47da60b4a99b5a8eec9d1007be88eb938c0c62198fef1e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 14:51:46 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Thu, 31 Mar 2022 14:46:22 GMT
server
AmazonS3
age
339039
etag
"2f43a6a96f7e45383e58d68a26497b49"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
249767
x-amz-cf-id
lXuGZGyFjKBxGD9KkwmUYgfSRXdjKULIWA7vvg1oZooisi8iIWdg8w==
expires
Fri, 31 Mar 2023 14:46:21 GMT
14_kaspersky_secure_futures_magazine_composable_infrastructure-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2022/03/01154703/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/01154703/14_kaspersky_secure_futures_magazine_composable_infrastructure-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e75ade51afcae47ec8dedc46bd50962ebb58b46638a69951f1f494c5052fe14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 15:57:05 GMT
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Tue, 01 Mar 2022 20:47:09 GMT
server
AmazonS3
age
2322321
etag
"502f5a6c66ba05c0831f656eb6cc29dd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2, FRA53-C1
accept-ranges
bytes
content-length
2476
x-amz-cf-id
i9QeZ9TD29iN8zxZjztMJIxvyqh75FFKK2XRsypmQl3KDxyAljmJRw==
expires
Wed, 01 Mar 2023 20:47:08 GMT
checklist2-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/10/19100940/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/10/19100940/checklist2-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fd9983a3429d6ead1f66bf933770f9b790818b189e39ff0f2a0d3f590bbf67b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 18:49:28 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Tue, 19 Oct 2021 14:09:44 GMT
server
AmazonS3
age
3262378
etag
"14bf40c9dffffaec5cd1337f170dac93"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
2112
x-amz-cf-id
DtIJT8M8GbWsA2gqqInYRxOnf40ISBRpUSy-VmMBiOphSetde1oZVA==
expires
Wed, 19 Oct 2022 14:09:43 GMT
5-Steps-For-Securing-Your-Remote-Work-Space-e1645021300212-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/09141032/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/09141032/5-Steps-For-Securing-Your-Remote-Work-Space-e1645021300212-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f3d8b57f69b73694c38ba6bbf8ddc46c8a5e52db401795fa8ab80643e14236d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 21:12:50 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 14:21:42 GMT
server
AmazonS3
age
3340176
etag
"8d2fd78b5abc332b1098cc4de81608b9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA53-C1
accept-ranges
bytes
content-length
1940
x-amz-cf-id
1XaiS1MNSooWVZxgT1pqHELqhI5u4rftk20Gwwej8ebqIlH0qDT9Ug==
expires
Thu, 16 Feb 2023 14:21:40 GMT
nuclear-bomb-explosion-1478796377Hhl-64x64.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/29112739/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/29112739/nuclear-bomb-explosion-1478796377Hhl-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c8e343da3b15a6a26e0367b83d1c97813863ea6e6a905bd9e69870bb0a0ebd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 21:08:04 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Wed, 29 Sep 2021 15:27:43 GMT
server
AmazonS3
age
4636462
etag
"6d0d1a22dbbe088376115135bb5be675"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
2337
x-amz-cf-id
7kUhilv7Vw3AvZEZSV37uKKqx3OGuMp_LPdfXQ8lMvsP4x1EIPGMVQ==
expires
Thu, 29 Sep 2022 15:27:42 GMT
Log4J_shell_thrpst-e1643986376319-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/12/30110920/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/30110920/Log4J_shell_thrpst-e1643986376319-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f047950d4db7e04d250ebe65613aaaf482546a855d9321d1536ecb8ab6cccf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 18:59:05 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Fri, 04 Feb 2022 14:52:59 GMT
server
AmazonS3
age
5076201
etag
"8b8e89e4e306930920312db10e2c0dbf"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA53-C1
accept-ranges
bytes
content-length
2455
x-amz-cf-id
VHQvAUbGt48-LR3bPu0ZmV_iyu1UnZLtNqfZylZM6RyYGUNfqgb4kw==
expires
Sat, 04 Feb 2023 14:52:57 GMT
pls
capi.connatix.com/core/ Frame C601 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee44eb7662161fad136510868954c7e2032388bdfe5cc60c34987c031c5a5807

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
fastly-original-body-size
0
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6448
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		256 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 31 May 2021 16:54:38 GMT
server
cloudflare
etag
W/"3ffae-5c3a314b5dcb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOog%2FfbjEFEISrruzEg6fKG50uaEdAU4RbDSDIW9p6AuO5Bio0s2%2BCnCelTkmrabHZFicnHFbRJ9LPk47yqeH6wx8N4bqh9i3rvMhUGdTgOywjsy43o06iD0YdeHVbjtycBqIlq9SoWCGLrPPQT%2FINGW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
6f6a3d00294a9bef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 04 Apr 2022 13:12:25 GMT
blockedDomains_12.bin
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame C601 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_12.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
085f299301d3258baf25d3cdaf1ff539b13a00169b765b1c8abaabc5fe353d2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 17:18:30 GMT
age
416547
etag
"047f4b895f454fb7748c6b90383a386e"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1296
insights.bin
ins.connatix.com/c694354ba14a953dafc9171cb97f0bc2/ Frame C601 		324 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/c694354ba14a953dafc9171cb97f0bc2/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad466bf5bd3260297c0582435e86872bec1ea288884d96aecb461d53025fb69b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 22:43:36 GMT
age
651292
etag
"54ff8c5ccd9b394c782f0811943951de"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
211
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
15955415
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
W1MVkpRqHec3ORRMz29yCjAE8Y7Wdcko1lQIgOrdrl6FkG1JCTsW3A==
bl-39123b0-71ac0870.js
tagan.adlightning.com/math-aids-threatpost/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2835af998d5ef885bfa14a1b1995c7724d5b6a76f545b4a491763bff6f0dac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:47:40 GMT
content-encoding
gzip
age
216886
x-cache
Hit from cloudfront
content-length
19393
x-amz-meta-git_commit
39123b0
last-modified
Sat, 02 Apr 2022 00:31:19 GMT
server
AmazonS3
etag
"27a611307893faed4f77b20bc9c527af"
x-amz-version-id
ciXDgJvjDfKJZB9C8XzODN3O2B85Zno7
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
IibaXl0CLsPoX4cJWci8oVicTkcSxBCzNt5qJ_uddatW-IJQjpxiiQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 		359 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144576
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 12:16:13 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31066031
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 11:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Apr 2023 11:31:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		152 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
b9dba0fa4439838b5f5cb311114a54e3116c34903fd4c318fff229625e4f5652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Mon, 04 Apr 2022 13:02:25 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.62.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-62-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 09:05:14 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server
Server
age
14230
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
662
x-amz-cf-id
2mH4ssI0bg8AkDpSFGs-i1mqqIqEfm3MyIzO37OTFbhuWZiqTvncxQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.62.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-62-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:53:29 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
36537
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
Y2SUAtaiCS8_z8hDUxkKR5ppzlRDHUpg9k8lh2nMrEzlzmOOPpVjZQ==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146406
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 12:47:03 GMT
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1649077345453
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.111.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d4fac9605c33d5f9494c8953a691751eaa9b195d60607ed9dbc4774ed79ef8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v030-0da722906.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
zjsXBibwQpI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
312
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
45fa6ca98519b20044e3a92fde28844cc7dd7ec58e017409784a58959856112d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28208
x-xss-protection
0
server
sffe
etag
"1177 / 388 of 1000 / last-modified: 1649070439"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Apr 2022 13:02:25 GMT
2_media.bin
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ Frame C601 		285 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b9d39edb2591de65a095117689dd79effa44a7cf3e0a594d01c978b2f05d00e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 19:13:10 GMT
age
79254
etag
"259c03714a4dc20e6a891f05ce653dc0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
249
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C601 		375 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127864
x-xss-protection
0
expires
Mon, 04 Apr 2022 13:02:25 GMT
1.png
img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
fastly-original-body-size
8114
age
1147203
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 04 Apr 2022 13:17:25 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 04 Apr 2022 12:05:50 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
629966552
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5255
date
Mon, 04 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 04 Apr 2022 13:34:50 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 11 Apr 2022 13:02:25 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 00:09:12 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kcgs7200069-IAD, cache-hhn11522-HHN
dest5.html
kaspersky.demdex.net/ Frame BC4D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-74-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v030-0d2d72a93.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
j8IdaMwUSMU=
content-encoding
gzip
date
Mon, 4 Apr 2022 13:02:25 GMT
last-modified
Tue, 15 Mar 2022 12:36:14 GMT
transfer-encoding
chunked
vary
accept-encoding
id
kaspersky.d3.sc.omtrdc.net/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=24672568597219174330875558749587386985&ts=1649077345729
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7b6f4bb9f7-bhjhf
vary
Origin
x-c
main-1637.I660130.M0-562
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YkrsYQAAAFzv4gQS
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=31996850983410927710179151836438174771
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkrsYQAAAFzv4gQS
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkrsYQAAAFzv4gQS
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
HTTP/1.1
Server
52.215.111.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v030-0cacb0317.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Gtajsd3QSrc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkrsYQAAAFzv4gQS
Date
Mon, 04 Apr 2022 13:02:25 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
gtm.js
www.googletagmanager.com/ 		428 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d3f15221b01e91228492c2b269925c8d0b94c1d6ca12a9e1dc435b63338a301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111361
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 13:02:25 GMT
localstore.js
script.4dex.io/ 		483 B
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1136790
x-amz-request-id
tx19d8ce819bcb496485a59-00623993cb
x-amz-id-2
tx19d8ce819bcb496485a59-00623993cb
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeWjRsUyG2UTqiB%2BypVRx52X5x1RVTCfulXgh4BdspgM6AizDLxRo2XBrkQVc8KPJ1TlZl7UY4e%2FBkIEgwySLTCQRxNKo9h0X0jo4%2BxbCOxK9sY3HbJ%2BYk9gnexQu6tRo0dkrMPJYW8RO%2BLY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647940521027959
cf-ray
6f6a3d039faa9060-FRA
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p19.id5-sync.com
Software
/
Resource Hash
fcd5b810a68022abba291f6b53d7934bd1366d8d211b0e968dc96310e17c453c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Mon, 04 Apr 2022 13:02:25 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&pr=https%3A%2F%2Ft.co%2F&pid=PRtRdATmCwHLA&cb=0&ws=1600x1200&v=7.74.0&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.62.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-62-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
A9E94WCF67K2HA9Q0JPP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
ElAHxGStjZxpT2f8TwqGIvQgN3BgrV3FaoiLuUEOEhy471FipsVx1g==
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/157363/ Frame C601 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
br
last-modified
Mon, 04 Apr 2022 11:50:13 GMT
fastly-original-body-size
165383
age
4113
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
724.json
id5-sync.com/g/v2/ 		212 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p19.id5-sync.com
Software
/
Resource Hash
56fb7260574f7cf5d06ba4c7934ae29b4cab9fd8830623cc9c2ac234e04eec83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Mon, 04 Apr 2022 13:02:25 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
bridge3.508.0_en.html
imasdk.googleapis.com/js/core/ Frame A933 		592 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
186485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197186
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 09:14:20 GMT
expires
Sun, 02 Apr 2023 09:14:20 GMT
last-modified
Mon, 28 Mar 2022 15:10:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C601 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Apr 2022 13:02:26 GMT
bridge3.508.0_en.html
imasdk.googleapis.com/js/core/ Frame D4E7 		592 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
186486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197186
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 09:14:20 GMT
expires
Sun, 02 Apr 2023 09:14:20 GMT
last-modified
Mon, 28 Mar 2022 15:10:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.508.0_en.html
imasdk.googleapis.com/js/core/ Frame D180 		592 KB
193 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
186486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197186
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 09:14:20 GMT
expires
Sun, 02 Apr 2023 09:14:20 GMT
last-modified
Mon, 28 Mar 2022 15:10:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.156.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-156-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:26 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.156.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-156-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:26 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.156.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-156-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:26 GMT
access-control-allow-credentials
true
vary
Origin
arj
teachingaids-d.openx.net/w/1.0/ 		174 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ddb16d49-aecb-42e7-9d2f-0526df8ec670%2Cddb16d49-aecb-42e7-9d2f-0526df8ec670%2C1417914a-ca95-4a03-8f52-2c4a65b2ddf7%2Cddd6a286-b976-49d2-9a92-0f31d13f7068%2Cddd6a286-b976-49d2-9a92-0f31d13f7068&nocache=1649077345955&gdpr=0&x_gdpr_f=1&pubcid=f3e3f05b-8919-4bc9-96c0-52ec973f26cf&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
96b5d31ccfb24de7fafa75fca3bf3db1be26e0810f6278715bff2649076de10a

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ 		114 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7826423303bd5e4ada20540bba31ba27a9a969cf42eb96c49406d59aeea9d6

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6f6a3d04ce3592a2-FRA
pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
v2
e.serverbid.com/api/ 		711 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:26 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.17.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
99da33b0e140654163bc11270aebc7bcb407d13877cc17414a908762d0ede696

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Apr 2022 13:02:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7fd8f04c131c8fa9a34f45a6ac563bccda487f1e6f72ad9f81231d474cf221db

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
96177abf5cc11faffebedf8ee3f287462039d9d1beab76d47372f0f219d5ea7e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3913174a244e517f81f52fa0a86507151deb953f12788d082ec69dd64a287fee

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		682 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=ddb16d49-aecb-42e7-9d2f-0526df8ec670&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05246238857685337
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9005df0ceac13bacee220e4590b1a12a1b91bc548dc3602261e99c142c8cc61f

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:26 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
682
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		680 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=1417914a-ca95-4a03-8f52-2c4a65b2ddf7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3093501784986896
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8d681f4a9e12e92a8a397af8be86b00eb29b99c5a6a9c778153a408951e25693

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:26 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
680
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		680 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=ddd6a286-b976-49d2-9a92-0f31d13f7068&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3493425972721631
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ad2f66af191c8d0723d8c8fc22c61a083ba0bb5e3dcf4f7ab2b73b5597d7c2a8

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:26 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
680
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		680 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=ddd6a286-b976-49d2-9a92-0f31d13f7068&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25026826109121725
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
035df097bc74e84537d1a6a2eaa9a876c0356b3ae928b81a6e0c9ea9809dd1f0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:26 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
680
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
54ae4690f0c869651b8799bcfb36b1c966ed1f383af075b34bcd66ce1aa37607
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Apr 2022 13:02:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c2bcacbb-d549-4a9f-9859-d837dd81b9c3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.17.0&referrer=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
accept-ch
sec-ch-device-memory,sec-ch-save-data,sec-ch-width,sec-ch-viewport-height,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-arch,sec-ch-rtt,sec-ch-downlink,sec-ch-ect,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-dpr
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		548 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9392
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/216477/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=5.17,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2250cc7693d890655%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews%22%2C%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2251fee756d2c7c87%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22528b9e3f721fc61%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22535635dc46991ef%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a3ad19d72f0fa03be1e4a9346a814299aaefacd689da1c35bee8927f74353087

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 04 Apr 2022 13:02:26 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
425
vary
origin, Accept-Encoding
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3730 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:52:29 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1707259033&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Google%20Chrome%20Zero-Day%20Bugs%20Exploited%20Weeks%20Ahead%20of%20Patch%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1820281579&gjid=224982282&cid=1501078788.1649077346&tid=UA-35676203-21&_gid=1886825372.1649077346&_r=1&gtm=2wg3u0PM29HLF&z=1749227614
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1707259033&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Google%20Chrome%20Zero-Day%20Bugs%20Exploited%20Weeks%20Ahead%20of%20Patch%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1501078788.1649077346&tid=UA-35676203-21&_gid=1886825372.1649077346&gtm=2wg3u0PM29HLF&z=1737814810
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Apr 2022 15:07:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-_7kVx0t9Jqj90.js
rules.quantcount.com/ 		2 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:35:57 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server
AmazonS3
age
1588
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
content-length
2
x-amz-cf-id
zUnkc8GLNNts1BU3i1t37Ytc7CyIJLEuoyFaa4OwoCk2boWYPy0SqQ==
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=bf01d7b4-52bb-4050-9768-449a35395085&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time
111
date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fed0f205e379ba086a7efa5db30990ac2afb43e946e1fb09e5e181669dd7080c
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=bf01d7b4-52bb-4050-9768-449a35395085&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time
116
date
Mon, 04 Apr 2022 13:02:25 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c00e2554b4a38861e6ca1d1c7222bb677029dadf0ff6be393ec96dc25f252e45
content-length
43
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4D8F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:52:29 GMT
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame C601 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
8ca486fd34f35f010ea14413ec30fab0ac8a671c8e6a81acf61ffcf57c8ac5f8

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
843
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&pr=https%3A%2F%2Ft.co%2F&pid=PRtRdATmCwHLA&cb=1&ws=1600x1200&v=7.74.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.62.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-62-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
TQVHWZVKG72J3JEZ5405
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
PETv8G0eRTxLw8yFKpov8EjrZEwbbqQVn0HZztSVE3hFImc56e0H4A==
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e998d70d54146b70fbd8882efdd0682978dbc337f03a6e22367cb97aadf9e573

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
br
fastly-original-body-size
7628
age
244353
etag
"JNaAhBiLMSOnkkei/N3fo5fCL/mt/wlc+iBOJzzjuy8"
access-control-max-age
86400
fastly-io-info
ifsz=79819 idim=2560x1440 ifmt=jpeg ofsz=7628 odim=400x225 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7179
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E836 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:52:29 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1135889
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx6f2ea791109f4903a1561-0062399424
x-amz-id-2
tx6f2ea791109f4903a1561-0062399424
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqLDu6MjT9%2BOQwdO8kWgKXi0mQrlcZQXUBaUYRe0yNBi%2Fl%2BZYDjw9nn19Ce2ZPzSXHwkTbcVEDcN0hNzpoyDlKYLUbqHw2q4KrE9geQujeN3zhi%2BmmxAY%2BopmuABdNRMgg2j3RFt0Wb80E2z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f6a3d056bcc9954-FRA
access-control-allow-headers
Authorization
flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 		236 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:28 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab730-ec"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
236
x-amz-cf-id
JooqC4jx3oT_9uAlzWD5xdm7Pxkpv3WyNzCKy7pMJUackQDLY4LKzQ==
fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1d62b9db
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 09:15:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"624ab72d-12d68"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
x-amz-cf-id
SvGDO1pys_iSe47hhO82K4bHuPhBHtXBmZXJkdi_L3g7x2tJQS9PFg==
v1
geo.ipify.org/api/ 		385 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
e1fe705025dac3ebef230fd2658660346e54804a6af24c4158f8eb9b38d86f4d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
prebid6.7.0-1.js
cds.connatix.com/p/plugins/ Frame 27D7 		456 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
084885652dacd1b70a7979e7631caa6fe5985a5c1b872c28dd890d9ea39cec3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
br
last-modified
Wed, 09 Feb 2022 14:06:45 GMT
age
2944284
etag
"c647c6ead685f3c1b8ba4c8a5de1eb5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
121193
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=1501078788.1649077346&jid=1820281579&gjid=224982282&_gid=1886825372.1649077346&_u=YEBAAEAAAAAAAC~&z=1326227804
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Apr 2022 13:02:26 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
playlist.m3u8
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ Frame C601 		309 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/playlist.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 19:13:10 GMT
age
90036
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
pixel;r=1824702234;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3D...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1824702234;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews;ref=https%3A%2F%2Ft.co%2F;uht=2;fpan=1;fpa=P0-1634125624-1649077346389;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1649077346388;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2022%2F03%2F25091849%2Fchrom%2Ctype.article%2Ctitle.Google%20Chrome%20Zero-Day%20Bugs%20Exploited%20Weeks%20Ahead%20of%20Patch%2Cdescription.Two%20separate%20campaigns%20from%20different%20threat%20actors%20targeted%20users%20with%20the%20same%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patc
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
0.m3u8
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ Frame C601 		662 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/0.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3788f6d78d3779c5cb9799b5a5194c8e4f56de10b3c7cc962dd4ff56a006c076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 19:13:09 GMT
age
90035
etag
"3462f99156683c73680c822827559fb9"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
267
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=1501078788.1649077346&jid=1820281579&_u=YEBAAEAAAAAAAC~&z=625466830
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=1501078788.1649077346&jid=1820281579&_u=YEBAAEAAAAAAAC~&z=625466830
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://threatpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://threatpost.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 04 Apr 2022 13:02:26 GMT
server
ATS/9.1.0.33
c
prebid.a-mo.net/a/ Frame 27D7 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
22
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 27D7 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 27D7 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=435871&v=8.1&ac=j&sd=1&nf=1&t=900&r=%7B%22id%22%3A%225f81cae56bf738%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226364d405c8c1c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221c3b3bad-1b4a-4252-a6c6-844a43c89b77%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1618d4c138be4e3f43687a1ec96abfe55e293b7e70db7f87f265620a57ffee35

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 04 Apr 2022 13:02:26 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 27D7 		66 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cffd11b50941bd26845b3fc737167315c5e4d395486ac9ed43e27cc7d9f9153e

Request headers

Referer
https://threatpost.com/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
66
avjp
teachingaids-d.openx.net/v/1.0/ Frame 27D7 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a4fdb9ac-be1d-4cbc-9cdc-3be2eeaa8d3a&nocache=1649077346477&gdpr=0&pubcid=1c3b3bad-1b4a-4252-a6c6-844a43c89b77&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2Ccbc68c5b-1d8d-4ccc-9a60-487836e00ff6%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225&aumfs=250
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
via
1.1 google
server
OXGW/18.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 27D7 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6feb78259d1f20dff7a50f8138ad210cfa8ff2c02fdee279faacd76ddd82187f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:27 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b4e79f1b-d5a4-4e46-af44-e2d0e07e6ca3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
teachingaids-d.openx.net/v/1.0/ Frame 27D7 		106 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=71feebff-207a-4206-aaf8-1a6050eca601&nocache=1649077346481&gdpr=0&pubcid=1c3b3bad-1b4a-4252-a6c6-844a43c89b77&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2Ccbc68c5b-1d8d-4ccc-9a60-487836e00ff6%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225&aumfs=250
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
via
1.1 google
server
OXGW/18.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/233148/0/ Frame 27D7 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 27D7 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=435870&v=8.1&ac=j&sd=1&nf=1&t=900&r=%7B%22id%22%3A%2217c0f62aca10f1a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218c4b8412566604%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%22cbc68c5b-1d8d-4ccc-9a60-487836e00ff6%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221c3b3bad-1b4a-4252-a6c6-844a43c89b77%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea3621fdcf4fdc76b56e8c991b01c51ff0769202741363519c769a6c8fa6d76e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 04 Apr 2022 13:02:26 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 27D7 		139 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a9ced220b525deb30aa915ff1c1ca6c2f2a0afd922b767c71e601fdb025bbfe8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:26 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
59ebe704-8354-4927-91d7-6be74b4931f6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 27D7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Mon, 04 Apr 2022 13:02:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/233098/0/ Frame 27D7 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216476/0/ Frame 27D7 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216475/0/ Frame 27D7 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=6.7,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ Frame C601 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8bd1954d35c36441c577e571af12e327da0115465a35f85bca7f6976ad49dda

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-1361

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
last-modified
Thu, 18 Mar 2021 19:13:09 GMT
age
89993
etag
"0f4ba301101db680996746112d54887a"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1361/5163990
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1362
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ Frame C601 		639 KB
640 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a125096dce20357e3049f8166f66af69a0e57f5f802696000ab095613703e8f

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=1362-656072

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
last-modified
Thu, 18 Mar 2021 19:13:09 GMT
age
89993
etag
"0f4ba301101db680996746112d54887a"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1362-656072/5163990
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
654711
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1707259033&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&dr=https%3A%2F%2Ft.co%2F&dp=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ul=en-us&de=UTF-8&dt=Google%20Chrome%20Zero-Day%20Bugs%20Exploited%20Weeks%20Ahead%20of%20Patch%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=171252437&gjid=262746120&cid=1501078788.1649077346&uid=24672568597219174330875558749587386985&tid=UA-63997723-2&_gid=1886825372.1649077346&_r=1&gtm=2wg3u0WZ7LJ3&cd14=no_locale&cd15=24672568597219174330875558749587386985&cd53=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.60%20Safari%2F537.36&cd16=1501078788.1649077346&z=1340967460
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5256
date
Mon, 04 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 04 Apr 2022 13:34:50 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dd2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2022 23:45:34 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=56279
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3104
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9582686
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd0354ee4b65958ecd3e80e7acd9af3011207b46eb6ae1ce6a2e6f60aec8a970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37610
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 13:02:26 GMT
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63997723-2&cid=1501078788.1649077346&jid=171252437&uid=24672568597219174330875558749587386985&gjid=262746120&_gid=1886825372.1649077346&_u=aEDAAEABAAAAAC~&z=1279568019
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Apr 2022 13:02:26 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.mp4
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/ Frame C601 		613 KB
613 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/523d4fb0-4f47-4bf9-83cd-2b5c179a45db/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/157363/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0c35bcc511183abbaf158b20f6f4a85a54cf4353b4df88163dc9425d97e4ca6

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=656073-1283660

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
last-modified
Thu, 18 Mar 2021 19:13:09 GMT
age
89993
etag
"0f4ba301101db680996746112d54887a"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 656073-1283660/5163990
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
627588
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YP1JLG57CH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4760ee4d7134a0cc2f9e3889c2d969a97bfc90be0f22767a279b52e7837781dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66066
x-xss-protection
0
expires
Mon, 04 Apr 2022 13:02:26 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-2&cid=1501078788.1649077346&jid=171252437&_u=aEDAAEABAAAAAC~&z=1919888482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-2&cid=1501078788.1649077346&jid=171252437&_u=aEDAAEABAAAAAC~&z=1919888482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3D...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1649077346714%26url%3Dhttps%253A%252F%252Fthreatpost.com%252Fgoogl...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3D...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_content%3Dnews%26utm_medium%3Drss&liSync=true&e_ipv6=AQIfsdpLWwPPSgAAAX_0q2OxOXV9CdfjVDemuIU4mrcIfD6UH1WuigdT4JVpxs7kkhD9HQszrIglY2z03ACSSwmg6bqwoQ
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B05320F67155444B9945F7BDD811A259 Ref B: FRAEDGE0706 Ref C: 2022-04-04T13:02:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXb072DXWBhJo+FOsxHkg==
x-li-fabric
prod-ltx1

Redirect headers

date
Mon, 04 Apr 2022 13:02:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4C51BACE9B484EE182ABF85F5E917FAC Ref B: FRAEDGE1407 Ref C: 2022-04-04T13:02:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649077346714&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_content%3Dnews%26utm_medium%3Drss&liSync=true&e_ipv6=AQIfsdpLWwPPSgAAAX_0q2OxOXV9CdfjVDemuIU4mrcIfD6UH1WuigdT4JVpxs7kkhD9HQszrIglY2z03ACSSwmg6bqwoQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXb0719MUzp/OO5yxdgxQ==
mq
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		185 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=73656291704115&correlator=995006661312466&eid=31066024%2C31066031%2C44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin%2Cthreatpost-AdX-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2%2C1x1&ifi=1&adks=4166723991%2C1414505084%2C1356251026%2C3771495681%2C2643643476&sfv=1-0-38&ecs=20220404&ists=1&fas=0%2C0%2C0%2C0%2C8&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D64e12bcaf734342%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D64e12bcaf734342%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D65226a82cbe671b%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D65226a82cbe671b%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7C&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%252F179103%252F%26urlquery%3Dgoogfc%26contentid%3D179103%26category%3Dvulnerabilities%26contenttags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1649077346778&lmt=1649077346&dlt=1649077343878&idt=1909&biw=1600&bih=1200&adxs=436%2C1082%2C1082%2C0%2C-9&adys=8%2C166%2C1211%2C8%2C-9&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&msz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&fws=0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1501078788.1649077346&ga_sid=1649077347&ga_hid=1707259033&ga_fc=true&btvi=0%7C0%7C1%7C0%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31066031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
93e4edc3a827c983263d5d4d48a45f4dbe72acf0ab7397e1ccd19ae3b08512d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39988
x-xss-protection
0
google-lineitem-id
-1,5794282999,5794835207,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138364581378,138364525301,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31066031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9522ba6ffaffa65b1eeed93a6b06d558952208ea4e4c2e1f804169554acbf0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10792
x-xss-protection
0
container.html
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4639 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31066031
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:26 GMT
expires
Tue, 04 Apr 2023 13:02:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022032106.js
securepubads.g.doubleclick.net/gpt/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022032106.js?cb=31066031
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js?cb=31066031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 22:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13258
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 22:24:48 GMT
activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-ze...
9582686.fls.doubleclick.net/ Frame AA4C
Redirect Chain
  • https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-...
  • https://9582686.fls.doubleclick.net/activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=t...
866 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9582686.fls.doubleclick.net/activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
9777aecf115c11a879493cbc69604d0ffd41e807437399294b318cf55ac6482a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
547
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9582686.fls.doubleclick.net/activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:26 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YP1JLG57CH&gtm=2oe3u0&_p=1707259033&sr=1600x1200&ul=en-us&cid=1501078788.1649077346&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&dr=https%3A%2F%2Ft.co%2F&dt=Google%20Chrome%20Zero-Day%20Bugs%20Exploited%20Weeks%20Ahead%20of%20Patch%20%7C%20Threatpost&sid=1649077346&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.pageType=other&ep.businessType=b2c&ep.siteType=Default&ep.siteClass=Websites&ep.siteLocale=%5BNULL%5D&ep.pageName=websites%20%3E%20google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103&ep.campaign=&ep.acCampaignId=&ep.omnitureVisitorId=24672568597219174330875558749587386985
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YP1JLG57CH&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9430 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:01:40 GMT
expires
Tue, 04 Apr 2023 13:01:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E5F5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3816f0b0d7dee1e108f9f85094edf7e441cee6ead1547a990857101339be168c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qDGw3azeKNIXqSuNC+nQfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-qDGw3azeKNIXqSuNC+nQfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:27 GMT
expires
Mon, 04 Apr 2022 13:02:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bug...
adservice.google.com/ddm/fls/i/ Frame 885B 		865 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Requested by
Host: 9582686.fls.doubleclick.net
URL: https://9582686.fls.doubleclick.net/activityi;dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da7bcf2d014963663ba06f496c5e124143acb400d62231322a3981f19a54d9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9582686.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
547
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s28883694852598
kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaspersky.d3.sc.omtrdc.net/b/ss/kaspersky-single-suite/1/JS-2.22.3/s28883694852598?AQB=1&ndh=1&pf=1&t=4%2F3%2F2022%2013%3A2%3A27%201%200&mid=24672568597219174330875558749587386985&aamlh=6&ce=UTF-8&ns=kaspersky&cdp=2&pageName=websites%20%3E%20google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103&g=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&r=https%3A%2F%2Ft.co%2F&cc=USD&ch=websites&server=threatpost.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=other&c3=b2c&v3=websites%20%3E%20google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103&v9=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&c20=url&c29=v1%3As_code_single_suite.js%3AtrackPageView%20%3E%20sng.t%3Ap&c30=v1%3A20220404%3A288%3ANextGen%3A%5BNULL%5D&c31=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F&v35=https%3A%2F%2Ft.co%2F&v44=D%3Dv3&c47=Default&v47=D%3Dc47&c51=Websites&c57=%5BNULL%5D&v57=D%3Dc57&c58=Google%20Chrome%20Zero-Day%20Bugs%20Exploited%20Weeks%20Ahead%20of%20Patch%20%7C%20Threatpost&v71=v1%3APage%20View%3A%5BNULL%5D&v86=v1%3Atwitter%3Arss%3A%5BNULL%5D%3A%5BNULL%5D%3Anews&v113=24672568597219174330875558749587386985&v116=1501078788.1649077346&v125=0.8084352400757455_1649077345455&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
x-content-type-options
nosniff
x-c
main-1637.I660130.M0-562
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 05 Apr 2022 13:02:27 GMT
server
jag
xserver
anedge-7b6f4bb9f7-7c7n8
etag
3541366637512130560-4619917721203735509
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 03 Apr 2022 13:02:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E5F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=73656291704115&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
pagead2.googlesyndication.com/bg/ Frame 9430 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 07:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13731
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 07:39:24 GMT
dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bug...
adservice.google.de/ddm/fls/i/ Frame 975E 		194 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIiH4eu7-vYCFQfeGwodWsIGeg;src=9582686;type=globalc;cat=globa0;ord=8185880850195;gtm=2od3u0;auiddc=962064949.1649077347;u1=B2C;u2=no_locale;u4=threatpost.com;u5=%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F;u6=;u7=24672568597219174330875558749587386985-1501078788.1649077346;u9=_google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch_179103_;~oref=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:27 GMT
expires
Mon, 04 Apr 2022 13:02:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 9430 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4xnnBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D0B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:26 GMT
expires
Tue, 04 Apr 2023 13:02:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-39123b0-71ac0870.js
tagan.adlightning.com/math-aids-threatpost/ Frame 4A84 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2835af998d5ef885bfa14a1b1995c7724d5b6a76f545b4a491763bff6f0dac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:47:40 GMT
content-encoding
gzip
age
216888
x-cache
Hit from cloudfront
content-length
19393
x-amz-meta-git_commit
39123b0
last-modified
Sat, 02 Apr 2022 00:31:19 GMT
server
AmazonS3
etag
"27a611307893faed4f77b20bc9c527af"
x-amz-version-id
ciXDgJvjDfKJZB9C8XzODN3O2B85Zno7
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
C5T9dVw_iUSpRgoIwE6zNIZdH-NktUQN2Rv5PCbZqnqJd3duetUj1A==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame 4A84 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
15955417
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
V9KU6R6Ofr3JYIiuoUaWAK8SDCwXoT8gtfLVakWYgw3LZzsL8SdjdA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4A84 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4420b229c2b7c192a444ba4a1ee7bdf8125654a03202c1c61003a6b3bcf0055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54062
x-xss-protection
0
server
cafe
etag
2862942230798704835
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 13:02:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A84 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:27 GMT
bl-39123b0-71ac0870.js
tagan.adlightning.com/math-aids-threatpost/ Frame F17C 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2835af998d5ef885bfa14a1b1995c7724d5b6a76f545b4a491763bff6f0dac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:47:40 GMT
content-encoding
gzip
age
216888
x-cache
Hit from cloudfront
content-length
19393
x-amz-meta-git_commit
39123b0
last-modified
Sat, 02 Apr 2022 00:31:19 GMT
server
AmazonS3
etag
"27a611307893faed4f77b20bc9c527af"
x-amz-version-id
ciXDgJvjDfKJZB9C8XzODN3O2B85Zno7
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
VYBQ1ViVQ4sDIigJVg3AHPPm-OcxaD2N7FdQW49tSD1_QzI9vAi8TA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame F17C 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
15955417
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Xes-vzrNC84gQ4_-LrVZpmlaY7uuLooibkEkS1vazwNob81ZkS6Hfg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F17C 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38bcffa1db31e2a8d1265695264979efdc15f408d921cc09ec2c4c692bc5eaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54042
x-xss-protection
0
server
cafe
etag
16730130455847674133
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 13:02:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F17C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:27 GMT
container.html
161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C0DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:26 GMT
expires
Tue, 04 Apr 2023 13:02:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-39123b0-71ac0870.js
tagan.adlightning.com/math-aids-threatpost/ Frame D0B0 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2835af998d5ef885bfa14a1b1995c7724d5b6a76f545b4a491763bff6f0dac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:47:40 GMT
content-encoding
gzip
age
216888
x-cache
Hit from cloudfront
content-length
19393
x-amz-meta-git_commit
39123b0
last-modified
Sat, 02 Apr 2022 00:31:19 GMT
server
AmazonS3
etag
"27a611307893faed4f77b20bc9c527af"
x-amz-version-id
ciXDgJvjDfKJZB9C8XzODN3O2B85Zno7
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
kFH9G06SCUy505saFXWo8N2w5NueG-iJy7GciHEq0L-ymAIq3st_hA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame D0B0 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
15955417
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
HGPF0t4W4tdaa5tI5O0M17vpybD_nj5HO7wJ9rKNAxx5pVl-_s-sVg==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame D0B0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D0B0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame D0B0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:09 GMT
l
www.google.com/ads/measurement/ Frame D0B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSwBXpRD7sloVsdSE1WeYf2uzD7X9_PVCzwxqybcGypUOsylSozU-pjypXdsqt8LsdnU0r
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D0B0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 11:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Apr 2023 11:16:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4A84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusOj0BhzyMXzVlKOXRBp123nvewWoEHa3UWIhrlOWK3Hnd5drkq1KbM3kIwzdy1y7HeEICiaJqJCRb0-o20VuaAmqCVKj-Usee8EH__vnuqC4Zl-0JmOyw0MfCNjMRoWIMtXFr1OYE0QFdqxhGpsfhMGTlDnkfTIpFE1dBqGqiQWAIhgLBXSIFKla9NHh4w9EFwSgQ9DZV06-2dfVbS2Odot8uGFm-eJ7M_-BLOaJSCMBC4Sgaha-uj3hUvV-U_0KyBiv5wl7NtcKME2fcQZDxJYH6vPXH3P_KTFX211z5OKmSxQ-JklzZQKYUmr2lcEPAMRYZ&sai=AMfl-YT1fVPX-EZASI076ej98bxZFKZBr3cD3LfCXtob7ic4AVCJJeyn9E0Fd5YLdAgknGAIcWB37zJBiJ8URocTeD7RGS_viQnLc4Ihql0HOw&sig=Cg0ArKJSzICK3CEmWR_PEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Apr 2022 13:02:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F17C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFxfAU861btHT2zf1vgUt0cLpEANBICOFdhAeJCgazrD6OBDLZljfwuKcwFYIpHhRzvhMA4fYA1g1-hOAuOggnlCyFbf76pVcpjn_sRT7yRPCI__-wC94LR2Xq2qj0ZfOkeAtC05aI7zegIy5SrErkvML8CQIUT0pQ79mtWdcoNO_92leSdL-2AsdTKw_lsTcqcnp36vUU9zItevHXoCxK0FmqruSX7Hs5ZoCQeqFtTw-TsU0Vn_u31JI11gGD18fw7NuSOGRcQWz0j5XYpBpUtC1Xu3WOTfxcqd47nYZ9YgK2Kfw6nPKj_3c6OcQkLrcs1Sgc&sai=AMfl-YSKVdKycU1SJ2nWXrkeS2bqVvCgWxGk2cIxWlSNUiqq8B9yMwd06i6hNk05NkELfavPzHbu68cz-xbbB8-ABGmZsTpWI6x74L21ZU0M2w&sig=Cg0ArKJSzPpUn3sLpxl9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame F17C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d8b2849f76b95fe4390b50b2d8f14ff2bba99b6b1b0200f7c65b122de7396aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4A84 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e304fe64feae706478167180bda389ac45da00b7f7701353fcdfad5057b687d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
bl-39123b0-71ac0870.js
tagan.adlightning.com/math-aids-threatpost/ Frame C0DB 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-39123b0-71ac0870.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2835af998d5ef885bfa14a1b1995c7724d5b6a76f545b4a491763bff6f0dac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 00:47:40 GMT
content-encoding
gzip
age
216888
x-cache
Hit from cloudfront
content-length
19393
x-amz-meta-git_commit
39123b0
last-modified
Sat, 02 Apr 2022 00:31:19 GMT
server
AmazonS3
etag
"27a611307893faed4f77b20bc9c527af"
x-amz-version-id
ciXDgJvjDfKJZB9C8XzODN3O2B85Zno7
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lF_HX5CH13n0aweQBrHs2zNJZmehD-I01g_1O6v97xZjUEihU_i_Rg==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame C0DB 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:58:51 GMT
content-encoding
gzip
age
15955417
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
2Bylh9lITE8c87OBxdKciFHK6HT4iakk1C2wQmrQSnlg0y2LIKl8Ng==
css2
fonts.googleapis.com/ Frame C0DB 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 11:40:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 13:02:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 13:02:27 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0DB 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 22:29:35 GMT
x-content-type-options
nosniff
age
52373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 03 Apr 2023 22:29:35 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0DB 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:24:08 GMT
x-content-type-options
nosniff
age
2300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 04 Apr 2023 12:24:08 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/ Frame C0DB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8226
x-xss-protection
0
server
cafe
etag
11792478805792993122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:57:05 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/ Frame F17C 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com&bust=31066121
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aee683e8fb4c075678fb66baa1d74c4874a0dde6555bac4f6fce9e5c121b655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110200
x-xss-protection
0
server
cafe
etag
3921829865524983539
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 13:02:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 3FF0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
48806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Apr 2022 23:29:01 GMT
etag
4044455266028820542
expires
Sun, 17 Apr 2022 23:29:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/ Frame 4A84 		300 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com&bust=31065971
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d025af7dcbd821e505ec92bb6c4baa654503ca9a5ae3c1c1e28080e1e49ca39c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109971
x-xss-protection
0
server
cafe
etag
3839240819304479117
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 13:02:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=73656291704115&bg=!u7iluPzNAAZku-1yRLs7ACkAdvg8Wh27DphheQv0tZZBjkv5lxH12Ulc1fwfLTs2z_D5_z7_hZ7FMQIAAABRUgAAAAFoAQeZAs3ocdNeMA8yuO2B6XU76daPq8zONTtAIb59b7B4BPcSU2HsbtC_-nTWoEBuUA_Ym8BETvNpIhWO-5GFvZO56h3sG14R4buIYVvYJ043vQSfLk3_Go3Xg81OF2RFPwNcD_0Halq9A1krIy5ceje_0sRFiUt230jIZW8UmUAzByCG95plJq8a87EeRcPUCPeWlaas50NlUpW3jcqIm81yyOFLhUqV-VWFqbuW_vek39ySGgXfuigEqFAZwWVuPNjpx8SyWprBx8uKDoKNv0BZiUg-1tibboK6OuckZEYdG6Lo23dAc9X-hpi7dSgHnXYhCnnuqC3wbPwuAfxEkLg16AohpASI0ORFIGQz9tUcep2WbDQivI3uONPqzoIN5RSWdWFxNz_z8xijDJvtZOe1szr3FPYjMulwFpuNMuCsFnCwHunul3LnvDsc7QFn0lP4CYzkCwFnSJonFtCcbO6DvC3kSAmxn45TmU6w69VjewzpGj10jgKsJn9--vYVJuSMLYaXxMTtPbacJb26RDDXQL1GxsBdEFDo3cgFztkqBVKtM4nUnnb604CAJA4E4cJpihcRpkknM_DEXIiTZSmIRRNNI1wSboWt5LY_IfthPlMx-t2Z8gzMeiECuebpTVxkFZxwe7dN1ovXO1DoDtaOA3E5gICohGZMDjM2OBUC0D24WML8ckRk9gTTJGvyKVNfo7mtZGsPF2hJDI3U8GzwrfBsHSX3hQSzimDBaEfl2Hdhf8XE5hh8RbV0lrN_r2QYe-v8YBuWgMfynpBGgyaq8M4nb2lwPp7oLdcaJEsZDuVRwOQNnQ0ByUiWjJXbk801r8Mh8x8zVv6x1-G9rR940I42O1XO8bVnhciouRVQdTDorf-labor9tR7Rz0jGrxTYvDGMxPehbJ8S_Y6Pe04jt7pN9wpMAfWNWqGBEVr9sDCu00K7QMTTG8VMdCZ9cw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D0B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CK0X0YuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNQCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFv-n4vo4Bn17EZuUHj5W3MDgmZIU11wfn0LrykZzpCzNk4UTE0VVuAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQxMTM2ODE4ODIzMTE0NTUYhNt7&sigh=HzGuwUeSxDM&uach_m=[UACH]&cid=CAQSLgCNIrLMJMxctUfQoOCrEYbZj1vzUkv_K6AimD9SDw8fJUjP1_0eXDRUHsMjK-QYAQ
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame D0B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-b8EOv_CsoH-gGdg2ICAgAAAKSanEVOk8FnJ8e-GXlf00gQYuxKYgKhSsNYRlIvnrtbABI&wp=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
server
Kestrel
server-processing-duration-in-ticks
261686
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame F22E 		213 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ae3d534ceb0aee11dd35e2403dee22f2136a3d3ff818024e91766cea037db97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:28 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1RBr8olnb9oJ5jnalc9XLjMhFlW3fFs-NwoV78MZoG1ICA_a0nFRnQJ9nlzy4-7rr8HS3x_Z93mxhHGPD6bbsCSV5Ul0qrL6AWcKYqeAmh4bbTdb2_NXwJBOdsSW1dsajL_4_Cp0KsmSXmU2-GIOn5pffogtZwyt84VH0L7oAaiPblA70b6JP25Wqe8Lli8wCZn9vXsP_MhJJhUxTEKQAM5SVV6BleJQ_3seAO4KVI1Oj6RQGhTfmJo5FtofCQIf9sNvog"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
157894732
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame D0B0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2278f037015b13e484b8c2ce9df3b9746aa77437e395f69fe2363a80bb1f294e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 004D 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:50:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 13:02:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 13:02:28 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 004D 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 004D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 004D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 004D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 004D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:09 GMT
l
www.google.com/ads/measurement/ Frame 004D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSma-HZyyUahjwMnVbqNWFTv4PtAmFNgB-xiM6PECCvLONfRZQcNP0l342SeFcPYDSAp5Jh
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
dfa9fdc9b45632ba17ba59fe64d4dcb5.js
www.gstatic.com/mysidia/ Frame 004D 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 10:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12015
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 18:36:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 10:20:08 GMT
sv
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
view
securepubads.g.doubleclick.net/pcs/ Frame F17C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJtG7lLSk4rMIsTlK7_Prh_K3yqXHkiYk5ZtaYC4MZPXaTY44J0lZI7upuI6oLFZgGMSm05eZWk-EPnifRZMg-FHJY5VP97RCmuh6efkOrvHibw1V9DePutpkq872WQG1IrZDylpPHgLce8SWCiqEC_Bz8nS42rEvukOrC3rjEXKs1NqtmXloes0Bw3GUXHaKKqyuiQPVbXaYsTOLZiBE59tlecvB-xqYFD5vobPDC8byvuLHz_kvmaJi05DZo49n3hBH8SUF7HUES1fRUf8eBjxAMZXBkeswTxpxZBQ6qkC7DI_YzEXphWXSyQ8_XfndW58CDh7I&sai=AMfl-YREP_B1pQ4dTfyCoWzxtNvaWq31PNMmdNwomlqW2SdOdrIz3gv_tD-zSUNB7jxorPftH-A6QjskkIS0k99IsGreNObW9Zl8fwMIB6-YYw&sig=Cg0ArKJSzFledhEO7FReEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Apr 2022 13:02:28 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F17C 		218 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=threatpost.com&callback=_gfp_s_&client=ca-pub-7500593236707325&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
011e26a1e3dd4b22cf48de0fc63897650d94104ca9dfe3c00c0c9dfe43288b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F17C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F17C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2D18 		96 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d934126d14e4ce060ce2891f76cd49d67bcf882ddebf2415890ae83475659186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F17C 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com&bust=31066121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8fadbfd3d6ccbaaf484f09b1a2df77ac8901b47a99a00c483827a84d40da3bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10740
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4A84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst27DgH6qyXvZr_db2AM9GblsSdTI7GsbaJb0tUU7xs89LfRM264I-rjAZPw87TL0lusTT8M6Ltfuz98YvzQNLIqjnJFd7CwgZlCXlfMxsRMbI3bDGxWOraE8TMon8p_iXesDeIlsM7NPfh4loMWAIwoMf0MESVDASTPAJb2KBjvFKxsT9b-4ayEbE_o7go63daaAxZG_OfLvt9pXjjdTk333Mr0xxsD4Egf4RtWiUgt-_OH1eZvu9xdcgj8paW5ecQ24x-e7vsNyksiJdA7NuepPpHqRR2Fol7gUbxkUpbbO4-XotwjeNpvkeAjn_NIiWeevVhlNc&sai=AMfl-YT5WaMdslpf92YCtLKUNk7Oo4kiOzOGAUS5U6RmZ7vUtEMcl4pWonD4WSGe6F2BcHcfkoOm7DWudMqdhigeAX51Dcbr_DprusNRffrxhw&sig=Cg0ArKJSzCrSoaJP4WJfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Apr 2022 13:02:28 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 4A84 		218 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=threatpost.com&callback=_gfp_s_&client=ca-pub-7500593236707325&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1cc9c219fa400253ea97a9a8e05a2047ec7a53bb945044d0749eaafb092eb725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4A84 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4A84 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A050 		87 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0319dda8bc353609a3f6b03a9d44ccce12e185b9a5bc4f1488b36aeecf3ae727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33135
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4A84 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com&bust=31065971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4b72f6d2ae58c1a97477ce595d75502f331c831bc1d3807ee2a43bf5834d93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10599
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0B6E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
3314
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 12:07:14 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F17C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:28 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F22E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:02:28 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame F22E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:02:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F22E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 30 Mar 2023 13:02:28 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame F22E 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 30 Mar 2023 13:02:28 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame F22E 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1649077347
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:28 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
pjDBkds0tfGOy3avhTLvwrmrL1QRlWqWgqSKoRvcStrO8piVLiHiNw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame F22E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=hN0O78wYC35NjfxFeg-Ooa0mTdoWxi0ojP6OYrV1N11_uVG_RKOOckQku1woPk1RZ1a8lZKeb6ycyLwesgtxvNaoDjj6WysyAVrNmrFynacjnYzHGYwb0iMXXAPTKAQ1_O-TIelajWINVYcNs3Vyi8AB5Eu5cehEnE1hBpdnOtGiYaIV1MfaJP4I_U4dy6WZ6o1AoAjECidkPgJ7LvBnzzvCuYp0JYPmjePBQOYmTHN8SDa9ltbC9ab_A2HEnbYrs0Kg8KcwYaYlnbju4N7_wqQM8A6VXjL0Xe7L5NGSFbot_UtdKKrp0HXu3X2R98sdE0RBWROGFc8yva4tfvsRYAFHR7pp1WrF-eKqY8CliR4PP-tqtKZkxyfJqf9HtOVU4i-rPzRoyswcc_GyQ_yesGcpR9Lji_5K-GPRB_kru8VMMaRxDWYbIb8iXKoJd5xKdiHhig
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:28 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3119501
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4A84 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:28 GMT
animejs.js
static.criteo.net/animejs/ Frame F22E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:02:28 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=YMwIwnYfvEdOCB7pG7_o_SEP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29940014
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11301
expires
Fri, 17 Mar 2023 01:42:43 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoScribbr-B-V-277389DE-2109171301.gif%3Feb%3D1&v=3&w=800&s=Dyl5XmWuJnDTGw9ZS4Nc5xAw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
94b11dcebc7b200b22b9561a3d0807bde8f84b2454063facd429ab5dc43d7b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2357304
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1070
expires
Sun, 01 May 2022 19:50:53 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1138082
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Sun, 17 Apr 2022 17:10:31 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		400 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=800&s=0y_71H41LXRUcFG_iY9j6SKC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=1211332
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
400
expires
Mon, 18 Apr 2022 13:31:21 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZoologischer-Garten-Berlin-AG-158632DE.gif%3Feb%3D1&v=3&w=800&s=U6OI39d4zaYVWdf7nv4kmWLr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
78d6848b6911d7bdaf2859fdf34dc411578f9a59629e1469fcdd57abc7ba5985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1610491
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1784
expires
Sat, 23 Apr 2022 04:23:59 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=800&s=3Z7pKamwHk51W_XnQuTU03dr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=942684
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1770
expires
Fri, 15 Apr 2022 10:53:53 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoContinental-AG-3975DE.gif%3Feb%3D1&v=3&w=800&s=vUmwA-yQVjpisjZCprGLe439&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e070c65fa6115515c6dd68f600a8bbc9ff1271d9d8b235c48723942efc67c3e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=844118
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1274
expires
Thu, 14 Apr 2022 07:31:06 GMT
all
csm.eu.criteo.net/ Frame F22E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=1RBr8olnb9oJ5jnalc9XLjMhFlW3fFs-NwoV78MZoG1ICA_a0nFRnQJ9nlzy4-7rr8HS3x_Z93mxhHGPD6bbsCSV5Ul0qrL6AWcKYqeAmh4bbTdb2_NXwJBOdsSW1dsajL_4_Cp0KsmSXmU2-GIOn5pffogtZwyt84VH0L7oAaiPblA70b6JP25Wqe8Lli8wCZn9vXsP_MhJJhUxTEKQAM5SVV6BleJQ_3seAO4KVI1Oj6RQGhTfmJo5FtofCQIf9sNvog&sds=2&rev=81065&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Apr 2022 13:02:28 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F22E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:02:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F22E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:02:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 333F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:01:40 GMT
expires
Tue, 04 Apr 2023 13:01:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2D9C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7de67172e550589f7ad1103eca613bde127537f6626553253056ca9b236c5f25
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PWd6+7eobVdcO0++KqCw7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-PWd6+7eobVdcO0++KqCw7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:28 GMT
expires
Mon, 04 Apr 2022 13:02:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B6E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
URL: https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:28 GMT
expires
Mon, 04 Apr 2022 13:02:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A2A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:01:40 GMT
expires
Tue, 04 Apr 2023 13:01:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7E95 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e5589f5fda91eda128d0be961de347b90b39bc8af3238bbcbe2fa24d54a5d65c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yzbC5gJPe0TyXUTrILYCFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-yzbC5gJPe0TyXUTrILYCFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:28 GMT
expires
Mon, 04 Apr 2022 13:02:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2D9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=937692232267278&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
pagead2.googlesyndication.com/bg/ Frame 333F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 07:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13731
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 07:39:24 GMT
V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
pagead2.googlesyndication.com/bg/ Frame 4A2A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 07:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13731
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 07:39:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E95 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=3822465940000809&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 333F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YfqL6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4A2A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Z-Ntug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame 2D18 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:17:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 13:02:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 13:02:29 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 2D18 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 2D18 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 2D18 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D18 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 2D18 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:09 GMT
l
www.google.com/ads/measurement/ Frame 2D18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbYrnHmmieukhLHj1aPTEv2pHa0GXpFbzlxlIDcbdYPnMLM_UAiaRl-pKWdK8xh2u6saFZtXy6cUqWhCfBURyt2jrm8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
dfa9fdc9b45632ba17ba59fe64d4dcb5.js
www.gstatic.com/mysidia/ Frame 2D18 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 10:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12015
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 18:36:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 10:20:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2D18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZdGgZOxKYpvRJc-v3gP_mqy4DMCy665o2YXoveMPloLNhYgWEAEg2ILCZWCV0pqCrAegAYKb8bUoyAEJqQJ-zQ1bh32yPqgDAcgDywSqBLgCT9BAigRxY5YPsQM1KGSqeWpr2nUBG41f5OV3m4yCaGTBswxI8Bfwf6Xs1nmXLWVj-7ItMCwrWmW-7fdqfHDoDDJlDkz_AlgccivwYLI_G3-9mubwDYJpLP-oh2IEY2U4sRnKe-UnVOG4rKCVXtQ5U9A427yC2M2jdKxMyz65bvKC36EuQ8k2k-7iP1Nde-venwNoAxR9L7blgdZvejGkmz2vVs-N7IzemdJpv5s2MprXR58PeT1n0VCU4Y-PDW00b62TgbdJastMJ-Uq2v7NNuepy_eGWb6R3yw4-sNv7a56MiglTz-t7qBJeDx5l00uqmBUtbmzmWBGJBXN5hAabgw7IZOGwTzwDbSrvoPqFafdbLzvm1vrRtxGXl-51_5ChcnB3Q1fO9fWlebZdkkCSSI-sQqZ5F-9wASvn6TW7QOSBQQIBBgBkgUECAUYBKAGLoAHgtPBlQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQw4ID0ggJCIDhgBAQARgfgAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTc1MDA1OTMyMzY3MDczMjUYAA&sigh=biS9KLiNh78&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 04 Apr 2022 13:02:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
shopping
encrypted-tbn0.gstatic.com/ Frame 2D18 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQD9PVMhu7msnHFEvMETmI1pdZLUUBYWVuBaw962utTuJvPkCMB&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6f4ca5a5542f2116c568bfac112eb7f19ea09143a54e87c7733587d6be0bfe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 09:16:32 GMT
x-content-type-options
nosniff
age
531957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14238
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:49:55 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 29 Mar 2023 09:16:32 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 2D18 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRF68d1igJUfLw4ueBABDBSCqjO2S1srtz1QXInK3C1GAPXir8&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4117d1ef6b351728bbd00977fc1948bea37ada0740d7c6a8eb59dda4d122189e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 11:38:07 GMT
x-content-type-options
nosniff
age
264262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25118
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 05:06:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 01 Apr 2023 11:38:07 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2D18 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT9sAQQLOHKdsymQsSJNHTmvMjX5ZlIBcSvJKMEh9T-S8XhxRk&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ae66940fbe736cd2c2cfea156ace41b7d90da7484b4e729df84e79df56006d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 07:09:27 GMT
x-content-type-options
nosniff
age
539582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5509
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 13:46:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 29 Mar 2023 07:09:27 GMT
css
fonts.googleapis.com/ Frame A050 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:32:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 13:02:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 13:02:29 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A050 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame A050 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A050 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 13:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A050 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Apr 2022 13:02:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A050 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 12:58:09 GMT
dfa9fdc9b45632ba17ba59fe64d4dcb5.js
www.gstatic.com/mysidia/ Frame A050 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 10:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12015
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 18:36:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 10:20:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A050 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJUPIZOxKYv6hJ4jt3gO8lq-QDMS8t7Rp4feTv_EPloLNhYgWEAEg2ILCZWCV0pqCrAegAeO0j60ByAEJqQJ-zQ1bh32yPqgDAcgDywSqBKwCT9Dek4J0wYuQFoV-M3cFfJ5d12n3LKb_7DBVZKUk1CWaWNoKKHDX03gz6B0fvWR001lYlWn4L5gjmRztebNOSh7Fme-Y-cMam56pTkjZd51W0khU-Q2tmgHeTwZdI4NC6BmI-W-VCMt-zuSOBSY0K8Snpts_nnmTQTQi088KaNcKTgBgSntZa_WlBuMqdDDa4teZwmKIicdIQQSzi8uwvTrIMpp2EBD-XACiQjQe728l7I7mSLazpZnR4Buw4oZvyoQJCHpTp1Y9iiqRXTjb7SmL1tjTa6ktJSW_Xe8f_BRC6e4m5zcbv9i2krHEBb53cjs-EjeFnTXO_zXodGFQfItHawI2Di3noWI8D6qAUaAKaA1RoN0lYMjn4o9v_tEj86O-PEZsJRfYEM0LwASN9cGE9QOSBQQIBBgBkgUECAUYBKAGLoAHhcvw0gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC4nh3SCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzUwMDU5MzIzNjcwNzMyNRgA&sigh=QFyane9ByMI&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 04 Apr 2022 13:02:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/8746330565271833242/ Frame A050 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8746330565271833242/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e835bb6d7c7c4257a23e7478c09a0f2a9e9b25fba9b48d2ce49401b5e96a690c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 14:50:42 GMT
x-content-type-options
nosniff
age
252707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70207
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 17:40:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Apr 2023 14:50:42 GMT
truncated
/ Frame A050 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfbaee8b26c48b6a68b9a5b4311a88d3bb176653902d120d4c1ac711773ac1be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F22A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
25725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Tue, 05 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 682E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
25725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 05:53:44 GMT
etag
48472445140208031
expires
Tue, 05 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2D18 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c1fdfde75967e5ce858444d2ede542d2462dfe8e48a417358d6af86c95cefbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 2D18 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:31:22 GMT
x-content-type-options
nosniff
age
408667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:31:22 GMT
truncated
/ Frame A050 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bd09d2e44f424bfcc92620af406255a45ee9ca293e120bce94fb24f4d23c946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame F22A 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO8wM84WsgpbwSSam7e9OEo&google_cver=1&google_push=AYg5qPLiTyDrC-wt6X6SDQaH-Z0X1lYf5oVRCzvQ1HpDmpN88ZuiTCpsIyX1qGMQ_CXLVB7UGJs0scT6QaUCxPGpicnaZfWYMAgM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F22A
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIeWlOJun1sP8y1EnKmGB0ZEUsEVqg8wvRLDWA...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPIeWlOJun1sP8y1EnKmGB0ZEUsEVqg8wvRLDWAqZhgnwXKTrYaV5Zfj9xig98QIKVj2lsljJ-6BdWLgUFD6s27b0momyAC1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPIeWlOJun1sP8y1EnKmGB0ZEUsEVqg8wvRLDWAqZhgnwXKTrYaV5Zfj9xig98QIKVj2lsljJ-6BdWLgUFD6s27b0momyAC1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPIeWlOJun1sP8y1EnKmGB0ZEUsEVqg8wvRLDWAqZhgnwXKTrYaV5Zfj9xig98QIKVj2lsljJ-6BdWLgUFD6s27b0momyAC1
Date
Mon, 04 Apr 2022 13:02:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame F22A 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKUitPIKnFPJKptX5ux12QU&google_push=AYg5qPKalbYydnp8HCXklYGS-jVFDWSZ_4Q2ILOFpIVtV8mayC2By6QcXBh_P0L-i7wdkrB_z1ewzy7O2krARZ4gwTg5jY5XbsQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame F22A 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPJSLjcs9H3Ui09ql2F1RKE&google_cver=1&google_push=AYg5qPLlBPs8A6wRwVTufq2HxA6kFsKIO-vAi5gsSYshQw3_fYqfl-WwPimbNNKIkmSOfE0qO-IQ0QiFjVd2cU8NvtLQTfl04esB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mu5ap8pfv10fmfl94uloetkrvqckm93v
pixel
cm.g.doubleclick.net/ Frame F22A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UgBsQFGhSn2EPopt8vqv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UgBsQFGhSn2EPopt8vqv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJQ_Qo3FpKQhnTN9p4gK2VuqANXhHJjbWSOQ_izNvT0lLuiUrgKCERjTgWh4-OiMTTO6D7rkwpFiSOHLdTv2L0w5k7f0ag
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UgBsQFGhSn2EPopt8vqv5g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJQ_Qo3FpKQhnTN9p4gK2VuqANXhHJjbWSOQ_izNvT0lLuiUrgKCERjTgWh4-OiMTTO6D7rkwpFiSOHLdTv2L0w5k7f0ag
date
Mon, 04 Apr 2022 13:02:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F22A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJxuX_XMwJH0f1zuwmYmzoc&google_cver=1&google_push=AYg5qPJYjRj33u_1JK441o4NvHaHy-NVMtSijfsEw4hKLLRB_W1K5M5ekoUoLY9sGkAoHxPKBdW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPJYjRj33u_1JK441o4NvHaHy-NVMtSijfsEw4hKLLRB_W1K5M5ekoUoLY9sGkAoHxPKBdWMaX5dQ7I_MbL0KdvsaQp1Jhs9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPJYjRj33u_1JK441o4NvHaHy-NVMtSijfsEw4hKLLRB_W1K5M5ekoUoLY9sGkAoHxPKBdWMaX5dQ7I_MbL0KdvsaQp1Jhs9
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPJYjRj33u_1JK441o4NvHaHy-NVMtSijfsEw4hKLLRB_W1K5M5ekoUoLY9sGkAoHxPKBdWMaX5dQ7I_MbL0KdvsaQp1Jhs9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame F22A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNg...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame F22A 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWwdPOxxSP-VJNEgaZe5Zlm6fYxLjkB7YqFGLTc3GG5HCX7Y2eCLA0nwKJjX8WSJKNay9R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A050 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
496960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:59:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A050 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:07:55 GMT
x-content-type-options
nosniff
age
492874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 20:07:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A050 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 16:37:56 GMT
x-content-type-options
nosniff
age
505473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 16:37:56 GMT
dpixel
cms.quantserve.com/ Frame 682E 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO8wM84WsgpbwSSam7e9OEo&google_cver=1&google_push=AYg5qPLLOCg1-A10U_a0PAGfVszwvUEUvqpBlumuypSPUB4zmePiEvRFHehQWI90z6BLsuTBVFLSzIvnf-NExTsyo58sIHT5wbk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 682E
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJKaNAe-eizVe8_y5ciGHDjw86f_RSN9g71x5O...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPJKaNAe-eizVe8_y5ciGHDjw86f_RSN9g71x5OfVJwQ0PH8MWx1PYiRfKv8cf-551SORBI64F_IrhgufKI-hErwN3AgyxE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPJKaNAe-eizVe8_y5ciGHDjw86f_RSN9g71x5OfVJwQ0PH8MWx1PYiRfKv8cf-551SORBI64F_IrhgufKI-hErwN3AgyxE
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtyc1lRQUFBRnp2NGdRUw&google_push=AYg5qPJKaNAe-eizVe8_y5ciGHDjw86f_RSN9g71x5OfVJwQ0PH8MWx1PYiRfKv8cf-551SORBI64F_IrhgufKI-hErwN3AgyxE
Date
Mon, 04 Apr 2022 13:02:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 682E
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKkJ6I1HzOF3KBPanf-5R_X_JpNjmoy2GbpY-ebAWgESmALI0WUj_BQ21Bq0YHQ3-X-Ods4fnwJfd9QZ8CNrRKRbX93xv0&google_gid=CAESEL_LfPuUj6y0kPIm35-YiLE&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOXYq5IGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLa0o2STFIek9GM0tCUGFuZi01Ul9YX0pwTmptb3kyR2JwWS1lYkFXZ0VTbUFMSTBXVWpfQlEyMUJxMFlIUTMtWC1PZHM0Zm53SmZkOVFaOE...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdjhpNmZaZUVVMTRhLWlFdkM2R05wRE00U2VIRHNjR2MyUFA1SGFFUWRhSQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdjhpNmZaZUVVMTRhLWlFdkM2R05wRE00U2VIRHNjR2MyUFA1SGFFUWRhSQ==&google_push
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdjhpNmZaZUVVMTRhLWlFdkM2R05wRE00U2VIRHNjR2MyUFA1SGFFUWRhSQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame 682E 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPJSLjcs9H3Ui09ql2F1RKE&google_cver=1&google_push=AYg5qPJ1AmTocjEceJPAEqEpsrCmKy8xn8y9x9x-ecNT00QhZtPZAmK_hqxYmKSDMPzVw2oKnvfv4lrxFH0t4k_ZVPZjsRUaMm8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
oolnt2vr8e53f25408vvcebkqu0sm73i
pixel
cm.g.doubleclick.net/ Frame 682E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pE4oCbs0TLmvJ8Yu6sAvNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pE4oCbs0TLmvJ8Yu6sAvNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKS2HFZM_RLpicjJZ_Vu2fH-iUVG66qKzptlfCn6PTkcGmwxPuvCC4_nauX6VxLfacpVazyGu_yZBJ4MuuztizINb2xhnk
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pE4oCbs0TLmvJ8Yu6sAvNQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKS2HFZM_RLpicjJZ_Vu2fH-iUVG66qKzptlfCn6PTkcGmwxPuvCC4_nauX6VxLfacpVazyGu_yZBJ4MuuztizINb2xhnk
date
Mon, 04 Apr 2022 13:02:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 682E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJxuX_XMwJH0f1zuwmYmzoc&google_cver=1&google_push=AYg5qPLDF2Wn4fSGFcUkEU3HtD8F8YKfLllTzEpLAL-bTm6OD6hsxoikomJitFD00FQ510v2m2Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPLDF2Wn4fSGFcUkEU3HtD8F8YKfLllTzEpLAL-bTm6OD6hsxoikomJitFD00FQ510v2m2QUTGSTKJQi4M1ppxiBi6tYdLs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPLDF2Wn4fSGFcUkEU3HtD8F8YKfLllTzEpLAL-bTm6OD6hsxoikomJitFD00FQ510v2m2QUTGSTKJQi4M1ppxiBi6tYdLs
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ&google_push=AYg5qPLDF2Wn4fSGFcUkEU3HtD8F8YKfLllTzEpLAL-bTm6OD6hsxoikomJitFD00FQ510v2m2QUTGSTKJQi4M1ppxiBi6tYdLs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 682E 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 682E 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jf2IE4OpWCq6HNZ_LLHCDrEyoZrRjeo0ekkWdAtz1lRyE7NJA9N83LeQ7ZmFtyoK8U7Tu2Xw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
pagead2.googlesyndication.com/bg/ Frame 0370 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=600&slotname=7785652766&adk=2248810365&adf=776186306&pi=t.ma~as.7785652766&w=300&psa=0&format=300x600&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347878&bpp=6&bdt=511&idt=554&shv=r20220330&mjsv=m202203310101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=2&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=2130028173&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1082&ady=1741&biw=1600&bih=1200&isw=300&ish=600&ifk=3962463365&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31066121%2C31066017&oid=2&pvsid=937692232267278&pem=729&tmod=2119723881&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b7urfig5fkms&btvi=1&fsb=1&dtd=671
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 07:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13731
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 07:39:24 GMT
V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
pagead2.googlesyndication.com/bg/ Frame 71E2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186307&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fgoogle-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch%2F179103%2F%3Futm_source%3Dtwitter%26utm_medium%3Drss%26utm_content%3Dnews&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649077347925&bpp=10&bdt=585&idt=603&shv=r20220330&mjsv=m202203280101&ptt=9&saldr=aa&cookie=ID%3De5465bdbb129e03e%3AT%3D1649077346%3AS%3DALNI_MbkkWB9lZeKVyaU7of8BXqQ6JB_Fg&correlator=77021841098&frm=23&ife=4&pv=1&ga_vid=1501078788.1649077346&ga_sid=1649077349&ga_hid=1619223790&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=416&biw=1600&bih=1200&isw=336&ish=280&ifk=92314571&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065371%2C31065971%2C21065725&oid=2&pvsid=3822465940000809&pem=729&tmod=2103969428&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.catr30n4zf3o&fsb=1&dtd=676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 07:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
19385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13731
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Apr 2023 07:39:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D0B0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwjc5xU6czRl1mQcOkMtP_LaQGR-GRBPqsf4PnXGbMGSBWOzCGg0GIaPUtuCp84x-zZqnjIk_cEv0qiAJi6Cy0&sig=Cg0ArKJSzAqtJyQUaimhEAE&id=lidar2&mcvt=1026&p=8,315,258,1285&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4166723991&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649077347337&rpt=1079&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://threatpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Apr 2022 13:02:29 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1247
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 27D7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=3Z3bsXxlOXJ3L3hER0FLRVpwTDRkWUxQcFdmR3JsZjhZKzloNWF6WVpNUG9pZUVZOWwzdHVYVWdTbTl5VFAzclZ3d0NrbVMvYU9Rc3lrRStBWmhNS1ZXY1BFTXU4TldQZG5zWGxQQjRleDBXbFNEQ0F1S1M4TWsvVGpqeU...
345 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3Z3bsXxlOXJ3L3hER0FLRVpwTDRkWUxQcFdmR3JsZjhZKzloNWF6WVpNUG9pZUVZOWwzdHVYVWdTbTl5VFAzclZ3d0NrbVMvYU9Rc3lrRStBWmhNS1ZXY1BFTXU4TldQZG5zWGxQQjRleDBXbFNEQ0F1S1M4TWsvVGpqeUdvUk84T3JwUko0U3FVZWFSdE85cTE5MFJVZ0VOcHIrSFJ5N2ducllHNnhlSEVNemVsa2tmcFhBUDhCd3RlYitJVjhlZFR3S0x6VlRTbzA2WWJ2YWVQSUY3SFM0MGxNamZ1Z1ZPUmV0b0F4cU41R3JLYWRjPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
450927ad79b0f7b072e03740912d08026dbcb25f21ca69fe6edd133c05ada3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2906
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
location
https://mug.criteo.com/sid?cpp=3Z3bsXxlOXJ3L3hER0FLRVpwTDRkWUxQcFdmR3JsZjhZKzloNWF6WVpNUG9pZUVZOWwzdHVYVWdTbTl5VFAzclZ3d0NrbVMvYU9Rc3lrRStBWmhNS1ZXY1BFTXU4TldQZG5zWGxQQjRleDBXbFNEQ0F1S1M4TWsvVGpqeUdvUk84T3JwUko0U3FVZWFSdE85cTE5MFJVZ0VOcHIrSFJ5N2ducllHNnhlSEVNemVsa2tmcFhBUDhCd3RlYitJVjhlZFR3S0x6VlRTbzA2WWJ2YWVQSUY3SFM0MGxNamZ1Z1ZPUmV0b0F4cU41R3JLYWRjPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2053
content-length
482
expires
0
ixmatch.html
js-sec.indexww.com/um/ Frame 12A9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:29 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D119 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:29 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8339 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=41041
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:29 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 00:26:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1860 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=41041
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:29 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 00:26:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame C02E 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
d169d3a4b1033d3230aac154b9ec04e736c19849382d1b8327a82228b2b3b588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Mon, 04 Apr 2022 13:02:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5435 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
26887
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Apr 2022 13:02:29 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 01 Apr 2022 05:34:16 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 540383
X-Served-By
cache-lga21970-LGA, cache-hhn4069-HHN
X-Timer
S1649077350.629328,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 397A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
26887
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Apr 2022 13:02:29 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 01 Apr 2022 05:34:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 559180
X-Served-By
cache-lga21970-LGA, cache-hhn4026-HHN
X-Timer
S1649077350.629388,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 80C5 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid6.7.0-1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
d169d3a4b1033d3230aac154b9ec04e736c19849382d1b8327a82228b2b3b588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Mon, 04 Apr 2022 13:02:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame F17C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=937692232267278&bg=!b2ylbCjNAAZku-1yRLs7ACkAdvg8WjE6OOu6ETbkpLe_QlcClxY0dp1UI7VtuYv6OG5gf-e26Jnw1wIAAACbUgAAAAJoAQeZAuMTSALCyH9arj-raq1sfboIjCcFFU96dIPF5t_JnD3svVdpSP5GMpvwHY81YBeSH-a5woQ1SnYRB8G-bZEzNv0tgZSoJfzM9TWotQHBYPcgzXgz_LKMWEM0QoPitI40OXBIsTmDGLd_KWwSElIqvAf10SxUk2SpG-6zKHKYJgfQ1S1c9x7NcvMbAcoLV28AdUTpcm_ZMf8bmBDs4ybQ6raPswhfcL-TBuWEpE3xjZFcxoCQMABiW_4CDYaYlBs6UFDoVvc4E9Yu9FQiSceLYk97_xnaZvmcw798UG6bLTMcukAKcULC0xIuQV7tPAUWYuobO4MQynTs8SLpyrddBdAk4V7lVblXt3Oz2ETtZlTZh2fkWyDWsuL3JWNmexPNTM0cO_IZEMO1redVWYiDBaGSFQjO7K3eKw46WE-5qQsWXq8GTYcvmCFpo0QnODDew4uW4fHkxbbK3O3aMo2Xz2M7T-HI9lDxkOmCE8l3ZvliiiR7479I1eg3hgL42akiXoehm-yaRgoGrzDwLLXHJ9Bf77NXSzmdVPoqww1BHL3tUdKnl87CEWS7MF2hqI0y0rRG1wQUCg_3v6QqlOqD3cbSUiZm42R6WqzkTSN3yLnmWa2rLkxqAQ7qE4yNjVtA6C5wk_7JBmZZrzmmcbMUabPc1NQf-nkDm2p1gMqWkEbPno0Ds0e6kyGttXE_eVXCtp80OUewz3ZEVDS9iCrjlh_q7DoGLXEALluYEXkjiE8LKqadtq5kdZ9XInam-O5_vTt6NGPX6TU2EelIj160acyr0rmrcCrNYcovqvDaiXoXOzwKFY3RaQ7p3SGno12oZDSrAj_jUUNvHJXA9pq3QAJewOVjYP-qs1XUTTsBnQDU2mHeNFPprw49ScUgnJKfgNNzXTFCuJ4v4vT2G5z8dSpK5pXxO6Eg-M7ut1xbTOlUYG3TFbSyFhQjFEnh0SCg_6JgjW_whTJRHH8TLg4S1J5TB1kl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A84 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=3822465940000809&bg=!y8ilyIzNAAZku-1yRLs7ACkAdvg8WgjFojYu6HxrjHGQYaz3hKnJxLfgnLggXufz0nHIsGq0l70qcwIAAACNUgAAAAJoAQcKACI4dCVndcg2sRCRS51e_j6qQ2Em9FOXyj54li9j8L16N2B2mQLpxnpDexRLVZTvnaVquxmtVnW_n-kDtz-ERLU7erGiquJf1cKmqN1L6vN6mrEywFht6iRG4EI-RPFZjVkalC9AUZm7NUgvPqKkx6BctYkqOnSYSS-htOxzMAPTSc4xm92Ii2AolOq7KToI5CMli6FNQ_RGOgCHGuMjAbtMjomBCkDH_ru2TnuK34Tk9FAANixPiVVe-lbptf2xR71jy98p5XUOTQ3eKgwtovGn-1aiFjFpv0PbP_j2OaofULkIInwn_5v3JDSLBWImAewOzhXia8rhCgTRS1x6gCdwJCbu8esC2uYyp36tGNImsd-gAAi54RAisJRJEZl8GOz1VmXgiChO-9E58LsOdO5EEEHQ4UGAPjkFk9yARxJO9QaH2Sqrb6k08Bza8Y9MIlezs1a1BgLJATljzpvZLYPgW0DufvFzWtwK2ykKSGPoonujlu0pPD2PchE1K7vlp9rLXNoOoDY7SKGQwWgY9Rfjv5irowOMThPmW5KIPE2e5SwJRos9FZ3GarfW9GnBvSg9jHDJRRfCQROexX1MpP6R-tn3iKCIPFTxZIzb8tqzXxYzOikIWWkfj2bWlmCWfEG8OMnVSjjS7L7-iYpBJVaZVUjRO8H1aqTURX6QLnTcOoAn_QrbG1aJXr2AfB8_B78rkAAYebegFwSeFncJ9nKurP-DcVHJKSiObCB7B0BA4f3WfYtGUVknT1rPNTZUzcae9CFHNLsAAPjk3MfigYkHmpw975EI8-hqC3EikBXBISDS_m3_ipiW8bc-zDoh70n57lJspq235U3oWmTbqh-Ly2gQOGV29sP1RJliCUgER9dOF3-BEyT9gfN1khhZkdL8TBTngV4bf90mclsn6JJwEadKQwS991JRNIHLqFEiswNopIU8g6GvUytrB1GUtqVDDD-MH4hjKQP6uH9z9RcK8roA0TKInOkJX4OoHLX5PyRBYn2NHBsNhiKLOEqF5KFEB4U7ELfvwaxGPM7mGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A84 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrTendF2GCa1N57tP4znJ5sjHLokLozHA6OjzOT-42IGmJEPKRNBQGKsdmDxIqjO3t5viRulzBRzUahCWIKEn7kI5EB2BM4BlOoxLOPSKqcdL1SNKk&sig=Cg0ArKJSzNzt5c5QApm5EAE&id=lidar2&mcvt=1007&p=416,1064,696,1400&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220330&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1414505084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649077347340&rpt=1236&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C02E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff8e624a-ec65-4d00-b348-4e33eb4c2ada
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff8e624a-ec65-4d00-b348-4e33eb4c2ada
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 04 Apr 2022 13:02:29 GMT
Server
MT3 4320 2f2dfe5 master cdg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ff8e624a-ec65-4d00-b348-4e33eb4c2ada
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Apr 2022 13:02:28 GMT
sd
us-u.openx.net/w/1.0/ Frame C02E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C02E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4730746617753112390
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4730746617753112390
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4730746617753112390
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C02E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=204fcf02-209e-743e-cc16-9a04f3181532&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C02E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGMyMDFjYzgtZTllOS0yYTlhLWQ5ZjYtYzBiZDM5ZmFkYjUy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C02E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 80C5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d91624a-ec65-4500-8419-8b05b61f5bd5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d91624a-ec65-4500-8419-8b05b61f5bd5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 04 Apr 2022 13:02:29 GMT
Server
MT3 4320 2f2dfe5 master cdg-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2d91624a-ec65-4500-8419-8b05b61f5bd5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Apr 2022 13:02:28 GMT
sd
us-u.openx.net/w/1.0/ Frame 80C5
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=vxR2G-xFdEikEHYfvEVvG7gXekmkQyNP70dMIY2c
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 80C5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8166380972068872673
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8166380972068872673
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8166380972068872673
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 80C5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=204fcf02-209e-743e-cc16-9a04f3181532&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 80C5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGMyMDFjYzgtZTllOS0yYTlhLWQ5ZjYtYzBiZDM5ZmFkYjUy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 80C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENPXRz3LSHAaBggPElVuKH8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5435 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:29 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
23ad8e41-1d40-4a10-88f7-dab4cf53b107
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 397A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:29 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
22321bb8-975e-49c7-8f94-60ede6c4c1c4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3Z3bsXxlOXJ3L3hER0FLRVpwTDRkWUxQcFdmR3JsZjhZKzloNWF6WVpNUG9pZUVZOWwzdHVYVWdTbTl5VFAzclZ3d0NrbVMvYU9Rc3lrRStBWmhNS1ZXY1BFTXU4TldQZG5zWGxQQjRleDBXbFNEQ0F1S1M4TWsvVGpqeUdvUk84T3JwUko0U3FVZWFSdE85cTE5MFJVZ0VOcHIrSFJ5N2ducllHNnhlSEVNemVsa2tmcFhBUDhCd3RlYitJVjhlZFR3S0x6VlRTbzA2WWJ2YWVQSUY3SFM0MGxNamZ1Z1ZPUmV0b0F4cU41R3JLYWRjPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Apr 2022 13:02:29 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1120
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
all
csm.eu.criteo.net/ Frame F22E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=1RBr8olnb9oJ5jnalc9XLjMhFlW3fFs-NwoV78MZoG1ICA_a0nFRnQJ9nlzy4-7rr8HS3x_Z93mxhHGPD6bbsCSV5Ul0qrL6AWcKYqeAmh4bbTdb2_NXwJBOdsSW1dsajL_4_Cp0KsmSXmU2-GIOn5pffogtZwyt84VH0L7oAaiPblA70b6JP25Wqe8Lli8wCZn9vXsP_MhJJhUxTEKQAM5SVV6BleJQ_3seAO4KVI1Oj6RQGhTfmJo5FtofCQIf9sNvog&sds=2&rev=81065&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkrsYgAM-y0Kd6gCAAjmXKOPr3k5W6TAs5Ptxg&u=%7CGQ95cDxAnv4PVa%2FDXMm6i2lLuNFLidBv%2BCLUN%2FuXOfY%3D%7C&c1=jWCgqsKSUoXC60NcOL-y1fMy5lnEQC-emXTZYJoBCoL4aT06iT7RqPcek5TMGKUa1G2eEOqSbExSwJ3kCr0VeHVl95_uMok9qSR76puEQk5cHB3jRv4MYXuFuRf03XxgyphU5anpyyiuUt8zFbf4EMa-yGH1CIpOquMkAOOYXJX-EtrWX7Ruyk0-YsEekLKai8ZJL5VgZL8-aXu3u8DAxUtkZP9QPp4qvDrxHALOnpmOthokS3PHBXv0vPalHmzJ7suxD6iPe5nfA2tlBy0V_4fEXPGfJM9_Xy7A9KKnoJRAw3Fz3__tPZz1zvXrKiezn-bDEfhn2wrgcL-2TGYcT6J-JquWDLaNg8Mw4sldTALVYpNk7QU0JH87yNNNU4Am2pVXOiGnOLQpryeJAhWebnFyjNXLq0-YkEH9w8ouO2mMgubtjdW_cbTL3T1TS7IdVLVgqk2D4pU9KqudB0JdQqVF_Eus_AgG-b5ToQvs4eo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC68zkYuxKYq32M4LQ3gPczKM4yZ7SsVzVnZH3cMCNtwEQASAAYJWy-oGUB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1oAHVttLqA8gBCakC-EeJzJ1_sj7gAgCoAwGqBNcCT9DrxptT058vsOmPJu1csL5GDpaIhI3OmLZQNnLxKI6C42xGAazZB-THk707OHU4n3OSXgFWF04VW_TnCrXZAHAEWBf9sQbvESJ8A5NLVJ4HHrku-aj0y_vOjJKSW7iP3bABFnxNS2FNiplZUu_setC1ZiEESxEMINdPwF_1-4uiBUEjEpqb65QpWd5nojH5QMOSDR6A8s_I-U3lE7mfTY1ppyH9Js0X2-iZcWLkNpejZS-iJL84TqX7A23d4soi-Bp8540U-93IxsP7zHmR_DFcyPMFTmv-11AuY47u_P_zEko45g_dcS5BzJ9VTp_I4bjbz5Lwf-Qg6dAgsw98ZQxXprGiwlJ6XQ6OU81oKXNNdwGvKXnjazE1cZAvrKRpbolCh11FxrITH93FmFu8nap6Z5Zp__nyRNspZtX7i3JC5VdeZv-_ZxS_PC-tGlaR5skG6Q859-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBQiIYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3LsZLMuo5fpFH_SCwBu-Ejpigo4w%26client%3Dca-pub-4113681882311455%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Apr 2022 13:02:29 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame A050 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshiCoSWOe_1kEleORuOp5CpYb-62GL-LPQy2Rle4EblPbT_pCMIURgA8YLIsyXZbbVGPpVlz8OMo48uuzmhel6BKZHKhcWxmJlgAxZcWWn1FGPwNtdiQ&sai=AMfl-YRMUHLZIMGHbc-1QOt4LWQezz6MUh0hsUZK4GwYIRTK747jOSZkOoPUJEf3tlKHClOUxF_4WLX6zd1IDgXRoWbENYZ2s7TkKAGqFwxMxPn8eAaKVOqu1MAKIGFd&sig=Cg0ArKJSzD2CYY4IniPTEAE&cid=CAASF-RoOO3q4qb8yVPUZ4K7K0Mxy28-ZupG&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2662501839&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649077348611&rpt=756&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
async_usersync
ib.adnxs.com/ Frame 5435 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:30 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a286fed3-fdc0-4e85-9f46-7078157cb7ba
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 397A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:30 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
12bf3b9d-8f4a-498e-ba48-7e60027a4781
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
public.servenobid.com/ Frame E2A9 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0849eef021b381cb3f64d424bdd29839513dbb4e964aef0420136906426a18de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 04 Apr 2022 13:02:31 GMT
etag
"866b66bb3ccc5c8de41913672c69b8f7"
last-modified
Tue, 15 Mar 2022 23:39:48 GMT
server
AmazonS3
x-amz-id-2
Whw4gUaF5qRRhOMRwKptf7o3l9ebgSMjvbEzTldEI0EueT2RFJ+3BSTsvbolN0hYAMyfIX5wp5A=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:a4519585-d31b-4588-8499-6641ec459b43
x-amz-meta-codebuild-content-md5
d97b029b026ab1b5da9f71fc8f6cf19a
x-amz-meta-codebuild-content-sha256
1bd3623b950dcf081744ebf0150c6ff72edcc5cbd4a3ea8293d7f9c29b2e9c0b
x-amz-request-id
HXRZQT963RTZSQMT
x-azure-ref
0aOxKYgAAAACaxMzpPUcoQaKgXRjbSGqdQkVSMzBFREdFMDQwNwA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref-originshield
0B9ZKYgAAAACZa7PyionRSpaoccUupXqQQU1TMDRFREdFMTkwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E709 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=41039
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:31 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 00:26:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame C39F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:31 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 04FF
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
8b71d29a8e8056bafe95386548a5d5c284d9afda70feeee8e82e33a9be6ed265

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 13:02:32 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 04 Apr 2022 13:02:32 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
eu-u.openx.net/w/1.0/ Frame 27BA 		542 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
47aae96301ccc90eb99c9f1e043f25930d33ea7b9fedb78ea93dcb9723322696

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
340
content-type
text/html
date
Mon, 04 Apr 2022 13:02:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
2000891.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 2E04
Redirect Chain
  • https://sync.serverbid.com/ss/2000891.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=28235
Connection
Keep-Alive
Content-Length
4947
Content-Type
text/html
Date
Mon, 04 Apr 2022 13:02:33 GMT
Last-Modified
Wed, 20 Nov 2019 20:29:05 GMT
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1649077352.dop137.fr8.t,1649077353.cds057.fr8.shn,1649077353.cds057.fr8.c
age
475
etag
"1b0ebac83fe30af80513039edbdf566f"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
tx0000000000000030c4c55-00624a0758-14d1e796-nyc3a
x-rgw-object-type
Normal

Redirect headers

cache-control
no-cache
content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
usync.html
eus.rubiconproject.com/ Frame 78AB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:32 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CDC8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
26889
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Apr 2022 13:02:31 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 01 Apr 2022 05:34:16 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 540428
X-Served-By
cache-lga21970-LGA, cache-hhn4069-HHN
X-Timer
S1649077352.975250,VS0,VE0
beacon
ap.lijit.com/ Frame CFDB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13394437
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Mon, 04 Apr 2022 13:02:31 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1
dds
rtb.openx.net/sync/ Frame 27BA 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:31 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hf4b9c5ego1dokr5p73b927v38k25rus
b488a946-b032-e677-fdc1-8cf10c4fd87b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 27BA 		43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/b488a946-b032-e677-fdc1-8cf10c4fd87b?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:2e02:fe1c:9c40:529 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
eu-u.openx.net/w/1.0/ Frame 27BA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ncf50Y081NBmlO5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ncf50Y081NBmlO5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:31 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=ncf50Y081NBmlO5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 27BA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=613af705-9966-4c10-bc6c-e2f98394d1e5
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=613af705-9966-4c10-bc6c-e2f98394d1e5
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=cd207872-7f33-4be8-8857-735adcdd8257&ssp=openx&expires=30&user_group=5&bsw_param=613af705-9966-4c10-bc6c-e2f98394d1e5
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=613af705-9966-4c10-bc6c-e2f98394d1e5&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=613af705-9966-4c10-bc6c-e2f98394d1e5&gdpr=&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:33 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=613af705-9966-4c10-bc6c-e2f98394d1e5&gdpr=&gdpr_consent=
Date
Mon, 04 Apr 2022 13:02:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 27BA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1664355947555136799
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1664355947555136799
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dec5ce22-1dea-47a6-896f-2b2483e05fc1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1664355947555136799
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox
match.prod.bidr.io/cookie-sync/ Frame 27BA 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.3.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-3-215.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CDC8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
53e3d0b7-e3bc-4891-b6a2-0a38ca0c4f62
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 78AB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4e4cb4b7e0d4a670b5cf6548fa4f4f146cb417bebe9f8991ba7d65d517593e53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28746
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Mon, 04 Apr 2022 21:01:38 GMT
img
pix.eu.criteo.net/img/ Frame F22E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoScribbr-B-V-277389DE-2109171301.gif%3Feb%3D1&v=3&w=800&s=Dyl5XmWuJnDTGw9ZS4Nc5xAw&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
94b11dcebc7b200b22b9561a3d0807bde8f84b2454063facd429ab5dc43d7b6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:31 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2357301
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1070
expires
Sun, 01 May 2022 19:50:53 GMT
generic
match.adsrvr.org/track/cmf/ Frame 04FF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 04FF
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 04FF 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04FF
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAwMzM0MzY5NzAyMDYzNjY2OTkxNQ%3D%3D
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 04FF 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1003343697020636669915&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F067577984354638AB53024DEE9FE7F6 Ref B: FRAEDGE1407 Ref C: 2022-04-04T13:02:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXb073IEzQGpbHnBZYyFg==
xuid
eb2.3lift.com/ Frame 04FF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1003343697020636669915?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xNt5ER9E2oQ0fsqiPh5LaBwAAX_j97U0VtSxWwS5Vg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xNt5ER9E2oQ0fsqiPh5LaBwAAX_j97U0VtSxWwS5Vg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Apr 2022 13:02:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xNt5ER9E2oQ0fsqiPh5LaBwAAX_j97U0VtSxWwS5Vg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 04FF 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1003343697020636669915&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 04FF 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1003343697020636669915&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:31 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 185FF3F70F9E429DA268F4018CBA38E9 Ref B: FRAEDGE1206 Ref C: 2022-04-04T13:02:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 04FF
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1003343697020636669915
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1003343697020636669915&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1003343697020636669915&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4SQ9M9HMW1E6KEE2WYAX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1003343697020636669915&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 04FF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
13926
g2.gumgum.com/usync/ Frame F103 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e6846f750959d98e6eecdc6b904a1b90516a8405e4fc5c209649a7b3e0112360

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Apr 2022 13:02:32 GMT
etag
W/"0b807634dda62cac5adc36a48ea14e292"
server
nginx
timing-allow-origin
*
ps
pixel.33across.com/ Frame A058 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:31 GMT
server
33XP003
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame F794 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame E171 		777 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b1ef662270ba47324caccb1ae542e1b4dec067af422a342c83a2549f544476d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length
777
content-type
text/html
date
Mon, 04 Apr 2022 13:02:31 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CCA3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2afff3ee5166bf10f63309d39faeb09bd03b29723bfb1f3641fa2fd81a843988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1737
Content-Type
text/html
Date
Mon, 04 Apr 2022 13:02:32 GMT
Dropped-Udsids
241|230|39|45|13|130|176|3
Expires
Mon, 04 Apr 2022 13:02:32 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
sync
ads.servenobid.com/ Frame E2A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1664355947555136799
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1664355947555136799
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
363d918b-3661-4434-8659-383aa3e36d73
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1664355947555136799
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame E2A9
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=c973407aa08308819fb7ad04
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=c973407aa08308819fb7ad04
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=c973407aa08308819fb7ad04
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame E2A9 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Apr 2022 13:02:32 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
rmpssp
sync.1rx.io/usersync2/ Frame E2A9 		0
0
sync
ads.servenobid.com/ Frame E2A9
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5131077721067698872
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5131077721067698872
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5131077721067698872
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame E2A9 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame E2A9
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=4b5900e0-cf97-4ace-9daf-16205d8ea36b&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=4b5900e0-cf97-4ace-9daf-16205d8ea36b&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=4b5900e0-cf97-4ace-9daf-16205d8ea36b&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 04 Apr 2022 13:02:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame E2A9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-0PTNXalE2uGAglUN0PwlhC6xKz3gikfI0veEky8-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-0PTNXalE2uGAglUN0PwlhC6xKz3gikfI0veEky8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-0PTNXalE2uGAglUN0PwlhC6xKz3gikfI0veEky8-~A
date
Mon, 04 Apr 2022 13:02:32 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame CCA3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MZEGXZ1PJNZ5XHEMV06R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZWEFRM1SZ1CD1RCZZTRZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCA3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CCA3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame CCA3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkrsZT8zjabB7Ro.6wDdUQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBh8f1f7B-traY2u6N6XWcU&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBh8f1f7B-traY2u6N6XWcU&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 13:02:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBh8f1f7B-traY2u6N6XWcU&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame CCA3 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame CCA3 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.3.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-3-215.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame CCA3 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame CCA3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=1&gdpr_consent=
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 13:02:32 GMT

Redirect headers

Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
MT3 4320 2f2dfe5 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Apr 2022 13:02:31 GMT
sync
ads.servenobid.com/ Frame CCA3 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
setuid
px.ads.linkedin.com/ Frame 78AB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1KQ2NT8-N-2BVI
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1KQ2NT8-N-2BVI
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DBA4712854914821A3243DF039683399 Ref B: FRAEDGE1407 Ref C: 2022-04-04T13:02:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXb073NqtBJVe9GbByvZA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1KQ2NT8-N-2BVI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 78AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 78AB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLUTJOVDgtTi0yQlZJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 78AB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NPWhYqKdRc2aQk_Crn4o0Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NPWhYqKdRc2aQk_Crn4o0Q
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NPWhYqKdRc2aQk_Crn4o0Q
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VSVR5A0K2MWFZAHERBFS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NPWhYqKdRc2aQk_Crn4o0Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 78AB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0foRY9Z-TjiAOsJ4T2T5Aw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0foRY9Z-TjiAOsJ4T2T5Aw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0foRY9Z-TjiAOsJ4T2T5Aw
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5SCGN88EZHYC9P53T09E
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0foRY9Z-TjiAOsJ4T2T5Aw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 78AB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 78AB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1KQ2NT8-N-2BVI&sigv=1&esig=2~9d37c0f2caf936b7f4b787e61de036618d862690
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1KQ2NT8-N-2BVI&sigv=1&esig=2~9d37c0f2caf936b7f4b787e61de036618d862690
Protocol
H2
Server
2a00:1288:80:807::1 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:33 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1KQ2NT8-N-2BVI&sigv=1&esig=2~9d37c0f2caf936b7f4b787e61de036618d862690
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 78AB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/oUucJH6nmMYWeHRoTdEoXQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3098776790394225786
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3098776790394225786
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Mon, 04 Apr 2022 13:02:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3098776790394225786
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
ads.servenobid.com/ Frame E171 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1107490994416127515&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame E171 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame E171
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=28d3328f-2efd-4242-89ba-438a57aa0241&gdpr_consent=null&gdpr=0
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=28d3328f-2efd-4242-89ba-438a57aa0241&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=28d3328f-2efd-4242-89ba-438a57aa0241&gdpr_consent=null&gdpr=0
date
Mon, 04 Apr 2022 13:02:33 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E171
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8166380972068872673&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8166380972068872673&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
nginx
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8166380972068872673&gdpr=0&gdpr_consent=
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
redir
rtb-csync.smartadserver.com/ Frame E171
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFFWE7EldkAADcMNZDlzg&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFFWE7EldkAADcMNZDlzg&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFFWE7EldkAADcMNZDlzg&gdpr=0
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1664355947555136799
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1664355947555136799
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2be622e-2cc8-4541-9229-4a4614c44558
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1664355947555136799
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame F103 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ac4f9c03-98ba-402f-a6ba-17105df9e665&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame F103
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28YLgQhxftzadEKioEw3xWEcKmsWUlj2HtOFYkwluEOu4EACJpj2C8JSJGceu7UQPQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ac4f9c03-98ba-402f-a6ba-17105df9e665&obuid=ENC(YLgQhxftzadEKioEw3xWEcKmsWUlj2HtOFYkwluEOu4EACJpj2C8JSJGceu7UQPQ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&redir=true&apid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:33 GMT
Cache-Control
no-cache
X-TraceId
9fbf7edeb46146640be7c3e6fdb27b43
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
date
Mon, 04 Apr 2022 13:02:33 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=d7726b72-088b-4c68-ab6d-8ae93b481474
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=d7726b72-088b-4c68-ab6d-8ae93b481474
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 04 Apr 2022 13:02:32 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=d7726b72-088b-4c68-ab6d-8ae93b481474
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-ae3f4c31-88f5-487a-745b-9c383c23faf1$ip$84.19.175.183
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-ae3f4c31-88f5-487a-745b-9c383c23faf1$ip$84.19.175.183
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-ae3f4c31-88f5-487a-745b-9c383c23faf1$ip$84.19.175.183
Date
Mon, 04 Apr 2022 13:02:33 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-9LERLFRE2pctysAcCCR7XzTlMLr_Qew4OsJN~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-9LERLFRE2pctysAcCCR7XzTlMLr_Qew4OsJN~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 04 Apr 2022 13:02:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-9LERLFRE2pctysAcCCR7XzTlMLr_Qew4OsJN~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=7df94c00-b417-11ec-aad8-9f94043e2d80
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=7df94c00-b417-11ec-aad8-9f94043e2d80
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=7df94c00-b417-11ec-aad8-9f94043e2d80
Date
Mon, 04 Apr 2022 13:02:32 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
7df94c01-b417-11ec-aad8-9f94043e2d80
services
sync.technoratimedia.com/ Frame F103 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.63.138 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:33 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
488155531
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame F103 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ac4f9c03-98ba-402f-a6ba-17105df9e665&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=8XMS5r-ad0ECWazPbaCL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OCYJVJTK4RNMFSDARKDK5QXUUDCMFBUYJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=8XMS5r-ad0ECWazPbaCL&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=8XMS5r-ad0ECWazPbaCL&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=8XMS5r-ad0ECWazPbaCL&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F103
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=657386e7-9a55-427f-8af0-564a55c330a3
35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=657386e7-9a55-427f-8af0-564a55c330a3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.241.76.6 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
envoy
content-type
image/gif
cache-control
private, no-store, must-revalidate, max-age=0
x-envoy-upstream-service-time
5
x-region
ireland
content-length
35
expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=657386e7-9a55-427f-8af0-564a55c330a3
date
Mon, 04 Apr 2022 13:02:33 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1649077352469
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:32 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame F103
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=lx70ravrAiYt&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=lx70ravrAiYt&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 13:02:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=lx70ravrAiYt&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7597cd5c75-29gdj
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame F103 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:31 GMT
content-length
0
sync
ads.servenobid.com/ Frame F103 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_ac4f9c03-98ba-402f-a6ba-17105df9e665
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.114.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-114-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame A47F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 04 Apr 2022 13:02:33 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 04 Apr 2022 13:02:32 GMT
Expires
Mon, 04 Apr 2022 13:02:31 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4320 2f2dfe5 master cdg-pixel-x12 config:1.0.0
location
https://rtb.gumgum.com/usersync?b=mmh&i=2d91624a-ec65-4500-8419-8b05b61f5bd5&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame BB43
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YkrsYQAAAFzv4gQS&gdpr=0&gdpr_consent=
35 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YkrsYQAAAFzv4gQS&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.76.6 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif
date
Mon, 04 Apr 2022 13:02:32 GMT
expires
0
pragma
no-cache
server
envoy
x-envoy-upstream-service-time
5
x-region
ireland

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 04 Apr 2022 13:02:33 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YkrsYQAAAFzv4gQS&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4022-HHN
x-timer
S1649077353.084142,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 3897 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYzRmOWMwMy05OGJhLTQwMmYtYTZiYS0xNzEwNWRmOWU2NjU=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 13:02:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D8A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=41038
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 00:26:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 9F7A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=aec56716-60b8-45e2-ba5b-1871f829bba8&t=1651669353
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=aec56716-60b8-45e2-ba5b-1871f829bba8&t=1651669353
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 04 Apr 2022 13:02:33 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
209
content-type
text/html
date
Mon, 04 Apr 2022 13:02:33 GMT
location
https://rtb.gumgum.com/usersync?b=ttd&i=aec56716-60b8-45e2-ba5b-1871f829bba8&t=1651669353
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usync.html
eus.rubiconproject.com/ Frame 6A31
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:33 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Apr 2022 13:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usersync
usersync.gumgum.com/ Frame 35FB
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=1664355947555136799&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
  • https://usersync.gumgum.com/usersync?b=emx&uid=1664355947555136799brt309291649077353087286f1
35 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&uid=1664355947555136799brt309291649077353087286f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.76.6 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif
date
Mon, 04 Apr 2022 13:02:32 GMT
expires
0
pragma
no-cache
server
envoy
x-envoy-upstream-service-time
0
x-region
ireland

Redirect headers

content-length
0
content-type
text/html
date
Mon, 04 Apr 2022 13:02:32 GMT
location
https://usersync.gumgum.com/usersync?b=emx&uid=1664355947555136799brt309291649077353087286f1
usersync
rtb.gumgum.com/ Frame E57D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YkrsacCo8X0AAC9eHBEAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YkrsacCo8X0AAC9eHBEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 04 Apr 2022 13:02:33 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Apr 2022 13:02:33 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YkrsacCo8X0AAC9eHBEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
3
X-SO-HostName
m-ad195.dc4p.scaleout.jp
X-SO-IP
84.19.175.183
X-SO-Key
YkrsacCo8X0AAC9eHBEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":3,"gdpr":true,"ipv4":"0.0.0.0","key":"YkrsacCo8X0AAC9eHBEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad195"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad195
usersync
rtb.gumgum.com/ Frame E4D0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=300sOgMA8FRdlTt13BQi&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=300sOgMA8FRdlTt13BQi&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-216-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 04 Apr 2022 13:02:33 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Apr 2022 13:02:33 GMT Mon, 04 Apr 2022 13:02:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=300sOgMA8FRdlTt13BQi&pi=gumgum&tc=1
pragma
no-cache
st
capi-tier-2-us-east-2.connatix.com/tr/ Frame C601 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/st?v=157363
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.191.18.57 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-18-57.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 04 Apr 2022 13:02:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
async_usersync
ib.adnxs.com/ Frame CDC8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1f6fcd7-f6d7-42d9-91ee-d005c653b1ed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
cs.emxdgt.com/ Frame D2E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Mon, 04 Apr 2022 13:02:32 GMT
usync.html
eus.rubiconproject.com/ Frame 8B40
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 13:02:33 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Apr 2022 13:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
server
AkamaiGHost
uc.html
go.sonobi.com/ Frame DA14 		43 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, private
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 04 Apr 2022 13:02:33 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Server
sonobi-go
Tcn
Choice
Transfer-Encoding
chunked
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
X-Xss-Protection
0
cm
gift-connect-d.openx.net/w/1.0/ Frame 9FC5 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 04 Apr 2022 13:02:33 GMT
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE0A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=41037
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 13:02:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 00:26:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2E04
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1664355947555136799
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1664355947555136799
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:33 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
10e8f77c-b10c-4405-b41b-a07908db37cc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=1664355947555136799
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2E04
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YkrsZT8zjabB7Ro.6wDdUQAA%261153
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YkrsZT8zjabB7Ro.6wDdUQAA%261153
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:33 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YkrsZT8zjabB7Ro.6wDdUQAA%261153
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Mon, 04 Apr 2022 13:02:33 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2E04
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c973407aa08308819fb7ad04
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c973407aa08308819fb7ad04
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:33 GMT
content-length
0

Redirect headers

Date
Mon, 04 Apr 2022 13:02:33 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=c973407aa08308819fb7ad04
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 2E04 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2E04
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 13:02:33 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
date
Mon, 04 Apr 2022 13:02:33 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/ Frame 2E04
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 13:02:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
cache-control
no-cache
content-length
0
56939
i6.liadm.com/s/ Frame 2E04
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab&_li_chk=true&previous_uuid=b15eeae7212e4eec900d979de76c507f
  • https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
0
0
usync.js
eus.rubiconproject.com/ Frame 6A31 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4e4cb4b7e0d4a670b5cf6548fa4f4f146cb417bebe9f8991ba7d65d517593e53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28745
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Mon, 04 Apr 2022 21:01:38 GMT
usync.js
eus.rubiconproject.com/ Frame 8B40 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4e4cb4b7e0d4a670b5cf6548fa4f4f146cb417bebe9f8991ba7d65d517593e53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 13:02:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28745
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Mon, 04 Apr 2022 21:01:38 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 6A31 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L1KQ2NT8-N-2BVI
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8B40 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&khaos=L1KQ2NT8-N-2BVI
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJT0xuTFRG82cORlPV4Bz4s&google_cver=1&google_push=AYg5qPLdEhlz4wqysXpFuHdkxgfxIysngCCglrWhJJ384Fqr49BM8OLWof0OzDRIo07h9uFsStU6PkvmB7ZI6frbxUynjy4pkFE
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
i6.liadm.com
URL
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab

Verdicts & Comments Add Verdict or Comment

417 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| gform string| gAMP_urlhost string| gAMP_urlpath string| gAMP_urlquery string| gAMP_contentid string| gAMP_category string| gAMP_contenttags number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad300x250ATF object| ad300x250ATF2 object| ad728x90ATFTAB object| ad728x90STICKY object| ad300x250ATFTAB object| ad300x250ATF2TAB object| ad320x50ATF object| ad300x250ATFM object| ad300x250ATF2M object| ad2x2skin object| adGoogleAdXInterstitial number| gBrowserWidth object| desktopAdUnits object| tabletAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount function| _0x2484c2 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| googletag object| pbjs function| _0x47b6 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| _0x4815 function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| $ function| jQuery object| gdprDynamicStrings object| gdprStrings object| kss object| sNew object| s0 object| dataLayer boolean| jQueryMigrateHelperHasSentDowngrade object| cnx_usr_storage function| __uspapi function| __uspOpenUI object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| pPk53m2 function| pPk53m3 object| xop object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| kasperskyDynamicaReCaptchaData object| jQuery11240025879584420908763 object| kaspersky object| prmOm object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackLRCFallback function| trackMaxymiser function| trackAuditories function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackPageViewOnLoad function| trackPartnerLocatorSearchEvent function| trackProductView function| trackRegistration function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetBusinessType function| omGetGoogleAnalyticsClientId function| omGetHostName function| omGetOrigin function| omGetPageNameFromPath function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omPushEventToDataLayer function| omCreateEventParamsObj function| omPushTrackingObjectToDataLayer function| omPrepareProductsString function| omHandleClick function| omHandleMessage function| e object| sng object| s object| visitorConfigObj function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in object| _uxa number| s_objectID number| s_giq object| MZ1D6o2 function| MZ1D6o3 function| xblocker object| google_tag_manager object| player_instance_e1c399411ce54d3c8937254ee481a700 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| postscribe object| google_tag_manager_external object| GYSwcO function| GYSwcp function| xblacklist boolean| creativeVendorLibraryLoaded object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| twq object| recaptcha undefined| google_measure_js_timing object| google_reactive_ads_global_state object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| gform_i18n object| gf_global object| gf_legacy_multi object| gf_legacy object| PublisherCommonId object| ID5 number| google_global_correlator function| gtag object| twttr object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input function| cnxProxyTask function| onYouTubeIframeAPIReady object| Placeholders object| gf_form_conditional_logic string| gf_number_format function| do_callback object| closure_lm_775557 object| sas object| apntag object| _ADAGIO string| main_loc object| in_domain object| locale_out undefined| url_path_start_latam undefined| locale_out_latam string| firstPart undefined| locale object| url_path_start undefined| domain_loc function| SetCookie string| newCookieValue string| _linkedin_data_partner_id function| lintrk boolean| _already_called_lintrk object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| s_i_kaspersky-single-suite boolean| DFPSFMessageEnabled object| ONFOCUS object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| google_ad_modifications object| google_prev_clients function| cnxAddEventListener

109 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ5eytpf8vCgoIgQIQ5eytpf8vCgoI4gEQ5eytpf8vCgoI5gEQ5eytpf8vCgoIhwIQ5eytpf8vCgkICRDl7K2l_y8KCQg6EOXsraX_LwoJCAsQ5eytpf8vCgoIjAIQ5eytpf8vCgkIXxDl7K2l_y8=
.t.co/ Name: muc
Value: f0eebf9a-3372-4234-8f7a-1fc2277aa7b6
.bit.ly/ Name: _bit
Value: m34d2n-11fc39bea388ebf1d7-00Q
.threatpost.com/ Name: _cs_mk
Value: 0.8084352400757455_1649077345455
.demdex.net/ Name: demdex
Value: 31996850983410927710179151836438174771
.threatpost.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
threatpost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YkrsYQAAAFzv4gQS
.threatpost.com/ Name: _gid
Value: GA1.2.1886825372.1649077346
.threatpost.com/ Name: _gat_UA-35676203-21
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 31996850983410927710179151836438174771
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: c973407aa08308819fb7ad04
.rubiconproject.com/ Name: khaos
Value: L1KQ2NT8-N-2BVI
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3E+uACLlK1rObASkO6QPb7E03ikE5KqM0cPxm3GZEWzJhtaZArAw38azGDAnZkjgciW6Q58jarRAvAG15loFpV9ffqWu8FjBY=
.t.co/ Name: muc_ads
Value: 4964a0f5-0aae-4adc-be21-6dc1e1240134
.threatpost.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19087%7CMCMID%7C24672568597219174330875558749587386985%7CMCAAMLH-1649682145%7C6%7CMCAAMB-1649682145%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1649084545s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19094%7CvVersion%7C4.4.0
.twitter.com/ Name: personalization_id
Value: "v1_GI/jSXKu0Lk59wKvwAcCPg=="
.openx.net/ Name: i
Value: f3e3f05b-8919-4bc9-96c0-52ec973f26cf|1649077346
.adnxs.com/ Name: uuid2
Value: 1664355947555136799
e.serverbid.com/ Name: azk
Value: ue1-sb1-1a7c863a-e335-43ab-acac-7ea4448bc4ab
.quantserve.com/ Name: mc
Value: 624aec62-64e5c-a1183-ea5fa
.threatpost.com/ Name: _pubcid
Value: 1c3b3bad-1b4a-4252-a6c6-844a43c89b77
.threatpost.com/ Name: __qca
Value: P0-1634125624-1649077346389
prebid.a-mo.net/ Name: __amc
Value: 1_1649077346_1649077346
.threatpost.com/ Name: _gat_UA-63997723-2
Value: 1
threatpost.com/ Name: CookieConsent
Value: {stamp:2008257939=='|Cnecessary:true|Cpreferences:true|Cstatistics:true|Cmarketing:true|Cver:1|Cutc:373060135|Cregion:'not_gdpr'}
.threatpost.com/ Name: _gcl_au
Value: 1.1.962064949.1649077347
threatpost.com/ Name: usprivacy
Value: 1---
.threatpost.com/ Name: _ga_YP1JLG57CH
Value: GS1.1.1649077346.1.0.1649077346.0
.threatpost.com/ Name: _ga
Value: GA1.1.1501078788.1649077346
.linkedin.com/ Name: UserMatchHistory
Value: AQJoS_xdp4iWJgAAAX_0q2JACpERq0dMJeC2eMP-b3lSeC0YMG4UTW1dyeYDAAV3Seup_nK9tsBucA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJMO6S6hGjrrQAAAX_0q2JANPogyObhEq1hd0PT0bHUcpSYiUu2hXy_L6BY8YEVx0NoM8PgjJPPKFK6gJLfxA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&44fae8f2-9031-4dfa-8625-4264537dcf7e"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2688:u=1:x=1:i=1649077346:t=1649163746:v=2:sig=AQFDyOIjQUoElrDRshUbbPD3gdILOEwk"
.threatpost.com/ Name: s_cc
Value: true
.adnxs.com/ Name: icu
Value: ChgIzLJhEAoYAiACKAIw4tirkgY4AkACSAIQ4tirkgYYAQ..
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202204041302272e2be529-822b-4684-8f9d-737f0694b097AQFsMlDUOhSled9qI9SrggEf_wtq-tXn"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDkwNzczNDc7MjswMjFYAMHRnSdFOsO+KwW5YMnc0mDroy1h4FIIMhxwQt6Lgg==
.doubleclick.net/ Name: IDE
Value: AHWqTUletDEH-7OuoaW4ZHFFWxDg6mU4yW2Tpt3EAcXA4QItFOGPvq9UlpJhHsClue0
.threatpost.com/ Name: __gads
Value: ID=e5465bdbb129e03e-22fa35fa6dcd0000:T=1649077346:RT=1649077348:S=ALNI_Mb9thao8mm7vCgvFRKP-KlUUYSBDw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.rlcdn.com/ Name: rlas3
Value: pbN7ybIhFcxPbcBIHHf7RM8UKecoRGqbB5LquH85Saw=
.casalemedia.com/ Name: CMID
Value: YkrsZT8zjabB7Ro.6wDdUQAA
.casalemedia.com/ Name: CMPS
Value: 3194
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 52006C40-51A1-4A7D-843E-8A6DF2FAAFE6
.rlcdn.com/ Name: pxrc
Value: COXYq5IGEgUI6AcQABIGCOndKhAA
.casalemedia.com/ Name: CMPRO
Value: 1153
.quantserve.com/ Name: d
Value: EBQBDwHpJYEPisMA
.mathtag.com/ Name: uuid
Value: 2d91624a-ec65-4500-8419-8b05b61f5bd5
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8166380972068872673
.threatpost.com/ Name: cto_bundle
Value: TypTfl9pbGd6emEzMGRTZyUyQnZOJTJGY1BqcU1JQzlSQ0ZWbnp6aG1tZ1dnNVFmZHdqdlpQM3M1JTJGc3pYcHVZakVxUUg4SXBLUHdjWDFBeWYxdjd5WHYxNVFwYkpMWkw2TVdIVUhyeVJDVk5PeFlQNEFXWWpyUTNvV0EwM0ZrVTM3aHg4YWFCZQ
.threatpost.com/ Name: cto_bidid
Value: tOy96l9qYVhjNk5tMlFnbHpsUCUyRnNVaEpMZ3VwMmh4SHNyZnJkWHh5WXFTRFE0cUdQNVVLQ1ZwTDJDR2NtWlpJZ2IwaUpTOTBYSmx5cUFWU0xHcCUyQjRCT1o0ZVElM0QlM0Q
.openx.net/ Name: pd
Value: v2|1649077349.2|kiiygevNgun0.gqsLommOnsgi
.3lift.com/ Name: tluid
Value: 1003343697020636669915
.w55c.net/ Name: wfivefivec
Value: ncf50Y081NBmlO5
.w55c.net/ Name: matchopenx
Value: 5
.bing.com/ Name: MUID
Value: 13B3428370226A4D155B53FF71F06B6E
.servenobid.com/ Name: pid_312
Value: 1664355947555136799
.a-mo.net/ Name: amuid2
Value: 4b5900e0-cf97-4ace-9daf-16205d8ea36b
.servenobid.com/ Name: pid_327
Value: 4b5900e0-cf97-4ace-9daf-16205d8ea36b
.yahoo.com/ Name: A3
Value: d=AQABBGjsSmICEHUm6q6JSRLJwGlMnjPgHbAFEgEBAQE9TGJUYgAAAAAA_eMAAA&S=AQAAAqtsCEp3xBl6byRc9AfHEjQ
.smartadserver.com/ Name: pid
Value: 1107490994416127515
.gumgum.com/ Name: vst
Value: e_ac4f9c03-98ba-402f-a6ba-17105df9e665
.servenobid.com/ Name: pid_333
Value: YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADslzmtoZmJpYG5ubGpkbGQKAHWEos8QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjQwMzeztLAwNxLiM9TVDc4yrSoorCzSLXcFAPPSO7klAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjQwMzeztLAwNxLiM9TVDc4yrSoorCzSLXeV4jU0M7EEKjI2NTI2MgUArI6zmzQAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_337
Value: y-0PTNXalE2uGAglUN0PwlhC6xKz3gikfI0veEky8-~A
.servenobid.com/ Name: pid_324
Value: 5131077721067698872
.servenobid.com/ Name: pid_317
Value: 1107490994416127515
.bidswitch.net/ Name: tuuid
Value: 613af705-9966-4c10-bc6c-e2f98394d1e5
.bidswitch.net/ Name: c
Value: 1649077352
.bidswitch.net/ Name: tuuid_lu
Value: 1649077352
.servenobid.com/ Name: pid_310
Value: c973407aa08308819fb7ad04
.servenobid.com/ Name: pid_309
Value: e_ac4f9c03-98ba-402f-a6ba-17105df9e665
.bidr.io/ Name: bito
Value: AAFFWE7EldkAADcMNZDlzg
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDID
Value: aec56716-60b8-45e2-ba5b-1871f829bba8
.casalemedia.com/ Name: CMRUM3
Value: b0624aec6805a00&2d624aec682760CAESEBh8f1f7B-traY2u6N6XWcU&03624aec6827602d91624a-ec65-4500-8419-8b05b61f5bd5&0d624aec6805a0&e6624aec682760&82624aec68a8c0&27624aec680b40&f1624aec6805a0
.zemanta.com/ Name: zuid
Value: 8XMS5r-ad0ECWazPbaCL
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A6M1vqk8YkykppwxCILCbfc
.emxdgt.com/ Name: euid
Value: 309291649077353087286f1
.creativecdn.com/ Name: u
Value: 300sOgMA8FRdlTt13BQi
.creativecdn.com/ Name: ts
Value: 1649077353
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwig-LzNw5HLOhAFOAE.
.360yield.com/ Name: tuuid
Value: 657386e7-9a55-427f-8af0-564a55c330a3
.360yield.com/ Name: tuuid_lu
Value: 1649077353
.creative-serving.com/ Name: tuuid
Value: cd207872-7f33-4be8-8857-735adcdd8257
.creative-serving.com/ Name: c
Value: 1649077353
.creative-serving.com/ Name: tuuid_lu
Value: 1649077353
.smartadserver.com/ Name: csync
Value: 124:28d3328f-2efd-4242-89ba-438a57aa0241|127:AAFFWE7EldkAADcMNZDlzg
.casalemedia.com/ Name: CMST
Value: YkrsZWJK7GkA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 22ed77b396f3e85a
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.advertising.com/ Name: APID
Value: UP7df41b54-b417-11ec-8f55-06ba5f4ab10e
.emxdgt.com/ Name: eapn_id
Value: 1664355947555136799
.go.sonobi.com/ Name: HAPLB5G
Value: s569|Ykrsb
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~2451:17ot~2451"
.outbrain.com/ Name: obuid
Value: 4622203a-f7fb-4c52-9ac7-b3f837abe04b
.ipredictive.com/ Name: cu
Value: 7df94c00-b417-11ec-aad8-9f94043e2d80|1649077353238
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ae3f4c31-88f5-487a-745b-9c383c23faf1.ayXgeEo%2F0ymrsV7MBMd5XZNNvM856kcc3QCEuu76NgQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Arj9MMYj1SHp0W5w4PCP68VQTr7c.Twa9jM7bNQC2kdxZqDcAhuUPOyC8UGoA827%2B6f9kFoU

25 Console Messages

Source Level URL
Text
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJT0xuTFRG82cORlPV4Bz4s&google_cver=1&google_push=AYg5qPLdEhlz4wqysXpFuHdkxgfxIysngCCglrWhJJ384Fqr49BM8OLWof0OzDRIo07h9uFsStU6PkvmB7ZI6frbxUynjy4pkFE
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://js-sec.indexww.com').
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkrsZT8zjabB7Ro-6wDdUQAABIEAAAIB&google_gid=CAESECfoecKDpEVlUhMKBlmUoEs&google_push=AYg5qPJpzsV4bcoafzoHsQX2PWg4RQegt2pMip1BOnYBm1PABNgz_yBNJwFyvk1eeyV1poBKNRMI45aWEjPv51kalh3K0y3xXyqt&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/?utm_source=twitter&utm_medium=rss&utm_content=news
Message:
The resource https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

161218b8c5b7a26f59efa6225ec5496b.safeframe.googlesyndication.com
9582686.fls.doubleclick.net
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.creative-serving.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
ap.lijit.com
assets.threatpost.com
b1sync.zemanta.com
bh.contextweb.com
bit.ly
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cat.fr.eu.criteo.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs.emxdgt.com
csm.eu.criteo.net
csync.loopme.me
dpm.demdex.net
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.ipify.org
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
kasperskycontenthub.com
lit.connatix.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.kaspersky.com
media.threatpost.com
mp.4dex.io
mug.criteo.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
px4.ads.linkedin.com
qd.admetricspro.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
threatpost.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
cm.g.doubleclick.net
googlecm.hit.gemius.pl
i6.liadm.com
sync.1rx.io
sync.adotmob.com
104.111.219.144
104.244.42.133
104.244.42.195
124.146.215.50
13.107.42.14
13.248.245.213
132.226.63.138
134.209.129.254
142.250.181.226
142.250.185.230
142.250.74.194
147.75.38.124
15.188.95.229
151.101.130.137
151.101.2.137
151.101.2.49
151.101.65.108
169.197.150.8
178.128.135.80
178.162.133.148
178.162.133.149
178.250.0.160
178.250.0.162
178.250.2.135
178.250.2.146
18.156.0.31
18.191.18.57
18.195.155.181
184.30.16.79
184.30.20.198
184.30.20.241
185.184.8.90
185.29.134.244
185.33.220.100
185.33.221.52
185.64.189.112
185.85.15.23
185.86.137.107
185.86.137.133
193.0.160.129
198.148.27.139
198.47.127.19
199.232.136.157
205.185.216.42
209.54.180.3
213.19.147.43
213.19.147.45
216.52.2.19
216.52.2.48
23.37.38.181
23.37.42.132
23.79.143.124
23.88.75.187
2600:9000:2057:ca00:2:9275:3d40:93a1
2600:9000:206f:a800:6:44e3:f8c0:93a1
2600:9000:206f:b600:1e:a43d:b640:93a1
2600:9000:214f:aa00:0:5c46:4f40:93a1
2602:803:c004:200::143
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:cf70
2606:4700::6812:272
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:21::14
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a02:26f0:3500:7::17d8:4dd2
2a05:d018:d29:3605:2e02:fe1c:9c40:529
3.120.46.78
3.121.156.220
3.125.247.50
3.248.114.100
3.248.155.194
3.65.142.105
34.241.76.6
34.253.74.200
34.98.67.61
35.157.246.167
35.158.60.56
35.173.160.135
35.211.178.172
35.227.252.103
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.236
46.105.202.126
51.38.120.206
51.89.20.87
52.2.37.89
52.215.111.225
52.215.248.120
52.215.3.215
52.28.203.152
52.51.88.158
52.71.178.197
52.95.115.196
63.32.216.168
64.140.160.2
64.202.112.159
64.202.112.255
65.9.62.173
65.9.66.8
67.199.248.11
67.202.105.21
69.173.144.138
69.173.144.139
69.173.151.100
011e26a1e3dd4b22cf48de0fc63897650d94104ca9dfe3c00c0c9dfe43288b49
02f9d93789c1c6eb90e5a580da466fb57aa49759c8a2caac2a945744eb66f60f
0319dda8bc353609a3f6b03a9d44ccce12e185b9a5bc4f1488b36aeecf3ae727
035df097bc74e84537d1a6a2eaa9a876c0356b3ae928b81a6e0c9ea9809dd1f0
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
084885652dacd1b70a7979e7631caa6fe5985a5c1b872c28dd890d9ea39cec3d
0849eef021b381cb3f64d424bdd29839513dbb4e964aef0420136906426a18de
085f299301d3258baf25d3cdaf1ff539b13a00169b765b1c8abaabc5fe353d2b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac2e8b703898e10c303ba046d2ab970637e88801cbc4cdda6585e61b6f9b01b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d7826423303bd5e4ada20540bba31ba27a9a969cf42eb96c49406d59aeea9d6
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1618d4c138be4e3f43687a1ec96abfe55e293b7e70db7f87f265620a57ffee35
1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a10f9fa7c2fb4c634ffe3409b7b2ea3e11135e7a6e58ee930c25603ad19baf4
1a125096dce20357e3049f8166f66af69a0e57f5f802696000ab095613703e8f
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2
1cc9c219fa400253ea97a9a8e05a2047ec7a53bb945044d0749eaafb092eb725
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f3d8b57f69b73694c38ba6bbf8ddc46c8a5e52db401795fa8ab80643e14236d
2278f037015b13e484b8c2ce9df3b9746aa77437e395f69fe2363a80bb1f294e
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
2a647d79b31b4b19f30c795aac862bcf5b424731c732e239775127b8ac4aae0a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae66940fbe736cd2c2cfea156ace41b7d90da7484b4e729df84e79df56006d1
2afff3ee5166bf10f63309d39faeb09bd03b29723bfb1f3641fa2fd81a843988
2b4b72f6d2ae58c1a97477ce595d75502f331c831bc1d3807ee2a43bf5834d93
2bd09d2e44f424bfcc92620af406255a45ee9ca293e120bce94fb24f4d23c946
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
369c67a5afb2ffa25d4480b3781a938e7fe7c5633f89d36570e2c1cc23c49eff
3788f6d78d3779c5cb9799b5a5194c8e4f56de10b3c7cc962dd4ff56a006c076
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3816f0b0d7dee1e108f9f85094edf7e441cee6ead1547a990857101339be168c
38bcffa1db31e2a8d1265695264979efdc15f408d921cc09ec2c4c692bc5eaf7
3913174a244e517f81f52fa0a86507151deb953f12788d082ec69dd64a287fee
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3b9d39edb2591de65a095117689dd79effa44a7cf3e0a594d01c978b2f05d00e
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4117d1ef6b351728bbd00977fc1948bea37ada0740d7c6a8eb59dda4d122189e
41f047950d4db7e04d250ebe65613aaaf482546a855d9321d1536ecb8ab6cccf
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450927ad79b0f7b072e03740912d08026dbcb25f21ca69fe6edd133c05ada3ba
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
45fa6ca98519b20044e3a92fde28844cc7dd7ec58e017409784a58959856112d
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4760ee4d7134a0cc2f9e3889c2d969a97bfc90be0f22767a279b52e7837781dc
47aae96301ccc90eb99c9f1e043f25930d33ea7b9fedb78ea93dcb9723322696
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4d3f15221b01e91228492c2b269925c8d0b94c1d6ca12a9e1dc435b63338a301
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be
4d8b2849f76b95fe4390b50b2d8f14ff2bba99b6b1b0200f7c65b122de7396aa
4d94a0f51bade076fa154e469f12563fcee377fd94d79ca6d080d231e0e8b1d1
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0b5563ff1fc5175d65e11e1546bee1945486d65d76c9248bdd77487532dadf
4e4cb4b7e0d4a670b5cf6548fa4f4f146cb417bebe9f8991ba7d65d517593e53
500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ae4690f0c869651b8799bcfb36b1c966ed1f383af075b34bcd66ce1aa37607
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
56fb7260574f7cf5d06ba4c7934ae29b4cab9fd8830623cc9c2ac234e04eec83
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68cc26362c0cc4baa161311ed8f92a440624b120f844cecef402a4c7f94bf39d
68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
69f0ade8cca67112ef495f707fb73c68fd5099a6cd9c51d9ba9ceda8dcca16f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c1fdfde75967e5ce858444d2ede542d2462dfe8e48a417358d6af86c95cefbe
6c8e343da3b15a6a26e0367b83d1c97813863ea6e6a905bd9e69870bb0a0ebd0
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32
6feb78259d1f20dff7a50f8138ad210cfa8ff2c02fdee279faacd76ddd82187f
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
78d6848b6911d7bdaf2859fdf34dc411578f9a59629e1469fcdd57abc7ba5985
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7de67172e550589f7ad1103eca613bde127537f6626553253056ca9b236c5f25
7e75ade51afcae47ec8dedc46bd50962ebb58b46638a69951f1f494c5052fe14
7fd8f04c131c8fa9a34f45a6ac563bccda487f1e6f72ad9f81231d474cf221db
7fd9983a3429d6ead1f66bf933770f9b790818b189e39ff0f2a0d3f590bbf67b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bd5c5ee263222372ea62269eb1814c32b3a241bd37fcb5d6b7c5584590c8ee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b71d29a8e8056bafe95386548a5d5c284d9afda70feeee8e82e33a9be6ed265
8ca486fd34f35f010ea14413ec30fab0ac8a671c8e6a81acf61ffcf57c8ac5f8
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d681f4a9e12e92a8a397af8be86b00eb29b99c5a6a9c778153a408951e25693
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fadbfd3d6ccbaaf484f09b1a2df77ac8901b47a99a00c483827a84d40da3bd8
8fb4a4f4521a94032afdb851a8612f898a1e8a40705d06df03ddfa932d3ca274
9005df0ceac13bacee220e4590b1a12a1b91bc548dc3602261e99c142c8cc61f
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
931dc539e87db7f509be9c77dfcc9b2baee0b91e5236aa04580ab14ed81e2cc0
93e4edc3a827c983263d5d4d48a45f4dbe72acf0ab7397e1ccd19ae3b08512d6
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
94b11dcebc7b200b22b9561a3d0807bde8f84b2454063facd429ab5dc43d7b6a
96177abf5cc11faffebedf8ee3f287462039d9d1beab76d47372f0f219d5ea7e
96b5d31ccfb24de7fafa75fca3bf3db1be26e0810f6278715bff2649076de10a
9777aecf115c11a879493cbc69604d0ffd41e807437399294b318cf55ac6482a
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99da33b0e140654163bc11270aebc7bcb407d13877cc17414a908762d0ede696
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aee683e8fb4c075678fb66baa1d74c4874a0dde6555bac4f6fce9e5c121b655
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9e61a23517fe663c24700bfd537832559c0537236ea6a276453c6b90f7db2504
9e89048f0456e3b02cedb7cf76410b3576a32bad0f1cc024640f01e1339b3a71
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3ad19d72f0fa03be1e4a9346a814299aaefacd689da1c35bee8927f74353087
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9ced220b525deb30aa915ff1c1ca6c2f2a0afd922b767c71e601fdb025bbfe8
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad2f66af191c8d0723d8c8fc22c61a083ba0bb5e3dcf4f7ab2b73b5597d7c2a8
ad466bf5bd3260297c0582435e86872bec1ea288884d96aecb461d53025fb69b
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
ae3d534ceb0aee11dd35e2403dee22f2136a3d3ff818024e91766cea037db97d
b0c35bcc511183abbaf158b20f6f4a85a54cf4353b4df88163dc9425d97e4ca6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ef662270ba47324caccb1ae542e1b4dec067af422a342c83a2549f544476d1
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b6f4ca5a5542f2116c568bfac112eb7f19ea09143a54e87c7733587d6be0bfe8
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
b9dba0fa4439838b5f5cb311114a54e3116c34903fd4c318fff229625e4f5652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd0354ee4b65958ecd3e80e7acd9af3011207b46eb6ae1ce6a2e6f60aec8a970
bdfd60b477fc3a53026309cc91965dae061323c4a99562dabdd08831147528b2
bfb48a9884ea1ce7b47da60b4a99b5a8eec9d1007be88eb938c0c62198fef1e8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd3767c9daaaaf6b31ba6dd8821d1cf09594ffdddb05a60b81d960aa4e2f44e9
cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2
cffd11b50941bd26845b3fc737167315c5e4d395486ac9ed43e27cc7d9f9153e
d025af7dcbd821e505ec92bb6c4baa654503ca9a5ae3c1c1e28080e1e49ca39c
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d169d3a4b1033d3230aac154b9ec04e736c19849382d1b8327a82228b2b3b588
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d40a2cf12ea21acda522d8dc8ab7129f169a6d23ff557b10ac40bb865fea0fd7
d4fac9605c33d5f9494c8953a691751eaa9b195d60607ed9dbc4774ed79ef8ae
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d8bd1954d35c36441c577e571af12e327da0115465a35f85bca7f6976ad49dda
d934126d14e4ce060ce2891f76cd49d67bcf882ddebf2415890ae83475659186
d9522ba6ffaffa65b1eeed93a6b06d558952208ea4e4c2e1f804169554acbf0c
da7bcf2d014963663ba06f496c5e124143acb400d62231322a3981f19a54d9a0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfbaee8b26c48b6a68b9a5b4311a88d3bb176653902d120d4c1ac711773ac1be
dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0
e070c65fa6115515c6dd68f600a8bbc9ff1271d9d8b235c48723942efc67c3e0
e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e1fe705025dac3ebef230fd2658660346e54804a6af24c4158f8eb9b38d86f4d
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2835af998d5ef885bfa14a1b1995c7724d5b6a76f545b4a491763bff6f0dac5
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e304fe64feae706478167180bda389ac45da00b7f7701353fcdfad5057b687d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e5589f5fda91eda128d0be961de347b90b39bc8af3238bbcbe2fa24d54a5d65c
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e6846f750959d98e6eecdc6b904a1b90516a8405e4fc5c209649a7b3e0112360
e835bb6d7c7c4257a23e7478c09a0f2a9e9b25fba9b48d2ce49401b5e96a690c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e998d70d54146b70fbd8882efdd0682978dbc337f03a6e22367cb97aadf9e573
ea3621fdcf4fdc76b56e8c991b01c51ff0769202741363519c769a6c8fa6d76e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ee44eb7662161fad136510868954c7e2032388bdfe5cc60c34987c031c5a5807
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10d6df70aeb2a13a4dbc1884367e40efee7505ca85f7e600662649de16c56c2
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
f4420b229c2b7c192a444ba4a1ee7bdf8125654a03202c1c61003a6b3bcf0055
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
fa2ac853e14f092148ab831e2e5805f1d1e36f104497830866d5ccc53171f47f
fcd5b810a68022abba291f6b53d7934bd1366d8d211b0e968dc96310e17c453c